-
@ cmd
2025-05-05 01:06:14
I believe you can have both privacy and a provably spendable output, by extending P2TR a little bit.
Part 1: Preimage.
Part 2: Internal pubkey.
Script Output: Hash the preimage, and use it to tweak the pubkey. This key goes in the script, similar to taproot.
When relaying: Provide the hash + internal pubkey + signature for proof of validity.
When spending: Provide the preimage + internal pubkey + signature for proof of custody.
By requiring the pre-image for spending, you also make it relatively quantum resistant (similar to p2pkh).
The downside is that it costs slightly more to spend, since you must publish the preimage in addition to the pubkey and signature