DahLIAS: Discrete Logarithm-Based Interactive Aggregate Signatures

Posted by waxwing/ AdamISZ

Jul 8, 2026/19:05 UTC

The recent discussions surrounding the design and security aspects of Bitcoin Improvement Proposals (BIPs) highlight several critical points that merit attention. A notable concern addressed is the proposal's reliance on the algebraic variant of the one-more-discrete-log assumption under the random oracle model (AOMDL under ROM). This assumption forms a foundational part of the paper's security claim, drawing lineage from previous proposals such as BIP340 and BIP327. The significance of explicitly stating this in the document is underscored, particularly pointing out that AOMDL is considered a weaker and thus more favorable assumption. Furthermore, it's clarified that the scheme discussed is not designed to be secure against quantum attacks, suggesting that its post-quantum insecurity should be explicitly mentioned, possibly in a footnote for clarity.

Another crucial aspect discussed is nonce generation, which remains a complex yet vital component of cryptographic protocols like those proposed in BIP327. In the communication, there's an apparent contradiction regarding the use of deterministic nonce generation. A link to a blog post on MuSig2 by Blockstream (Musig-DN article) is included, which although illustrates potential security approaches with deterministic nonces, primarily serves to advise against their use due to inherent security flaws. This nuance might benefit from further clarification to prevent any misleading interpretations.

Additionally, the message touches upon the flexibility in the statelessness requirement for signers within these protocols, highlighting that this requirement could be relaxed for at least one signer without compromising overall security. This detail, while minor, could significantly impact implementation strategies and aligns with the broader narrative of ensuring robust, adaptable security measures in cryptographic developments.

Overall, these discussions contribute to the ongoing refinement and understanding of security protocols within the Bitcoin development community, emphasizing both the continuity and evolution of cryptographic standards and practices.

Link to Raw Post
Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from high signal bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiDecoding BitcoinWarnet
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project.

Give Feedback