Users must transition from a AggKey into an Bip340AggKey before starting a signing session. This is the idea:
When it is a AggKey you can only apply ordinary tweaks (i.e. bip32)
When it is a Bip340Aggkey you can only apply "xonly" tweaks. (i.e. taproot)
The code and spec makes way more sense to me now. We are down to a single needs_negation boolean we keep around. We can't implement all the spec tests for this since one test requires a ordinary tweak after a "xonly" tweak. I think I'll suggest removing that from the spec.
Users must transition from a
AggKey
into anBip340AggKey
before starting a signing session. This is the idea:AggKey
you can only apply ordinary tweaks (i.e. bip32)Bip340Aggkey
you can only apply "xonly" tweaks. (i.e. taproot)The code and spec makes way more sense to me now. We are down to a single
needs_negation
boolean we keep around. We can't implement all the spec tests for this since one test requires a ordinary tweak after a "xonly" tweak. I think I'll suggest removing that from the spec.