-
m-relay<nobfg9000:matrix.org> hey I was just having some shower thoughts and I have a few questions
-
m-relay<nobfg9000:matrix.org> are monero multisig wallets really able to sign a single transaction with SSS?
-
m-relay<nobfg9000:matrix.org> or do multisig wallets just recreate the private key and thus could be used to authorize any transaction?
-
m-relay<nobfg9000:matrix.org> or do they just share secret data related to the enote that will be used for the transaction?
-
UkoeHBnobfg9000: multisig creates partial signatures that get aggregated in the final tx.
-
UkoeHBOnly the private view key is fully shared. Members have partial private spend keys.
-
m-relay<nobfg9000:matrix.org> could the partial signatures be used to sign a different transaction to any extent?
-
UkoeHBCh9 of zero to monero 2 explains how it works. The current implementation is kind of outdated compared to state of the art.
-
m-relay<nobfg9000:matrix.org> okay I'll check that out thanks.
-
UkoeHBNo, partial signatures are tied to the tx contents.
-
m-relay<nobfg9000:matrix.org> one more question
-
m-relay<nobfg9000:matrix.org> to what extent does monero support merge-mining? not a cryptographer so I dont know what the proper language for this is, but does the monero blockchain's merkle root have to be "directly" hashed by randomx or can it validly be a leaf of a merkle tree? In other words can monero act as an auxilary blockchain?
-
UkoeHBIIRC townforged is merge-mined with Monero. Not sure on the details.
-
m-relay<nobfg9000:matrix.org> oh wait I have one more question related to multisig. is multisig opaque? In other words, is there any way to determine if a transaction on the blockchain was produced by multisignature? If not, why do other cryptocurrencies like bitcoin, etc. use scripting-based multisig if it just exposes unnessisary information and takes up more space?
-
UkoeHBThe implementation in monero core is opaque.
-
UkoeHBI'm not sure the history with bitcoin, possibly inertia/technical limitations/don't care about privacy. Don't they have some private multisigs though?
-
m-relay<jeffro256:monero.social> Btc does scripted multisig probably since it's dead simple and thus hard to screw up. Also, by nature, "opaque" multisig doesn't have to be explicitly allowed, like in the case of Monero.
-
m-relay<kayabanerve:matrix.org> Bitcoin historically only support secp256k1 for which cryptographic multisig is a mess.