sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
Leo_Verto1 has quit []
CryptoDavid has quit [Quit: Connection closed for inactivity]
son0p has quit [Ping timeout: 240 seconds]
mreider has joined #bitcoin-wizards
Kiminuo has quit [Ping timeout: 250 seconds]
son0p has joined #bitcoin-wizards
ZmnSCPxj has joined #bitcoin-wizards
<ZmnSCPxj> If I needed a blind signing scheme for bearer signatures, what would be best and why? Also it seems Schnorr blind signing is vulnerable to Wagner attacks, can anyone point to some convenient treatise on such?
<sipa> ZmnSCPxj: have you seen https://eprint.iacr.org/2019/877?
<ZmnSCPxj> thank you, thus you would suggest the use of Schnorr blind signing, suitably modified as per this paper?
<sipa> i'm probably not the best person to ask, but it sounds like that paper gives a pretty convincing argument that with that modification they're actually secure
<sipa> using AGM in the proof is unusual, but imho it's not a crazy model
ZmnSCPxj has quit [Quit: ZmnSCPxj]
ZmnSCPxj has joined #bitcoin-wizards
AaronvanW has quit [Remote host closed the connection]