Andrew Poelstra
Andrew Poelstra
Lol, actually, `686A8UK5DRGL8SSSSSSSSSSSSS` (thirteen `S`s) has the residue `QQQQQQQPRRQDN` ... so we can just use prefixes of this of decreasing size.
I think we should provide both forms - the table and the volvelle
You can run the `bench_ecmult` program in libsecp256k1-zkp to measure the performance. First bulletproof costs 144 ecmults (plus G). Every additional one in a batch adds an extra 12, IIRC....
For my part, I have no problem fixing rust-miniscript to add 1 to the signature size estimate. I would also be open to having a more flexible API that could...
See also https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-March/016713.html where I proposed something like this and achow gave me a concept ACK, but I then did not follow up on this (except for the Miniscript-related fields).
concept ACK. I like this approach, it's narrow but general and clean. It could be used for hypothetical broken P2C schemes but I'm not too worried about that. Thank you...
@michaelfolkson yes, I would prefer to be listed in the acknowledgements rather than as a co-author. This is not my BIP to maintain :)
This doesn't actually use BIP39 -- I think it would be clearer and more general to just say "storing fidelity bonds in BIP32 hierarchical trees" and leave the encoding of...
@SarangNoether asked me to take a look at this issue. Here are some notes: 1. The scheme seems sound to me. Certainly, if it's not, I'll have learned some new...
Ah, yes -- but this will be true regardless because the signature hash will change after the BP hardfork (since we will move the rangeproof sidechannel data out of the...