Emulating OP_RAND

The discussion focuses on the integration of hiddenness properties within the taproot framework, highlighting both its potential and limitations. The critique begins with an acknowledgment of an interesting set of ideas surrounding the concept of hiddenness in transaction structures, specifically within the context of Bitcoin's taproot upgrade. It is noted that while the idea holds merit, there are inherent challenges due to taproot's lack of support for a hashed pubkey type scriptPubKey. This limitation complicates the objective of concealing user choices in final pay-in addresses, addr_a and addr_b, which are essential for maintaining privacy.

Further exploration into possible solutions for enhancing privacy reveals the consideration of blinding addresses with an additional point, such as $P_a + A_1 + T$. However, this approach encounters obstacles because it relies on blinding with a point rather than a scalar, which does not align well with the existing taproot structure. The possibility of incorporating Zero-Knowledge Proofs (ZKPs) to introduce extra structural proof is discussed, yet this method falls short as it does not effectively conceal the details atomically revealed through the schnorr signature during broadcast.

An attempt to include adaptors via MuSig, aiming to facilitate between-party secret sharing, was also examined but found to be incompatible due to the nature of the 'secret' being a point rather than a scalar. Despite these technical hurdles, the overall concept of integrating hiddenness within taproot is praised for its innovative approach to enhancing privacy in cryptocurrency transactions, suggesting that while direct implementation faces challenges, the core idea remains valuable.