On Sun, Jul 8, 2018, 21:29 Erik Aronesty <e...@q32.com> wrote: > Because it's non-interactive, this construction can produce multisig > signatures offline. Each device produces a signature using it's own > k-share and x-share. It's only necessary to interpolate M of n shares. > > There are no round trips. > > The security is Shamir + discrete log. > > it's just something I've been tinkering with and I can't see an obvious > problem. > > It's basically the same as schnorr, but you use a threshold hash to fix > the need to be online. > > Just seems more useful to me. >
That sounds very useful if true, but I don't think we should include novel cryptography in Bitcoin based on your not seeing an obvious problem with it. I'm looking forward to seeing a more complete writeup though. Cheers, -- Pieter
_______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
