In a Pedersen commitment scheme $C(x) = xG + rH$ the two generator points must have an unknown discrete logarithm connection. Generating $H$ via a random key might not be secure enough, so we should use some hash-to-curve mechanism. For example hash_to_curve(G.as_bytes()).
Description
In a Pedersen commitment scheme $C(x) = xG + rH$ the two generator points must have an unknown discrete logarithm connection. Generating $H$ via a random key might not be secure enough, so we should use some hash-to-curve mechanism. For example
hash_to_curve(G.as_bytes())
.