<UkoeHB> "joinmarket.me/blog/blog..." <- First of all, I'm sorry I didn't come in the meeting. I have to prepare for non-crypto stuff. Anyways, isn't the "fix" for Wagner attacks the "premerge" and "merge" functions, which is what Musig does? I would try to understand Wagner attacks if I have time, and even produce a Python demo.

Oops... I'm wrong. I think "premerge" and "merge" functions are against key-cancellation attack. I'll here to learn crypto math anyway. Also, I would follow the WIP researches.

Another resource for Wagner attack (I think). This is the presentation for the IACR paper shared by UkoeHB for the topic: youtu.be/k665FAitJ4s?t=544