What will be the security risks if we persist "e" as part of schnorr signature=(r,s,e) and get publicKey from signature at verification #1096

issue sarvalabs-sai opened this issue on March 29, 2022
  1. sarvalabs-sai commented at 10:33 AM on March 29, 2022: none

    Hi folks,

    We know Unlike ecrecover, it is impossible to get to public key given schnorr signature = (r,s) since rG = sG-eP .

    So, would like to understand what are the security risks

    if we say signature=F(r,s,e) and get to publicKey at the verification? something like this P = (rG-sG)/e

  2. real-or-random commented at 12:43 PM on March 29, 2022: contributor

    Closing because this is not an issue with the library. The same question was asked here. https://bitcoin.stackexchange.com/questions/113060/what-will-be-the-security-risks-if-we-persist-e-as-part-of-schnorr-signature

  3. real-or-random closed this on Mar 29, 2022
  4. sarvalabs-sai commented at 1:06 PM on March 29, 2022: none

    Hey @real-or-random

    Appreciate, if you can help me by answering that question there atleast

Contributors
sarvalabs-saireal-or-random
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-19 01:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me