Greetings.
I wanted to ask what was the rationale behind still having both public
key and signature in Segwit witness?
As is known for a while, the public key can be derived from the
signature and a quadrant byte, a trick that is successfully used both
in Bitcoin message signing algorithm and in
Dilution is a potential attack i randomly came up with in a Twitter
arguement and couldn't find any references to or convincing arguments of it
being implausible.
Suppose a malicious actor were to acquire a majority of hash power, and
proceed to use that hash power to produce valid, but empty bloc
Neat.
Some minor notes as an outsider who just spent an hour implementing and
playing with this:
-In several places you have things like "Let k = int(hash(bytes(d) || m))
mod n", but reference code says things like "e = sha256(R[0].to_bytes(32,
byteorder="big") + bytes_point(point_mul(G, seckey))
Hi there.
Been there, done that.
-Don't try to set big goals at once.
Start small and aim for small steps, i.e. by connecting to nodes, then
getting some data from them, then downloading blocks, then parsing
blocks, then building an UTXO set, etc.
My first long term goal was to simply compute the
