[bitcoin-dev] Multiparty signatures
crypto at timruffing.de
Sun Jul 8 15:16:34 UTC 2018
On Sun, 2018-07-08 at 10:19 -0400, Erik Aronesty via bitcoin-dev wrote:
> Consider changing the "e" term in the schnorr algorithm to hash of
> message (elligator style) to the power of r, rather than using
How do you compute s = x*e if e is an element of group G?
(Similar question: How do you verify if e is element of G?)
Are you aware of
This is a threshold signature scheme for Schnorr signatures, so what
you want is possible already with Schnorr signatures.
More information about the bitcoin-dev