Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
[WIP] Draft ZIP: Multisig #221
A short discussion I had with @daira over the community chat. Following this discussion we decided to implement
How, then, should we preserve the spirit of the EdDSA design? When rerandomizing a private key we could keep the same seed for the PRF used to generate
From the point of consensus, any of a number of known aggregate signing schemes can be used and appear the same on chain.
These schemes tend to differ in how they protect against attacks by the signers against each other. I haven't reviewed this scheme cryptographically but because it doesn't require any protocol upgrades it could be accepted by the Zcash community as one of the acceptable protocols for the 2 party aggregate case that wallets might implement.