Can one prove that a particular public key is part of an aggregated (MuSig) public key?

resonant _tuxedo

11/6/22, 9:22 PM

The MuSig paper (2018) describes a Schnorr signature key aggregation scheme which lets a set of individual public keys to be merged into a single, "aggregated" public key.

In the protocol each individual public key creates an own signature which can be merged into the "aggregated signature". The aggregated signature will verify with the aggregated public key like the signature was created by only one key.

Is it possible to prove that a particular individual public key is part of the aggregate public key without sharing the other public keys?

0 + 1

public-key

signature

discrete-logarithm

schnorr-signature

Vadym Fedyukovych

11/8/22, 9:33 AM

This signature verification algorithm requires explicit individual public keys. That means, proving some individual public key is a part of the aggregate (without releasing that individual key) assumes prover help for verifying aggregate signatures. Having said this, yes, individual key membership in the aggregate can be proved.

runeks

4/4/23, 10:59 AM

@VadymFedyukovych it sounds to me like OP is looking for the opposite: proving that some individual public key is part of an aggregate public key by knowing only (1) the aggregate public key, and (2) this individual public key, but not the remaining public keys (which, together with the individual public key, comprise the aggregate public key).

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Can one prove that a particular public key is part of an aggregated (MuSig) public key?

TH: เราสามารถพิสูจน์ได้ว่ารหัสสาธารณะเฉพาะนั้นเป็นส่วนหนึ่งของรหัสสาธารณะแบบรวม (MuSig) หรือไม่

RO: Se poate dovedi că o anumită cheie publică face parte dintr-o cheie publică agregată (MuSig)?

RU: Можно ли доказать, что конкретный открытый ключ является частью агрегированного (MuSig) открытого ключа?

VI: Người ta có thể chứng minh rằng một khóa chung cụ thể là một phần của khóa chung (MuSig) tổng hợp không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.