From 4491902569315b375f5bd41e66d0a21a4e570852 Mon Sep 17 00:00:00 2001
From: Anthony Towns <aj@erisian.com.au>
Date: Sat, 24 Aug 2019 15:08:05 +1000
Subject: [PATCH] note about pubkey collision

---
 bip-schnorr.mediawiki | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bip-schnorr.mediawiki b/bip-schnorr.mediawiki
index 9c80cd54..bb2f9dcc 100644
--- a/bip-schnorr.mediawiki
+++ b/bip-schnorr.mediawiki
@@ -128,6 +128,8 @@ To generate the corresponding public key:
 * Fail if ''int(sk) = 0'' or ''int(sk) >= n''
 * The public key corresponding to secret key ''sk'' is ''pubkey(sk)''.
 
+Note that the two secret keys ''sk'' and ''bytes(n-int(sk))'' will generate the same public key.
+
 Alternatively, the public key can be created according to [https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki BIP32] which describes the derivation of 33-byte compressed public keys.
 In order to translate such public keys into bip-schnorr compatible keys, the first byte must be dropped.