pull down to refresh
1 sat \ 4 replies \ @zuspotirko 30 Dec 2023 \ on: TX size: reusing signature/data for several UTXOs/inputs bitcoin
To my understanding this isn't possible. You have to provide signatures or hash preimages for every single UTXO you want to spend. They cannot be reused for several UTXOs at once because you have to prove for all of them that you own them. Nobody else knows that they all belong to the same keypair.
Isn't the proof the same for all UTXOs? I know I have to prove ownership, but I don't see why the individual proofs are different, or why the proof cannot be reused.
reply
No, because each input's signature commits to the entire context of the transaction. If signatures attached to any input that spends from the same output script, you could replay transactions to spend other UTXOs that share the same output script.
reply
The signature is bound to the UTXO, so it's different for different UTXOs.
reply
It's not the same for all UTXOs - but for different reasons between signatures and hashes.
Signatures have a property called "binding" - it means the signature and what you signed are bound - the signature is a different one when you sign something else.
Hashes have properties called PR and 2PR - it means for a given hash it's impossible to find any preimage.
Another thing I just remembered: Since Segwit this isn't relevant anymore anyways. You gain nothing by making the witness smaller
Also also because maybe you find that interesting: There is a cryptography called "aggregated signatures" which lets you save multiple signatures in the same amount of space as only one signature. It works with the Schnorr Signaturescheme
reply