On (in)ability to embed data into Schnorr

The discussion begins with an exploration of embedding data within a blockchain, highlighting that achieving a 100% embedding rate is trivial if one assumes the data is shared off-blockchain. This approach, however, is critiqued for its practicality since the essence of using a blockchain is to leverage its immutability and persistence, which is compromised if the xor key, representing the actual data, can be lost. The conversation then shifts to the technical analysis of embedding data using ECDSA, an algorithm not specific to Bitcoin, noting its capability to embed 32 bytes of data without compromising the private key. This aspect contrasts with Schnorr signatures, where embedding data could potentially lead to key leakage.

Further, it is mentioned that in the context of Bitcoin, public keys are indirectly embedded within messages, limiting the potential for embedding arbitrary data like "hello world" within signatures due to Bitcoin's operational constraints. This limitation stems from the structure of Bitcoin's signature components and their utilization in the network. Despite these constraints, there exists a possibility of embedding data through partial nonce exposure, though this method does not offer significant efficiency gains over other methods, such as nonce repetition or utilizing public elements like block hash for embedding.

The conversation also delves into the concept of leveraging lattice attacks for data retrieval from signatures, suggesting a nuanced approach to data embedding that balances between embedding efficiency and cryptographic security. The concern raised is about the practicality and efficiency of such an embedding strategy, especially in the Bitcoin ecosystem where public key exposure is inherent to transaction verification processes, thus limiting the efficiency of repeated key usage for data embedding.

In summary, the dialogue encapsulates the complexities and challenges of embedding data within blockchain signatures, examining the trade-offs between embedding efficiency, cryptographic security, and the operational constraints of specific blockchain technologies like Bitcoin. It highlights the ongoing exploration of innovative techniques, such as lattice attacks, to enhance data embedding strategies while maintaining the integrity and security of the underlying cryptographic mechanisms.