12020-02-01T01:49:35  *** dr-orlovsky has quit IRC
 22020-02-01T01:50:50  *** dr-orlovsky has joined ##taproot-bip-review
 32020-02-01T04:15:28  *** pinheadmz_ has joined ##taproot-bip-review
 42020-02-01T04:18:11  *** pinheadmz has quit IRC
 52020-02-01T04:18:11  *** pinheadmz_ is now known as pinheadmz
 62020-02-01T04:25:20  *** notmandatory has joined ##taproot-bip-review
 72020-02-01T04:39:55  *** notmandatory has quit IRC
 82020-02-01T04:41:12  *** notmandatory has joined ##taproot-bip-review
 92020-02-01T04:44:15  *** notmandatory has quit IRC
102020-02-01T04:47:19  *** notmandatory has joined ##taproot-bip-review
112020-02-01T05:12:19  *** pinheadmz has quit IRC
122020-02-01T05:12:58  *** pinheadmz has joined ##taproot-bip-review
132020-02-01T06:51:30  *** notmandatory has quit IRC
142020-02-01T08:47:08  *** dr-orlovsky has quit IRC
152020-02-01T09:34:57  *** Jackielove4u has joined ##taproot-bip-review
162020-02-01T10:25:15  *** ghost43 has quit IRC
172020-02-01T10:26:32  *** ghost43 has joined ##taproot-bip-review
182020-02-01T14:22:04  *** ghost43 has quit IRC
192020-02-01T14:22:52  *** ghost43 has joined ##taproot-bip-review
202020-02-01T15:13:40  *** pinheadmz has quit IRC
212020-02-01T15:13:46  *** pinheadmz_ has joined ##taproot-bip-review
222020-02-01T16:03:24  *** felixweis has quit IRC
232020-02-01T16:03:41  *** felixweis has joined ##taproot-bip-review
242020-02-01T16:19:43  <waxwing> hmm not *all* the protection of key prefixing are lost with attacker controlled input. but .. the ones you care about are, that much seems clear :)
252020-02-01T16:20:58  <waxwing> (was just thinking about the case of multiplicative tweak: take existing s with key P and pretend it's on key P' = (e1/e0)P ... but seems like an 'attack' of little relevance in practice)
262020-02-01T16:21:13  <waxwing> additive tweak though, yeah
272020-02-01T16:22:37  <waxwing> do we really need such optimizations?
282020-02-01T16:33:08  <sipa> waxwing: i wouldn't say it's accomodating an optimization, it's prevent complete key leakage in case someone inevitably does anyway :)
292020-02-01T16:40:57  *** elichai2 has quit IRC
302020-02-01T16:41:12  *** elichai2 has joined ##taproot-bip-review
312020-02-01T16:41:33  <waxwing> ok, good point. and i guess that's the high level take away from what gmaxwell was saying in the ml post .. inputs to k must be inputs to signing algo (at least), which with key prefixing, includes P.
322020-02-01T16:43:58  <waxwing> so basically nonce gen fn input should include the temperature in Addis Ababa because people might decide that that's an appropriate input to signing too :)
332020-02-01T16:53:06  <sipa> i assume you're joking, but i don't see it
342020-02-01T16:55:42  <waxwing> yeah it doesn't quite work like that, since the actual stuff inside the challenge hash is what you have to match up, not just .. any input someone might dream up for their signing algo
352020-02-01T16:58:14  <waxwing> there is a broader concept (or joke) relevant to all these fiat shamir transform based things, which is how difficult is to figure out what is the proper context that has to be explicitly fixed vs what is implicit (like .. generator of the curve for example :) )
362020-02-01T16:58:23  *** jeremyrubin has quit IRC
372020-02-01T17:30:53  *** sipa has quit IRC
382020-02-01T17:41:10  *** sipa has joined ##taproot-bip-review
392020-02-01T18:34:51  *** pglazman has joined ##taproot-bip-review
402020-02-01T18:40:18  *** pinheadmz_ has quit IRC
412020-02-01T18:50:40  *** pglazman has quit IRC
422020-02-01T18:51:31  *** pglazman has joined ##taproot-bip-review
432020-02-01T18:53:37  *** notmandatory has joined ##taproot-bip-review
442020-02-01T19:13:42  *** notmandatory has quit IRC
452020-02-01T19:56:36  *** notmandatory has joined ##taproot-bip-review
462020-02-01T20:21:20  *** pglazman has quit IRC
472020-02-01T20:27:45  *** ghost43 has quit IRC
482020-02-01T20:28:35  *** ghost43 has joined ##taproot-bip-review
492020-02-01T20:37:09  *** pglazman has joined ##taproot-bip-review
502020-02-01T20:38:15  *** notmandatory has quit IRC
512020-02-01T20:40:01  *** pglazman has quit IRC
522020-02-01T21:13:44  *** pglazman has joined ##taproot-bip-review
532020-02-01T21:38:25  *** pglazman has joined ##taproot-bip-review
542020-02-01T21:42:45  *** pglazman has joined ##taproot-bip-review
552020-02-01T21:47:13  *** pglazman has quit IRC
562020-02-01T21:57:22  *** notmandatory has joined ##taproot-bip-review
572020-02-01T22:33:37  *** belcher has quit IRC
582020-02-01T23:44:16  *** belcher has joined ##taproot-bip-review
592020-02-01T23:49:47  *** belcher has quit IRC