------- Original Message ------- On Thursday, July 28th, 2022 at 11:51 AM, Ali Sherief <[email protected]> wrote:
> The way I understood the BIP, was that a user can do batch recovery or > single-key recovery. Can you explain how it is possible to recover a public > key from a single-key signature, because a few days earlier on the > BIP-notatether-messageverify thread I was told (I think it was achow) that > Schnorr doesn't allow for public key recovery. No, BIP340, in its design decisions, had to choice to either support public key recovery, or support batch validation. We chose to support batch validation for a variety of reason. BIP340 does not in any way support key recovery. > > > , just like BIP340). > > > > How so? Every taproot compatible wallet has a BIP340 implementation. > > > I guess I made an assumption, since almost all of the wallets I have seen did > not have a sign message feature, not even for legacy addresses. I'm not talking about sign message, I'm talking about BIP340 for the purpose of transaction signing, as it's the signature scheme used in BIP341/BIP342. My point being: for any prospective message signing feature, if the wallet supports taproot signing, they inevitably already have code to produce BIP340 signatures. If they don't support taproot signing, then message signing for it is irrelevant. Cheers, -- Pieter _______________________________________________ bitcoin-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
