Hi stackers! The FAQ at https://sigbash.com and the thread here pretty much cover all the details: https://twitter.com/arbedout/status/1772646219317174680
TL,DR:
  • Sigbash is a multisig key agent that hands out blinded xpubs - an xpub is sent to the user's browser, random values are generated using the WebCrypto API to create a new child xpub with a new derivation path. The key agent doesn't asee this new child key - so from key generation all the way to PSBT signing the agent doesn't actually know anything about what the key is protecting
  • GPG contracts (https://nakamotoinstitute.org/mempool/gpg-contracts) are used to keep the key agent honest
  • Since there's no human in the loop you can attach different signing conditions to an xpub - e.g. "only sign if this Bitcoin address has a balance higher than XXX satoshis" or "only sign after this block height AND if the BTC/USD exchange rate is higher than XXX"
If you'd like to kick the tires, use checkout code BETATEST to get a free xpub and fire away :)
--arbedout