Peter Todd

@RCasatta You've got it backwards: Andrews transaction is a normal sized scriptSig; the OpenTimestamps server uses shorter-than-average bare CHECKSIG outputs that can be spent with shorter-than-average scriptSigs.

@RCasatta Ah, I just noticed that @apoelstra's transaction was using the 65-byte uncompresed pubkey `0460b56a673caf822f0fa1ad0eb7b9681b001a92a5fb1699c9d0040d980a5fbfc87e92753e1633560dae70622b3e4b207fce6a4207397606d43635b97d33091a03` Most transactions these days use compressed pubkeys, which are 32 bytes shorter.

@apoelstra Do you have a ELI5 explanation as to why that's true? Be good to add that in a comment or something.

FYI, looks like @LeoComandini has actually done a thesis that is in part on the subject of EC commitments! https://github.com/LeoComandini/Thesis/blob/master/main.pdf

While other commitment operations work on arbitrary input - modulo the `MAX_MSG_LENGTH` restriction - Secp256k1 introduces new failure modes for when the secp256k1 point is invalid in various ways. I'm...

Holding off until Taproot is fine by me. As you can see, I'm in no rush. :) Good point re: BIP340.

Sorry! Missed this. Honestly, I think the scheme I chose was probably a mistake. Easier to just use fixed-width integers, and more likely to have compatibility across implementations. As for...

> Whoo, thanks a lot for this precise documentation! This should be made public IMHO. Note that the documentation in the above comment has a number of errors. For instance,...

> Is there any white paper explaining: > > 1. the `ots` format (Also, why don't you just use a simple json (potentially compessed with tar.gz or alike) where binary...

I marked it as pending depreciation so any user of it will be adequately warned: https://github.com/opentimestamps/python-opentimestamps/commit/ff2ab8a6510e6a6cfe6c5333c41474e9e05ebdb1