MuSig

MuSig
— Simple Schnorr Multi-Signatures
with Applications to Bitcoin —
ʲ҉߸௨՟ྠಡձ#16ʳMuSig @ 01Booster
2018/3/12
ϑϩϯςΟΞύʔτφʔζ߹ಉձࣾ ૑ۀऀ&୅දCEO
United Bitcoiners Inc. ڞಉ૑ۀऀ&औక໾CTO
ࠓҪਸ໵

View Slide

ࣗݾ঺հ
United Bitcoiners Inc. ڞಉ૑ۀऀˍऔక໾CTO
ϑϩϯςΟΞύʔτφʔζ߹ಉձࣾ ୅දCEO
ϚελϦϯάϏοτίΠϯɺ຋༁ऀ୅ද
ੈքͰॳΊͯͷɺ೔ຊޠʹΑΔϏοτίΠϯɾϒϩο
ΫνΣʔϯͷৄࡉٕज़ॻ(NTTग़൛ࣾ)
2016/7/14ग़൛
ిࢠॻ੶൛(kindle)΋
ΦʔϓϯΤσΟγϣϯ൛
https://www.bitcoinbook.info

View Slide

ࣗݾ঺հ
όοΫάϥ΢ϯυ
৽ׁେֶେֶӃɹૉཻࢠཧ࿦෺ཧɹത࢜(ཧ)
ΧΧΫίϜ
ݕࡧΤϯδϯ։ൃɹݕࡧαʔόΫϥελߏஙӡ༻ɹେن໛σʔλॲ
ཧɹػցֶशɹը૾ೝࣝ
σʔλλϫʔגࣜձࣾɹ୅දऔక໾

View Slide

ࠓճͷ࿦จ
Title:
Simple Schnorr Multi-Signatures with Applications to Bitcoin
Author:
Gregory Maxwell, Andrew Poelstra, Yannick Seurin, and Pieter Wuille
Article:
https://eprint.iacr.org/2018/068.pdf
Published:
January 2018

View Slide

ࠓճͷ࿦จ
ࢲͷํͰ࿦จ಺༰ͷղऍΛؒҧ͍͑ͯΔՕॴ
͕͋Δͱࢥ͍·͢ͷͰɺෆ໌఺͸ݪ࿦จͰ֬
ೝ͍͖ͯͨͩ͠·͢Α͏͓ئ͍͍ͨ͠·͢ɻ
ؒҧ͍఺͸΍͘͞͠ڭ͍͚͑ͯͨͩΔͱ͋Γ
͕͍ͨͰ͢ɻ

View Slide

͜ͷ࿦จͷํ਑
[࿦จͷAbstract͔Β]
৽͍͠γϡϊΞ(Schnorr)ϕʔεͷϚϧνγάωνϟεΩʔϜʢ͢ͳΘͪɺॺ໊ऀͷάϧʔϓ͕ڞ௨ͷϝοηʔδʹ୹
͍ॺ໊Λੜ੒͢Δ͜ͱΛՄೳʹ͢ΔϓϩτίϧʣΛઆ໌͓ͯ͠Γɺ؆ૉެ։伴(plain public-key)ϞσϧͷதͰূ໌Մೳ
ͳ҆શੑΛ࣋ͭ΋ͷͰ͢ɻ
ϓϨΠϯެ։伴Ϟσϧͱ͸ɺॺ໊ऀʹ͸ެ։伴Λ࣋ͭ͜ͱͷΈ͕ཁٻ͞Εɺϓϩτίϧʹै͏લʹɺެ։伴ʹରԠ
͢Δൿີ伴ͷ஌ࣝΛূ໌ػؔ·ͨ͸ଞͷॺ໊ऀʹ஌ΒͤΔඞཁ͕ͳ͍͜ͱΛҙຯ͠·͢ɻ
ຊ࿦จ͸ɺҎԼ2ͭͷ఺ͰBellare and NevenʢACM-CCS 2006ʣ͓Αͼͦͷมछ BagarezandiΒʢACM-CCS 2008ʣ·
ͨ͸MaΒʢDes. Codes Cryptogr. 2010ʣͷ࠷ઌ୺εΩʔϜΑΓ΋վળ͞Ε͍ͯ·͢ɻ
ʢiʣBellare-NevenํࣜͷΑ͏ʹ3ճͰ͸ͳ͘ɺඪ४తͳγϡϊΞॺ໊ͱಉ͡伴ͱॺ໊αΠζͰ2ճͷ௨৴Λߦ͏͚ͩ
ͰɺγϯϓϧͰޮ཰తͰ͢ɻ
ʢiiʣ伴ू໿(ΩʔΞάϦήʔγϣϯɺkey aggregation)ΛՄೳʹ͠·͢ɻ͜Ε͸ɺॺ໊ऀͷݸʑͷެ։伴͔Βܭࢉ͢Δ
͜ͱ͕Ͱ͖Δ୯Ұͷʮू໿ʯެ։伴(aggregated public-key)ʹؔͯ͠ɺ߹ಉॺ໊(joint signature)͕ඪ४ͷγϡϊΞॺ໊ͱ
ਖ਼֬ʹর߹Ͱ͖Δ͜ͱΛҙຯ͠·͢ɻ
͜Ε͸ɺඪ४తͳ཭ࢄର਺໰୊ΑΓڧ͍҆શੑԾఆΛ՝͢ϫϯϞΞ཭ࢄର਺໰୊(One More Discrete Logarithm,
OMDL)Λલఏͱ͠ɺ෼྾ิ୊(ϑΥʔΩϯάϨϯϚɺForking Lemma, Spliting Lemma)ͷ2ճͷݺͼग़͠ʹΑΔΑΓ؇΍
͔ͳηΩϡϦςΟ௿ԼΛ΋ͬͯߦΘΕ·͢ɻ
Ԡ༻ͱͯ͠ɺ৽͍͠ϚϧνγάωνϟεΩʔϜ͕ϏοτίΠϯͷύϑΥʔϚϯεͱϢʔβʔͷϓϥΠόγʔͷ྆ํΛ
ͲͷΑ͏ʹվળͰ͖Δ͔Λઆ໌͠·͢ɻ

View Slide

BitcoinͷεέʔϦϯά໰୊
w 5SBOTBDUJPOTJOPOFCMPDLJTGVMM
w .#QFSCMPDL
w *ODSFBTFPG#JUDPJOCMPDLDIBJOEBUBTJ[F
w )JHI59GFF
w FYTBUPTIJCZUF
w d59QFSTFDPOE
w NJOCMPDLUJNF
w .CZUFTCZUFTNJOTFDPOE59QFSTFDPOE
w 5IJTCMPDLUJNFJTOFDFTTBSZGPSTUBCMF#JUDPJOCMPDLDIBJOBOEJTFOPVHIGPSVTVBMCJUDPJOQBZNFOU
w #VUJUJTWFSZTMPXDPNQBSJOHXJUIDSFEJUDBSEPS/'$
w ʜ

View Slide

View Slide

160GB

View Slide

4.6tx/sec

View Slide

https://bitcoinfees.info
4000ԁ͘Β͍/tx

View Slide

͍Ζ͍Ζͳղܾࡦ
ΦϯνΣʔϯଆ
αΠυνΣʔϯ/υϥΠϒνΣʔϯ
SegWit (Segregated Witness)
ϏοάϒϩοΫ
γϡϊΞॺ໊(Schnorr Signature)
ΦϑνΣʔϯଆ
ϥΠτχϯάωοτϫʔΫ

View Slide

γϡϊΞॺ໊͕
ͳͥεέʔϦϯά໰୊ʹΑ͍͔ʁ
m-of-nϚϧνγάΞυϨεͷUTXOΛ࢖͏ͱ͖ʹɺunlocking script
ͱredeem scriptʹͦΕͧΕmݸͷॺ໊ɺnݸͷެ։伴Λஔ͔ͳ͍ͱ͍
͚ͳ͍
̍ݸͰ͋Ε͹ͱΓ͍͍͕͋͑ͣɺෳ਺ͷॺ໊ɺެ։伴ΛͦΕͧΕ̍
ݸͣͭʹͰ͖Ε͹τϥϯβΫγϣϯͷσʔλαΠζΛখ͘͞Ͱ͖Δ
τϥϯβΫγϣϯͷσʔλαΠζ͕খ͘͞ͳΔͱɺ̍ϒϩοΫʹೖ
ΔτϥϯβΫγϣϯͷ਺͕૿͑ɺॲཧՄೳͳτϥϯβΫγϣϯ਺
Λ૿΍ͤΔ

View Slide

஫ҙ
ECDSA(ପԁؔ਺σδλϧॺ໊)Ͱ͸ͳ͍
ओுͦͷ΋ͷ͸m-of-nϚϧνγάωνϟͰ͸ͳ͘n-of-nϚϧν
γάωνϟ
ϏοτίΠϯʹ࢖͏ʹ͸ɺ·ͩௐ੔͕ඞཁ
ࢀর
https://blockstream.com/2018/01/23/musig-key-aggregation-
schnorr-signatures.html

View Slide

Schnorrॺ໊(ΦϦδφϧ)
ࢀߟ: ೔޲͞Μͷઆ໌
https://blog.visvirial.com/articles/721#i-10

View Slide

هड़๏
G: p࣍८ճ܈
g: Gͷੜ੒ݩ
m: ॺ໊ର৅ϝοηʔδ
x: ൿີ伴(੔਺)
X: ެ։伴, X = g
x
H(ɾ): ϋογϡؔ਺
ॺ໊࡞੒
ཚ਺rΛબͿ([0,p-1])
R = g
r
mod p
c = H(X, R, m)
஫: ͜Εʹҧ࿨ײΛײ͡Δํ͕͍Δͱࢥ͍·͢ɻ௨ৗ͸c =
H(R, m)ɻ
s = r + cx mod p
͜ͷͱ͖ɺॺ໊Λ(R, s)ͱ͢Δɻ
஫: c, s, ॺ໊ʹҧ࿨ײΛײ͡Δํ͕͍Δͱࢥ͍·͢ɻ௨ৗc =
H(R, m)ɺs = r - cx ɺॺ໊͸(c, s)ɻॺ໊ʹ͍ͭͯ͸p22
Discussionʹͯٞ࿦ɻ
ॺ໊ݕূ
g
s
= RX
c
͕੒Γཱ͔ͭͲ͏͔Λ֬ೝɻ੒Γཱͯ͹ॺ໊͸ਖ਼͍͠ɻ
੒Γཱͨͳ͚Ε͹ॺ໊͸ෆਖ਼
஫: ࿦จͰ͸͜͏ͳͬͯ·͢ɻ௨ৗͱҧ͏ॺ໊ݕূ౳ࣜͰ͢ɻ
·ͨﬁat-shamirม׵͸ෆཁʁͱ͍͏ͷ΋ٙ໰఺Ͱ͢ɻ

View Slide

γϯϓϧͳ֦ுͰΑ͍ͷͰ͸ʁ
લϖʔδͷγϡϊΞॺ໊Λ୯७ʹϚϧνγά
ωνϟʹ֦ுͰ͖Δɻ
݁࿦Λઌʹݴ͏ͱɺ͜Ε͸੬ऑੑΛؚΜͰ͠
·͏

View Slide

γϡϊΞॺ໊ͷ
γϯϓϧͳϚϧνγάωνϟ֦ு
هड़๏
G: p࣍८ճ܈
g: Gͷੜ੒ݩ
m: ॺ໊ର৅ϝοηʔδ
i: ॺ໊ऀʹৼͬͨ൪߸([1, n])
x
i
: ൿີ伴, {x
1
, …, x
n
}
X
i
: ެ։伴, {X
1
=g
x1
, …, X
n
=g
xn
} (x1͸x
1
ͷҙຯ)
H(ɾ): ϋογϡؔ਺
ॺ໊࡞੒
ཚ਺ri
ΛબͿ([0,p-1])
Ri
= g
ri
mod p
R = R1
R2
…Rn
X~ = X1
X2
…Xn
, (X~ ͷ~͸Xͷ্ͷҙ)
c = H(X~, R, m)
si
= ri
+ cxi
mod p
s = s1
+s2
+…+sn
ॺ໊ݕূ
g
s
= RX
c
͕੒Γཱ͔ͭͲ͏͔Λ֬ೝɻ੒Γཱͯ͹ॺ
໊͸ਖ਼͍͠ɻ੒Γཱͨͳ͚Ε͹ॺ໊͸ෆਖ਼

View Slide

ൺֱ
ॺ໊ू໿ͳ͠
ॺ໊࡞੒
ཚ਺rΛબͿ([0,p-1])
R = g
r
mod p
c = H(X, R, m)
s = r + cx mod p
ॺ໊ݕূ
g
s
= RX
c
͕੒Γཱ͔ͭͲ͏͔Λ֬ೝɻ੒Γཱͯ͹
ॺ໊͸ਖ਼͍͠ɻ੒Γཱͨͳ͚Ε͹ॺ໊͸ෆਖ਼
ॺ໊ू໿͋Γ
ॺ໊࡞੒
ཚ਺r
i
ΛબͿ([0,p-1])
R
i
= g
ri
mod p
R = R
1
R
2
…R
n
X~ = X
1
X
2
…X
n
, (X~ ͷ~͸Xͷ্ͷҙ)
c = H(X~, R, m)
s
i
= r
i
+ cx
i
mod p
s = s
1
+s
2
+…+s
n
ॺ໊ݕূ
g
s
= RX
c
͕੒Γཱ͔ͭͲ͏͔Λ֬ೝɻ੒Γཱͯ͹
ॺ໊͸ਖ਼͍͠ɻ੒Γཱͨͳ͚Ε͹ॺ໊͸ෆਖ਼

View Slide

ΩʔΞάϦήʔγϣϯͰ໰୊ͱͳΔ߈ܸ
— Rogue Key ߈ܸ —
Rogue Key߈ܸ
Alice(ળਓ): ެ։伴X
a
ɺBob(ѱਓ): ެ։伴X
b
ू໿ެ։伴Λ࡞Δͱ͖ʹɺAlice͸Bobʹެ։伴ΛૹΔɻ
࣍ʹɺBob͸X
b
ΛAliceʹૹΔͷͰ͸ͳ͘ɺX
b
/X
a
ΛBobͷެ։伴ͱͯ͠ૹΔɻ
Alice͸ू໿ެ։伴(ຊ౰͸X
a
X
b
ɺ͔͠͠X
b
/X
a
*X
a
= X
b
ʹͳ͍ͬͯΔ)Λ࡞੒͠ɺ͜ͷΞυϨε΁ͷࢧ෷͍
ͱͯ͠τϥϯβΫγϣϯΛϒϩʔυΩϟετ
Bob͸X
b
ʹରԠͨ͠ൿີ伴x
b
Λ࢖͖ͬͯ͞΄ͲͷτϥϯβΫγϣϯʹର͢Δॺ໊Λ࡞੒͠ɺAliceʹແஅ
ͰτϥϯβΫγϣϯΛ࢖͑ͯ͠·͏
؆қతͳղܾํ๏
Bob͕ૹ͖ͬͯͨެ։伴ʹର͢Δൿີ伴ΛBob͕ؒҧ͍ͳ͍࣋ͬͯ͘Δ͜ͱΛূ໌͢ΔखஈΛ࣋ͭ͜ͱ
(ೝূػؔ౳)

View Slide

͜ͷ؆қղܾ๏͸໘౗
͍͍ͪͪൿີ伴ͷอ࣋Λ֬ೝ͠ͳ͍ͱ͍͚ͳ͍ͷ͸໘
౗
ެ։伴ͷอ͚࣋ͩͰΑ͍Α͏ʹ͠ͳ͍ͱ͍͚ͳ͍
ެ։伴ͷอ͚࣋ͩͰΑ͘ɺൿີ伴ͷอ࣋ͷ֬ೝΛෆཁ
ʹ͢ΔલఏʹཱͭϞσϧΛɺ؆ૉެ։伴(Plain Public-
Key)Ϟσϧͱݴ͍ɺ͜ͷ࿦จͷओு͕ຬͨ͢΂͖લఏ

View Slide

ͪΐͬͱԣಓ(key preﬁxed)
௨ৗͷγϡϊΞॺ໊ʹग़ͯ͘Δͷ͸ҎԼͷܗ
c = H(R, m)
͜ͷ࿦จͰ͸͜͏ɻ
c = H(X, R, m)
͜ΕΛkey preﬁxedεΩʔϜͱ͍͏ɻ

View Slide

ຊ࿦จͰͷఏҊํ๏

View Slide

γϯϓϧͳ΋ͷͱԿ͕ҧ͏ʁ
ϋογϡؔ਺Λ̎छྨ༻ҙ
H0
ɺH1
cΛҎԼʹมߋ
c = H1
(X~, R, m)
ू໿ެ։伴ΛҎԼʹมߋ
X~ = X1
a1
X2
a2
…Xn
an
ai
= H0
(, Xi
)
L = {X1
, …, Xn
}
= unique encoding(L)
࿦จϦϑΝϨϯε[BN06]ͷΑ͏ͳ༧උతίϛο
τϝϯτϑΣΠζΛͳͨ͘͠
OMDL(ϫϯϞΞ཭ࢄର਺໰୊, One More
Discrete Logarithm)Λલఏͱ͠ͳ͍ͱ͍͚ͳ
͍(ղऍΛؒҧ͍͑ͯΔ͔΋͠Ε·ͤΜ)
͜Ε͸௨ৗͷ཭ࢄର਺໰୊ΑΓ΋ɺΑΓղ
͖೉͍໰୊
cͷܭࢉΛ̎ͭʹ෼͚Δ͜ͱͰɺϋογϡؔ਺
͕̎ͭʹͳΓɺηΩϡϦςΟূ໌Ͱ෼྾ิ୊
(Forking Lemma)Λ̎ճ࢖Θͳ͍ͱ͍͚ͳ͍
͜ΕʹΑͬͯɺূ໌Ͱ͖ΔηΩϡϦςΟڧ
౓͕Լ͕ͬͯ͠·͏(ղऍΛؒҧ͍͑ͯΔ͔
΋͠Ε·ͤΜɻ͜ͷ৔߹ͷηΩϡϦςΟڧ
౓ͷఆ͕ٛ·ͩࣗ෼ͷதͰ͋΍;΍Ͱ͢)

View Slide

γϯϓϧͳ΋ͷͱԿ͕ҧ͏ʁ
࣭໰Ͱࢦఠ͕͋ͬͨͷͰهࡌ
ͳͥຊ࿦จͷఏҊํ๏ͩͱRogue Key߈ܸ͕ޮ͔ͳ͍͔ʁ
શͯͷa
i
͸શެ։伴ͷ৘ใΛؚΉLͱɺa
i
ʹରԠͨ͠X
i
͕ͳ͍ͱ࡞Εͳ͍͕ɺଞͷਓͷެ։伴Λ
ड͚औͬͨͷͪʹRogue Key߈ܸͷͨΊʹX
i
Λِ૷ͯ͠ӕͷ΋ͷʹม͑ͨͱͯ͠΋ɺX
i
Λม͑ͯ
͠·͏ͱa
i
͚ͩͰͳ͘ଞͷa
j≠i
΋มΘͬͯ͠·͏ͨΊɺ͏·͘߈ܸ͕੒ޭ͢ΔΑ͏ͳX
i
͕બ΂ͳ
͍
σΟʔϓϥʔχϯά(χϡʔϥϧωοτϫʔΫ)ͰͷӅΕ૚ͷஞ࣍తॏΈߋ৽ͷΑ͏ͳํ๏Ͱ߈ܸ͕੒
ޭ͢ΔΑ͏ͳX
i
͕બ΂ͦ͏ͳؾ͕͕ͨ͠ɺҎԼͷ఺ͰͰ͖ͳ͍
a
i
͸ϋογϡؔ਺H
0
Λ௨ܾͯ͠·ΔͷͰɺҾ਺Λͪΐͬͱ͚ͩม͑ͯ΋a
i
͸େ෯ʹ஋͕มΘΔ
͜ͷͨΊɺԾܾΊͨ͠X
i
ΛϕʔεʹX
i
->a
i
->X
i
’->a
i
’’->X
i
’’->…ͷΑ͏ʹஞ࣍ߋ৽͍ͯͬͯ͠΋̎
ͭͷύϥϝʔλʔ͕ঃʑʹऩଋ͢ΔΑ͏ʹ͸ͳΒͳ͍

View Slide

ECDSAͩͱॺ໊ू໿͸Ͱ͖ͳ͍ʁ
͜ͷ࿦จͰͷγϡϊΞεΩʔϜॺ໊Ͱॺ໊ू໿Λ΍ͬ
ͯΈΔ
2ਓͷॺ໊ऀ͕͍ΔɻͦΕͧΕެ։伴ɺൿີ伴Λ࣋
ͭɻ
͔͜͜Βू໿ެ։伴Λ࡞੒ͨ͠৔߹ɺ֎෦ͷਓ͕ݸʑ
ͷॺ໊ऀͷެ։伴Λ஌Δ͜ͱͳ͘ɺू໿ެ։伴͚ͩ
Λ༻͍ͯॺ໊ݕূͰ͖Δ͔

View Slide

2ਓͷॺ໊ऀ
s1
, R1
, c, a1
, x1
, X1
s2
, R2
, c, a2
, x2
, X2
͜ͷͱ͖ɺҎԼ͕੒Γཱͭ
g
s1
=R1
X1
a1*c
, g
s2
=R2
X2
a2*c
s=s1
+s2
, R=R1
R2
, X~=X1
a1
X2
a2
ͱ͢Δͱɺลʑಉ࢜Λ͔͚ͯ
g
s
=R1
X1
a1*c
R2
X2
a2*c
=R1
R2
X1
a1*c
X2
a2*c
=R(X1
a1
X2
a2
)
c
=RX~
c
(͜ͷٯͷূ໌΋ඞཁͳ͸ͣɻٯ͸੒ཱ͠ͳ͍ʁ)

View Slide

https://ja.wikipedia.org/wiki/ପԁۂઢDSA
ย΍ٯ਺ɺย΍࿨ͳͷͰ
୯७ʹ͸ॺ໊ू໿Ͱ͖ͳͦ͏Ͱ͕͢ɺ
ݫີূ໌͸ʁ
࿦จϦϑΝϨϯε[MR01, GGN16, Lin17]

View Slide

΋ͬͱγϯϓϧʹ͸Ͱ͖ͳ͍ʁ
a
i
= 1͸μϝ
͜ͷ৔߹͸୯७ͳ֦ுʹҰகͯ͠͠·͍ɺRogue Key߈ܸ͔Β੬ऑʹͳΔ
a
i
= H
0
(X
i
)΋μϝ
ѱਓॺ໊ऀ਺͕े෼େ͖͍ͱɺ߈ܸऀ͸WargnerͷΞϧΰϦζϜ(࿦จϦϑΝϨϯε
[Wag02])Λ࢖ͬͯॺ໊Λِ଄ͯ͠ળਓऀͷ͓ۚΛ౪ΊΔɻ
߈ܸʹ͔͔Δ࣌ؒܭࢉྔΦʔμʔ͸O(2
2√k
)
k͸८ճ܈GͷҐ਺pͷbit௕
ϥϯμϜ஋ r
i
ͷ࢖͍ճ͠͸ݫې
ू໿伴ͷੜ੒աఔͰɺଞͷॺ໊ऀʹൿີ伴͕๫͔Εͯ͠·͍·͢

View Slide

ϏοτίΠϯ΁ͷద༻

View Slide

Ͱ΋ɺϏοτίΠϯʹରͯ͠ॺ໊ू໿ʹޮՌ͕͋Δͷ͸
ෳ਺ͷॺ໊ऀ͕͍Δͱ͖͚ͩͰ͸ʁ
MuSig͸ɺෳ਺ͷΠϯϓοτͷॺ໊Λ̍ͭʹ·ͱΊΔ͜
ͱ΋೦಄ʹஔ͍͍ͯΔ
Πϝʔδͱͯ͠͸ɺ૬ޓతू໿ॺ໊(IASɺInteractive
Aggregated Signature)Λ࢖͏ɻ࿦จϦϑΝϨϯε[BN06]
͸ɺ͋ΒΏΔϚϧνγάωνϟεΩʔϜΛIASʹ֦ு͢
Δํ๏ΛఏҊ͍ͯ͠Δ
[BN06]͸black boxεΩʔϜ

View Slide

non black-box ૬ޓతू໿ॺ໊
͔͠͠ɺ؆ૉެ։伴Ϟσϧ্Ͱͷblackbox ૬ޓతू
໿ॺ໊͸͏·͍͔͘ͳ͍
Appendix AͰ͜ΕΛূ໌
͜ͷͨΊɺຊ࿦จͰ͸؆ૉެ։伴Ϟσϧ্Ͱͷnon
black-box ૬ޓతू໿ॺ໊ΛఏҊ
ͨͩ͠ɺ۩ମతͳఏҊ಺༰͸ͳ͠

View Slide

ϏοτίΠϯ΁ͷద༻
m-of-nϚϧνγάωνϟ΁ͷద༻
n-of-nϚϧνγάωνϟ্ʹm-of-nϚϧνγάωνϟΛ࡞ΔͨΊ
ʹɺϚʔΫϧπϦʔΛ࢖͏ํ๏͕͋Δ
ू໿ެ։伴Λඞཁͳެ։伴Λ૊Έ߹Θͤ෼࡞ΓɺϚʔΫϧπ
Ϧʔͷ༿ʹ഑ஔ͢ΔɻτϥϯβΫγϣϯʹஔ͍͓ͯ͘ͷ͸͜ͷ
ϚʔΫϧϧʔτɻ
ϚʔΫϧπϦʔͷࢬ෼ذΛ࡞Δͱ͖ʹɺू໿ެ։伴ͷ࡞Γ
ํΛ࢖͏ʁ

View Slide

ݸਓϦϑΝϨϯε
աڈϓϨθϯࢿྉ
https://www.slideshare.net/lawmn/presentations
https://www.slideshare.net/takayaimai/presentations
Linkedin
https://www.linkedin.com/in/takaya-imai-4a915310

View Slide

ﬁn.

View Slide

MuSig

MuSig

Takaya Imai

More Decks by Takaya Imai

Other Decks in Technology

Featured

Transcript