sipa/bips

Issues

• BIP340: clarify impact of pre-hashed messages, or support variable-length messages

  #207 opened 4 years ago by sipa
  71

• bip-340: Reduce size of batch verification randomizers to 128 bits

  #219 opened 4 years ago by jonasnick
  4

• bip340: Cite malleability issues with other schemes

  #215 opened 4 years ago by real-or-random
  0

• Synthetic randomness for batch verification

  #204 opened 4 years ago by real-or-random
  2

• Clarify relationship between synthetic nonces and anti-covert-channel

  #205 opened 4 years ago by jonasnick
  1

• Discussion on power analysis attacks

  #195 opened 5 years ago by sipa
  47

• Avoiding the EC multiplication during signing by using precomputed pubkey data

  #190 opened 4 years ago by real-or-random
  15

• bip-schnorr: Add k values to test-vectors

  #188 opened 5 years ago by Coding-Enthusiast
  8

• bip-schnorr: nonce uses hash instead of PRF

  #197 opened 5 years ago by bipreview
  2

• Squareness vs oddness tie-breaker for public keys

  #191 opened 5 years ago by real-or-random
  8

• bip-taproot/tapscript: abstract out the common message calculation

  #99 opened 5 years ago by sipa
  4

• bip-tapscript: behavior of empty signatures isn't clear

  #101 opened 5 years ago by sipa
  3

• bip-tapcript: summary of sighash changes can be more clear

  #104 opened 5 years ago by sipa
  1

• BIP-Taproot: Optimizing Taptree for expected Tapscript spending cost

  #105 opened 5 years ago by jachiang
  4

• bip-taproot/tapscript: Prevention length-extension attacks in public key tweaking

  #152 opened 5 years ago by dr-orlovsky
  6

• bip-taproot: Publick key tweak resulting in point-at-infinity

  #168 opened 5 years ago by dr-orlovsky
  5

• bip-taproot: Add security argument

  #119 opened 5 years ago by jonasnick
  5

• bip-taproot: Motivation section doesn't address motivation clearly

  #138 opened 5 years ago by AdamISZ
  2

• bip-schnorr: exactly defined is an advantage over ECDSA in a similar way that non-malleability is

  #110 opened 5 years ago by gmaxwell
  4

• bip-schnorr: non-malleability is not an advantage over ECDSA

  #107 opened 5 years ago by real-or-random
  14

• Syntactical issue in taproot footnote 16

  #163 opened 5 years ago by OrfeasLitos
  2

• bip-schnorr: Inaccurate proof of quadratic residuosity

  #159 opened 5 years ago by hebasto
  2

• bip-schnorr: Euler's criterion

  #157 opened 5 years ago by hebasto
  0

• Diagram under "Constructing and spending Taproot outputs" doesn't show

  #139 opened 5 years ago by bjarnemagnussen
  2

• bip-taproot: Internal pubkey construction seems to be inconsistent.

  #127 opened 5 years ago by rajarshimaitra
  3

• bip-schnorr: clarify rationale for key prefixing

  #106 opened 5 years ago by real-or-random
  2

• bip-schnorr/taproot agree on terminology of points

  #118 opened 5 years ago by jonasnick
  6

• bip-tapscript: OP_SUCCESSx cannot be used to bypass the 201 opcode limit because there is no such limit

  #103 opened 5 years ago by sipa
  1

• bip-tapscript: OP_SUCCESSx has priority over all resource limits

  #102 opened 5 years ago by sipa
  1

• bip-schnorr: other nonce generation algorithms may be secure

  #88 opened 5 years ago by sipa
  0

• bip-schnorr: consider synthetic nonces

  #95 opened 5 years ago by real-or-random
  10

• bip-tapscript: justify why the OP_CMS opcodes are disabled (rather than turned into OP_SUCCESSx)

  #100 opened 5 years ago by sipa
  1

• bip-tapscript: merkle key tree isn't exactly a replacement for multisig

  #97 opened 5 years ago by sipa
  1

• bip-tapscript: CSA-based multisig is in many practical cases more efficient than key trees without MuSig

  #98 opened 5 years ago by sipa
  1

• bip-schnorr: clarify relation between 32/33 byte keys and generation

  #91 opened 5 years ago by sipa
  0

• bip-schnorr: MuSig proof requires key prefixing as well

  #90 opened 5 years ago by sipa
  0

• bip-schnorr: mention that (e,s) signatures can be 48 bytes

  #89 opened 5 years ago by sipa
  2