[Bitcoin-development] one-show signatures (Re: The relationship between Proof-of-Publication and Anti-Replay Oracles)

Adam Back adam at cypherspace.org
Sun Dec 21 18:10:47 UTC 2014

Yes you could for example define a new rule that two signatures
(double-spend) authorises something - eg miners to take funds. (And
this would work with existing ECDSA addresses & unrestricted R-value

I wasnt really making a point other than an aside that it maybe is
sort-of possible to do with math what you said was not possible where
you said "This [preventing signing more than one message] is
impossible to implement with math alone".


On 21 December 2014 at 15:29, Peter Todd <pete at petertodd.org>
> There's no need to get into the specifics of crypto math so early; you
> can just as easily and only slightly less efficiently obtain the same
> result with a few extensions to the Bitcoin scripting system to verify
> ECDSA signatures directly.

More information about the bitcoin-dev mailing list