Tuesday, November 5, 2024

taproot – How do I assemble a P2TR deal with if I simply need to use the important thing path?

BIP 341 (BIP-Taproot) discusses this instance the place you do not require the script path.

If the spending situations don’t require a script path, the output key ought to decide to an unspendable script path as an alternative of getting no script path.

The BIP additionally explains right here the rationale for this.

If the taproot output key’s an combination of keys, there’s the likelihood for a malicious social gathering so as to add a script path with out being seen by the opposite events. This enables to bypass the multiparty coverage and to steal the cash.

Committing to an unspendable script path offers the flexibility to show to a 3rd social gathering observer that there isn’t any hidden script path. If there was no tweak in any respect any key aggregation scheme would should be revealed to that observer together with particular person pubkeys to get the identical impact (and even this will not be sufficient for sure key aggregation schemes).

The Bitcoin Optech workshop on Taproot explains that you simply calculate the tweaked public key utilizing:

Q = P + H(P|c)G

the place

Q is the tweaked public key
P is the preliminary public key (P = xG the place x is the personal key)
H is the hash operate
| is concatenation
c is the dedication to the script path spend
G is the generator level

In case you do not want the script path spend you’ll be able to calculate the tweaked public key utilizing:

Q = P + H(bytes(P))G

the place bytes(P) is the serialization of P as outlined in BIP 340 (BIP-Schnorr).

This tweaked public key Q can be your Taproot (P2TR) deal with. Keep in mind we do not hash (tweaked) public keys with Taproot (SegWit v1) like we do with P2PKH, P2SH, P2WSH (SegWit v0).

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles