highperfocused/bips
1
0
Fork 0
mirror of https://github.com/bitcoin/bips.git synced 2025-04-03 09:28:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

point 23 (MSDL-pop scenario and commitment) - exception

Greg Tonoski 2024-10-27 21:08:26 +01:00
parent ed7f4d10e9
commit 90095e3f6e
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Comments:BIP-0341.md

@ -2,4 +2,6 @@
There is the should-type requirement of hardcoded constant "TapTweak" in derivation of a private-public key pair used in a spending path that excludes scripts in the BIP-0341 specification. I think that the requirement is unnecessary or too restrictive. I would suggest replacing the requirement with a cautionary note and leaving an option to derive ("TapTweak") a new key pair to an owner's discretion instead. Reasons:
1. avoidance/minimisation of a number of hardcoded values (in accordance with commonly accepted best practices);
2. keeping requirements specification consice and of high relevance to changes in protocol and consensus rules.
2. keeping requirements specification consice and of high relevance to changes in protocol and consensus rules.
Also it may be worth adding an explanatory/warning note that sometimes the described attack in MSDL-pop scenario is not averted by the proposed "TapTweak" mechanism which is excluded for TapTweaks (t) that exceed SECP256K1_ORDER (regarding the point 23 in Rationale section. i.e. https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki#cite_ref-23-0).