From addb9b5a71ff96bdb1a4c15bc9345de0d7f2c98c Mon Sep 17 00:00:00 2001
From: Pieter Wuille <pieter@wuille.net>
Date: Thu, 17 Jun 2021 16:54:56 -0700
Subject: Improve comments in taproot signing logic

---
 src/key.h | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

(limited to 'src/key.h')

diff --git a/src/key.h b/src/key.h
index d47e54800c..92cbc1e899 100644
--- a/src/key.h
+++ b/src/key.h
@@ -133,10 +133,15 @@ public:
      * optionally tweaked by *merkle_root. Additional nonce entropy can be provided through
      * aux.
      *
-     * When merkle_root is not nullptr, this results in a signature with a modified key as
-     * specified in BIP341:
-     * - If merkle_root->IsNull(): key + H_TapTweak(pubkey)*G
-     * - Otherwise:                key + H_TapTweak(pubkey || *merkle_root)
+     * merkle_root is used to optionally perform tweaking of the private key, as specified
+     * in BIP341:
+     * - If merkle_root == nullptr: no tweaking is done, sign with key directly (this is
+     *                              used for signatures in BIP342 script).
+     * - If merkle_root->IsNull():  sign with key + H_TapTweak(pubkey) (this is used for
+     *                              key path spending when no scripts are present).
+     * - Otherwise:                 sign with key + H_TapTweak(pubkey || *merkle_root)
+     *                              (this is used for key path spending, with specific
+     *                              Merkle root of the script tree).
      */
     bool SignSchnorr(const uint256& hash, Span<unsigned char> sig, const uint256* merkle_root = nullptr, const uint256* aux = nullptr) const;
 
-- 
cgit v1.2.3