pull down to refresh
BIP 322 basically creates a fake transaction and uses the signatures on that transaction to attest that the owner controls these UTXOs. For hash-based output scripts the inputs must reveal the corresponding input script for the signatures to be verifiable.
Personally, I’m still convinced that we will not see any CRQC in the next four decades, and therefore I don’t find it concerning to show public keys. Unless you assume that there are CRQC, public keys being public is not an issue.
With all the quantum bois running around telling us that every long tail exposed address (p2pk, p2tr, reused anything) is at risk of QC haxx0rz? Signing a message would turn your p2(w)pkh into a p2pk, like Satoshi's coin that lopp wants to confiscate because it's too insecure to sit there.
To be honest, I had never really thought about how message signing worked before doing some reading to write this post.
Did I misunderstand how it worked/works, or was message-signing kind of a bad idea?
I didn't find very great answers on Stack Exchange regarding message signing, and I'm dubious of Gemini's explanations.