However, M of M is a particular threshold and if someone wants M of M, they will have to face its consequences. This has no relation with Musig and one can use another threshold if they want. M of M is required for signature aggregation in Bitcoin. It is easier to explain but not a replacement for other thresholds. In the email, Erik also suggests that having the senders of the G*x pubkey shares sign their messages with the associated private key share should be sufficient to prevent them from using Wagner's algorithm to attack the combined key. This method is described in the Musig paper, but it requires users to communicate an extra signature per key. Using this method with aggregate signature would eliminate communication efficiency gains from aggregation, making aggregation worse than pointless. Moreover, it has worse failure properties than delinearization. Delinearization is a better option wherever possible.