At some point we'll want to move from koblitz ECDSA signatures to koblitz Schnorr signatures. This will offer some huge advantages long term.
Note however, unlike ECDSA you can't recover a Schnorr public key from a Schnorr signature. This means you have to get the public key from either the data structure, or from some other source.
We need to be sure that our data structures support both current ECDSA and Schnorr signatures. This means we may want to always publish the koblitz public key (used by both) in the signature even though in the ECDSA case it may be redundant (or not, as there may be multiple valid public keys, see #9)
Copied from original issue: WebOfTrustInfo/btcr-hackathon#18
kimdhamilton
commented
7 years ago
From @ChristopherA on June 30, 2017 21:58
At some point we'll want to move from koblitz ECDSA signatures to koblitz Schnorr signatures. This will offer some huge advantages long term.
Note however, unlike ECDSA you can't recover a Schnorr public key from a Schnorr signature. This means you have to get the public key from either the data structure, or from some other source.
We need to be sure that our data structures support both current ECDSA and Schnorr signatures. This means we may want to always publish the koblitz public key (used by both) in the signature even though in the ECDSA case it may be redundant (or not, as there may be multiple valid public keys, see #9)
Copied from original issue: WebOfTrustInfo/btcr-hackathon#18