Oddbean new post about login | logout Taproot removed the differentiator byte (I have no idea how it's called) from pubkeys and Nostr copied that. Turns out that makes stuff like MuSig2 more cumbersome because you can't easily check if two npubs combined yield a third npub without knowing if the npubs are 02 or 03, even or odd. But fear no more, `nak key combine`, when given any set of pubkeys, even if they don't have the aforementioned 02/03 byte, now outputs all possible combinations between the two keys so you can use your eyes and spot the correct one. https://cdn.satellite.earth/670068ec72523d76a7dddda7125d408825864530605ed400f247d149f2e6e3c0.png How bad is this idea?
Haha, it was done to enable signature aggregation aka Schnorr signatures to combine multiple signatures into one single proof. https://medium.com/badger-blockchain/schnorr-signatures-following-in-the-steps-of-segwit-a4c515c02e22 Had seen long threads talking about the implications in removing the sign bit but had to record some of them.
Yeah removing the parity byte in bip340 key serialization certainly made life .. interesting :) There's a whole section of bip327 https://github.com/bitcoin/bips/blob/master/bip-0327.mediawiki to deal with this. I even wrote a function named with a nerd joke about it :) https://github.com/AdamISZ/pathcoin-poc/blob/b9e5021cdce5d394ab170068584ff20c265baf23/pathcoin.py#L97 Your tool seems like a very good idea to help you debug if you're trying to work out a new protocol, it's quite confusing.
A very relevant thread; if anything it's notable just because it's long: https://github.com/jonasnick/bips/issues/32
I thought nostr keys were always 02. At least that is the code I copied from other people.
But we saved one byte!
