Continuing the discussion about noinput / anyprevout

The email conversation between Christian Decker and Andrew Poelstra on the Bitcoin development mailing list delves into the technical details of the ANYPREVOUT/NOINPUT proposal for Taproot. Christian raises concerns about the safety of anyprevout signatures, which could lead to potential loss of funds when additional coins are sent to the same address. Andrew suggests that a meaningful prefix on the taproot scriptpubkey, such as paying to "[SIGHASH_SINGLE][32B pubkey]", would help distinguish wallets and avoid potential hacking. Andrew also proposes the idea of creating a public testnet to demo every possible noinput/anyprevout case and ensure that fake exchanges and merchants do not lose money in any corner cases. He believes that it is necessary to demonstrate that all theoretical attacks can be dealt with before implementing the proposal in real-world settings. This would provide evidence that output tagging and chaperone signatures may not be necessary. The email conversation ends with Andrew signing off "Cheers".