A safe way to remove objectionable content from the blockchain

The discussion revolves around a specific cryptographic scheme involving BLS signatures and secp256k1 keys. It outlines a method where a one-time BLS signature, denoted as σ = Sign_root(S), is used to generate any allowed secp256k1 key through a process described as P_i = HashToCurve_secp256k1(σ || i). Here, i represents an arbitrary index, and the hash-to-curve mapping follows a standard indifferentiable encoding, for instance, as specified in IETF RFC 9380. This technique ensures that verifiers only need to check the pairing equation e(σ, g) = e(H(S), PK_root) once. Subsequent verification rejects any public key whose curve point does not match the canonical hash-to-curve output for a given index i. This approach effectively prevents the signer from choosing curve points directly and utilizes hash-to-curve to eliminate possibilities of embedding hidden information within the key, thereby meeting non-malleability criteria essential in anti-steganographic constructions.

However, confusion arises regarding the practicality and understanding of this scheme. The concern centers on how secp256k1 keys generated via hash-to-curve from a BLS signature could be utilized without access to the corresponding private keys. This implies a fundamental misunderstanding or lack of clarity about the role and definition of S within this framework. There's also a critique regarding the feasibility of attaching a BLS signature to secp256k1 keys without transitioning entirely to a BLS curve, highlighting potential issues with mapping keys across different cryptographic groups.

The conversation reflects a broader discourse within the Bitcoin Development community, indicating a search for innovative cryptographic solutions while grappling with the complexities and implications of integrating such mechanisms within existing frameworks. This dialogue underscores the ongoing exploration and debate surrounding cryptographic methodologies and their practical application in secure, decentralized systems.