Bitcoin

Is it possible to recover a private key from an aggregated public key under a strong assumption?

2 Min Read
2 Min Read
Is it possible to recover a private key from an aggregated public key under a strong assumption?

Consider the following assumption:

  1. The computer can calculate the private key from the public key n Year (and n to be a minority, give or take). Of course, this assumption is highly hypothetical and is currently considered unrealistic.

  2. The public key for multi-signature accounts is known. Here we assume they are not hashed or hidden. It also assumes that MUSIG2 is used for multi-signature accounts. This is expected to happen with Bitcoin if I’m not wrong. Moreover, MUSIG2 cannot be used with CISA. Because I only allow to pass a single message (please tell me if I’m wrong).

Now, as Assumption 2 is preserved, you can use Musig2 to aggregate a set of public keys and create a single aggregate public key. AggPub. As it is a valid X-only public key, there are exactly two corresponding private keys. Priv1 and Priv2,link AggPub. By knowing one of them, you can easily find out the other by negating the first private key.

From Assumption 1, can one of the private keys be calculated (Priv1 or Priv2) from AggPub At the same time, that is, n year? From my point of view, yes, it can.

Of course, Assumption 1 is too strong. However, if the answer to the question is yes, it suggests that signature compression here is not the best trade-off. In fact, this could even be misused by a zombie account using MUSIG2, and by performing a simple Schnorr signature, you can unlock dormant funds with a single private key.

Discover more from Earlybirds Invest

Subscribe to get the latest posts sent to your email.

See also  Trying to recover an old wallet using what you want to be a private key - need help

TAGGED:
Share This Article
Leave a comment

Popular News

Ethereum ETFs 20-day inflow streak ends with 2M outflow
Ethereum ETFs 20-day inflow streak ends with $152M outflow
Mining
The Supreme Court just revealed its plan to make gerrymandering even worse, in Louisiana v. Callais
The Supreme Court just revealed its plan to make gerrymandering even worse, in Louisiana v. Callais
Technology
Robert Kiyosaki says Crypto Era tears the system and the Fed is finished
Robert Kiyosaki says Crypto Era tears the system and the Fed is finished
Legal
Bitcoin Demand Holds Strong Despite Price Drop: Accumulation Trend Remains Intact
Bitcoin Demand Holds Strong Despite Price Drop: Accumulation Trend Remains Intact
Crypto
Crypto users warned when ads push Crypto apps containing malware
Crypto users warned when ads push Crypto apps containing malware
Security
bitcoin
Bitcoin (BTC) $ 114,806.04
ethereum
Ethereum (ETH) $ 3,670.07
tether
Tether USDt (USDT) $ 1.00
bnb
BNB (BNB) $ 761.92
xrp
XRP (XRP) $ 3.04
cardano
Cardano (ADA) $ 0.743735
usd-coin
USDC (USDC) $ 1.00
binance-usd
BUSD (BUSD) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.204599
okb
OKB (OKB) $ 46.64
shiba-inu
Shiba Inu (SHIB) $ 0.000012
tron
TRON (TRX) $ 0.333011
uniswap
Uniswap (UNI) $ 9.83
litecoin
Litecoin (LTC) $ 119.29
solana
Solana (SOL) $ 165.50
chainlink
Chainlink (LINK) $ 16.86
cosmos
Cosmos (ATOM) $ 4.24
ethereum-classic
Ethereum Classic (ETC) $ 20.65
filecoin
Filecoin (FIL) $ 2.40
bitcoin-cash
Bitcoin Cash (BCH) $ 562.18
monero
Monero (XMR) $ 308.84

Discover more from Earlybirds Invest

Subscribe now to keep reading and get access to the full archive.

Continue reading