delvingbitcoin
BIP352: PSBT support
Posted on: May 27, 2024 22:13 UTC
The concept of reducing the necessity for the OutputGenerator
to access private keys by leveraging an "ECDH share" is a notable proposition in enhancing security within cryptographic operations.
The idea hinges on the possibility of each participant contributing a part of their private key (referred to as an ECDH share) which collectively can be utilized without revealing individual private keys fully. This approach theoretically proposes that instead of the OutputGenerator
managing private keys, participants can add their ECDH shares together for transaction outputs. When all necessary shares are combined, the final participant can generate output scripts and apply their signature, initiating a process where the partially signed bitcoin transaction (PSBT) circulates among signers for signature completion.
However, this method introduces complexities around ensuring that each signer contributes their accurate share to the ECDH sum for every transaction output. The dilemma arises from the need for a mechanism that allows signers to verify the correctness of contributions without compromising the confidentiality of the private keys involved. One potential solution discussed is the implementation of running Discrete Logarithm Equality (DLEQ) proofs, which could serve to validate each contribution's integrity. Yet, this could lead to operational inefficiency, as it might necessitate storing individual proofs for each input and output rather than maintaining a cumulative proof for all outputs.
This theoretical framework suggests a significant shift towards a more secure and privacy-preserving method of handling cryptographic signatures in transactions. Nonetheless, it acknowledges the inherent challenges and security concerns, particularly the non-provable security of responding to Diffie-Hellman requests by signing devices. The discourse reflects a critical examination of balancing security improvements with practicality and the feasibility of implementing such cryptographic methods in real-world applications.