[bitcoin-dev] Graftroot: Private and efficient surrogate scripts under the taproot assumption
Gregory Maxwell
greg at xiph.org
Mon Feb 5 19:58:24 UTC 2018
On Mon, Feb 5, 2018 at 3:56 PM, Ryan Grant <bitcoin-dev at rgrant.org> wrote:
> Am I reading correctly that this allows unilateral key rotation (to a
> previously unknown key), without invalidating the interests of other
> parties in the existing multisig (or even requiring any on-chain
> transaction), at the cost of storing the signed delegation?
Yes, though I'd avoid the word rotation because as you note it doesn't
invalidate the interests of any key, the original setup remains able
to sign. You could allow a new key of yours (plus everyone else) to
sign, assuming the other parties agree... but the old one could also
still sign.
More information about the bitcoin-dev
mailing list