BlackHatCoiner
Legendary
Offline
Activity: 1694
Merit: 8318
Bitcoin is a royal fork
|
|
March 08, 2022, 08:38:33 PM |
|
I don't get clear why they want to store the bitcoin donation online, that's not the secure way to handle this. All the donations should go to a cold wallet and then send them to a hot wallet when you will spend those donations. That's would be the secure way. Cold and hot wallets are made-up terms that have to do with the internet connectivity of the devices that contain private keys in their drive. OP will probably generate a master key pair and derive the donation addresses. I believe they know what's more secure and what's not. Either way, they haven't mentioned if the private keys will be stored online. I guess he could do that and then convert received coins back to Bitcoin, but there is a risk in doing that on exchanges that are centralized or instant. What's an instant exchange? You mean centralized swap services?
|
|
|
|
Pmalek
Legendary
Offline
Activity: 2940
Merit: 7532
Playgram - The Telegram Casino
|
|
March 09, 2022, 09:53:42 AM |
|
What's an instant exchange? You mean centralized swap services? Yeah, platforms that perform crypto swaps or instant exchanges between two coins. Honestly, I don't know how instant those are. Some of them like ChangeNow claim to be non-custodial. Their exact wording is " Free of Custody." How can something be "free of custody" if you are depositing YOUR coins in one of THEIR addresses? I guess you can claim anything you want in crypto. Another thing I remember about services like the one I mentioned is that they claim to be anonymous. You don't need to do KYC. However, their partner exchanges and whatnot can still ask you to undergo KYC. If that happens, the non-custodial exchange will LOCK YOUR COINS until you go through KYC. So non-custodial, much great... woof.
|
|
|
|
▄▄███████▄▄███████ ▄███████████████▄▄▄▄▄ ▄████████████████████▀░ ▄█████████████████████▄░ ▄█████████▀▀████████████▄ ██████████████▀▀█████████ █████████████████████████ ██████████████▄▄█████████ ▀█████████▄▄████████████▀ ▀█████████████████████▀░ ▀████████████████████▄░ ▀███████████████▀▀▀▀▀ ▀▀███████▀▀███████ | ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ Playgram.io ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | ▄▄▄░░ ▀▄ █ █ █ █ █ █ █ ▄▀ ▀▀▀░░
| │ | ▄▄▄███████▄▄▄ ▄▄███████████████▄▄ ▄███████████████████▄ ▄██████████████▀▀█████▄ ▄██████████▀▀███▄██▐████▄ ██████▀▀████▄▄▀▀█████████ ████▄▄███▄██▀█████▐██████ ██████████▀██████████████ ▀███████▌▐██▄████▐██████▀ ▀███████▄▄███▄████████▀ ▀███████████████████▀ ▀▀███████████████▀▀ ▀▀▀███████▀▀▀ | | │ | ██████▄▄███████▄▄████████ ███▄███████████████▄░░▀█▀ ███████████░█████████░░█ ░█████▀██▄▄░▄▄██▀█████░█ █████▄░▄███▄███▄░▄██████ ████████████████████████ ████████████████████████ ██░▄▄▄░██░▄▄▄░██░▄▄▄░███ ██░░░█░██░░░█░██░░░█░████ ██░░█░░██░░█░░██░░█░░████ ██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████ ███████████████████████ ███████████████████████ | | │ | ► | |
[/
|
|
|
dkbit98
Legendary
Offline
Activity: 2408
Merit: 7547
|
|
March 09, 2022, 07:38:13 PM |
|
What's an instant exchange? You mean centralized swap services?
Yes, something like changelly, changenow, sideshift, simpleswap etc. people call this instant exchanges and even some hardware wallets are using their services. They usually charge higher fees than normal centralized exchanges, but you don't have to withdrawal fees because you are getting converted coins directly in your wallet address. Some of this exchanges can be risky and I even saw people complaining being scammed using some of them. I guess one of the safest way for swapping coins would be using atomic swaps, one exists for BTC-XMR called unstoppableswap.net but only for smaller amount of coins, and bugs are still possible.
|
|
|
|
n0nce
|
You don't need to do KYC. However, their partner exchanges and whatnot can still ask you to undergo KYC. If that happens, the non-custodial exchange will LOCK YOUR COINS until you go through KYC.
So non-custodial, much great... woof.
Actually, they can be non-custodial, if they use some sort of atomic swap (like a submarine swap for Lightning). In that case, nobody can lock up your funds since you don't 'go first'. Not sure if this exists, though. I believe https://boltz.exchange/ is like this ( onion), but it only has Bitcoin, Lightning and Ethereum, no Monero.
|
|
|
|
Pmalek
Legendary
Offline
Activity: 2940
Merit: 7532
Playgram - The Telegram Casino
|
|
March 19, 2022, 08:14:40 AM |
|
Actually, they can be non-custodial, if they use some sort of atomic swap (like a submarine swap for Lightning). In that case, nobody can lock up your funds since you don't 'go first'. Not sure if this exists, though. I believe https://boltz.exchange/ is like this ( onion), but it only has Bitcoin, Lightning and Ethereum, no Monero. I have never used Boltz exchange to be honest, but I have heard of it being mentioned on the forums a few times. I have never seen it mentioned in a negative context while there are many accusations and issues with instant swap platforms like the ones listed previously. That leads to the conclusion they aren't operating in the same way and their claims of being non-custodial aren't true (not talking about Boltz here). If those swap platforms were non-custodial, I should have a chance to withdraw my money if I am not happy with certain terms, but I don't think that's what's happening, and if it was possible, they wouldn't have such a bad reputation and instances of the occasional scam here and there.
|
|
|
|
▄▄███████▄▄███████ ▄███████████████▄▄▄▄▄ ▄████████████████████▀░ ▄█████████████████████▄░ ▄█████████▀▀████████████▄ ██████████████▀▀█████████ █████████████████████████ ██████████████▄▄█████████ ▀█████████▄▄████████████▀ ▀█████████████████████▀░ ▀████████████████████▄░ ▀███████████████▀▀▀▀▀ ▀▀███████▀▀███████ | ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ Playgram.io ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | ▄▄▄░░ ▀▄ █ █ █ █ █ █ █ ▄▀ ▀▀▀░░
| │ | ▄▄▄███████▄▄▄ ▄▄███████████████▄▄ ▄███████████████████▄ ▄██████████████▀▀█████▄ ▄██████████▀▀███▄██▐████▄ ██████▀▀████▄▄▀▀█████████ ████▄▄███▄██▀█████▐██████ ██████████▀██████████████ ▀███████▌▐██▄████▐██████▀ ▀███████▄▄███▄████████▀ ▀███████████████████▀ ▀▀███████████████▀▀ ▀▀▀███████▀▀▀ | | │ | ██████▄▄███████▄▄████████ ███▄███████████████▄░░▀█▀ ███████████░█████████░░█ ░█████▀██▄▄░▄▄██▀█████░█ █████▄░▄███▄███▄░▄██████ ████████████████████████ ████████████████████████ ██░▄▄▄░██░▄▄▄░██░▄▄▄░███ ██░░░█░██░░░█░██░░░█░████ ██░░█░░██░░█░░██░░█░░████ ██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████ ███████████████████████ ███████████████████████ | | │ | ► | |
[/
|
|
|
n0nce
|
|
March 20, 2022, 01:28:22 AM |
|
Actually, they can be non-custodial, if they use some sort of atomic swap (like a submarine swap for Lightning). In that case, nobody can lock up your funds since you don't 'go first'. Not sure if this exists, though. I believe https://boltz.exchange/ is like this ( onion), but it only has Bitcoin, Lightning and Ethereum, no Monero. I have never used Boltz exchange to be honest, but I have heard of it being mentioned on the forums a few times. I have never seen it mentioned in a negative context while there are many accusations and issues with instant swap platforms like the ones listed previously. That leads to the conclusion they aren't operating in the same way and their claims of being non-custodial aren't true (not talking about Boltz here). If those swap platforms were non-custodial, I should have a chance to withdraw my money if I am not happy with certain terms, but I don't think that's what's happening, and if it was possible, they wouldn't have such a bad reputation and instances of the occasional scam here and there. Actually, it is non-custodial indeed. Here's from the FAQ. Non custodial exchanges give you full control over your funds. All trades on Boltz are executed in a way that we cannot steal any money from you. Period. Either the trade happens entirely and you get the exact amount of the asset you were promised or you will be able to do a refund. This concept is called atomicity and it is achieved by Boltz with so-called Submarine Swaps. You can read more about them in this blog post. Disclaimer for clarity: I have used it only twice a long time ago and I have no affiliation, I just remembered something about it not being custodial / trustless when this topic came up.
|
|
|
|
darkv0rt3x
|
|
April 02, 2022, 10:52:16 AM |
|
I didn't read all the replies but I have a question about using many different addresses for the purpose of anonymity. So, for instance, if I am an organization that needs funds to work and those funds are coming from Bitcoin and I want to keep the organization anonymity, how one will handle the total amount if I need to spend it all at once, or at least, I need to gather the amount of, let's say, 15 different addresses? Like, can one keep the anonymity using a 3rd party wallet that can handle the amounts in all addresses and create transactions for my needs and still keep the anonymity?
I ask this because when we use web blockchain explorers to check addresses balances, most of them show us an anonymity rate and many times the problem is re-using addresses and another is emptying an address of its total amount. So, my dilema here is if I want to keep anonymity, I have to use a new address for every amount received/sent but to do this I need to trust a 3rd party app or code or service (in case of web sites).
|
Bitcoin is energy. Bitcoin is freedom I rather die on my feet than living on my knees!
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1694
Merit: 8318
Bitcoin is a royal fork
|
|
April 02, 2022, 02:01:35 PM |
|
Like, can one keep the anonymity using a 3rd party wallet that can handle the amounts in all addresses and create transactions for my needs and still keep the anonymity?
Can't you do the same with a non-custodial wallet that supports coin selection? (Such as Electrum) So, my dilema here is if I want to keep anonymity, I have to use a new address for every amount received/sent but to do this I need to trust a 3rd party app or code or service (in case of web sites). There's no need to trust a third party app. You only need an HD wallet that derives new addresses each time it's queried.
Your text is a little bit confusing. In case I haven't understood it correctly, could you elaborate?
|
|
|
|
n0nce
|
|
April 02, 2022, 03:49:09 PM |
|
~ Your text is a little bit confusing. In case I haven't understood it correctly, could you elaborate?
His dilemma is: - Option A: always hand out the same address - all payments are correlated by having the same output address, but he can spend the whole amount at once without issue.
- Option B: always give a fresh address - all payments are non-correlatable, but if he needs to spend more than what the largest UTXO allows to spend, he has to use multiple inputs which links them.
I believe Option B will still be better, because you may need to correlate inputs from time to time when doing larger payments, but that won't always be required; when taking Option A, you'll always correlate all incoming payments. Biggest downside of Option B is the associated higher cost of multi-input transactions. On the other hand, as a business / organization, you don't really have to care, because you're at most breaking the senders' anonymity by breaking the unlinkability of their transactions. Basically, if someone wants privacy, that's going to be 'sender privacy' and they'll have to mix their UTXOs before paying, not after receiving.
|
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1694
Merit: 8318
Bitcoin is a royal fork
|
|
April 03, 2022, 12:01:17 PM |
|
Biggest downside of Option B is the associated higher cost of multi-input transactions. There's no downside. If you use option A, you can spend all the inputs at once, which will reduce the fee by a lot, especially if you used a different transaction for each input. If you use option B, you can choose to either sacrifice your privacy and spend all the inputs at once, or retain it with a higher cost. Anyhow, option B is better, because it leaves you choose to either do it a la option A or even better privacy-wise.
|
|
|
|
n0nce
|
|
April 03, 2022, 01:49:41 PM |
|
Anyhow, option B is better, because it leaves you choose to either do it a la option A or even better privacy-wise.
Right, that was my impression as well. ( you may need to correlate inputs from time to time when doing larger payments, but that won't always be required) If you use option A, you can spend all the inputs at once, which will reduce the fee by a lot, especially if you used a different transaction for each input. If you use option B, you can choose to either sacrifice your privacy and spend all the inputs at once, or retain it with a higher cost.
How's that? If you use more inputs, your transaction size increases. In option A, there will always only be a single input, which is the smallest payment transaction that you can build. Well, second, after the script for a payment that has a single output.
|
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1694
Merit: 8318
Bitcoin is a royal fork
|
In option A, there will always only be a single input, which is the smallest payment transaction that you can build. If you fund an address twice, you have two UTXOs, not one. As said by ETFbitcoin, Bitcoin isn't balance-based.
|
|
|
|
n0nce
|
In option A, there will always only be a single input, which is the smallest payment transaction that you can build. If you fund an address twice, you have two UTXOs, not one. As said by ETFbitcoin, Bitcoin isn't balance-based. Of course, I'm aware of that, but funding it twice means both UTXOs are spendable by the same private key. Think of how the spending script / witness of a transaction looks like when spending funds of 2 addresses versus a single address (no matter how many UTXOs). For instance, in the latest block we can find a single-input transaction: https://mempool.space/tx/dcc7b78d453f122cba89cc0168a5a079f9b0b391b474e76e7d12646abebf8e06It has a size of 286 Bytes and a single spending script. OP_PUSHBYTES_71 304402200142a34d000c6f13f65fdc7fbbf5ee5c418e58a09c6b6355125d07e2276e5a3a022039b4dc55510081ec5f882e4a4f79ed4d9b20b15580632cfe201535a0785c7f9101 OP_PUSHBYTES_65 047146f0e0fcb3139947cf0beb870fe251930ca10d4545793d31033e801b5219abf56c11a3cf3406ca590e4c14b0dab749d20862b3adc4709153c280c2a78be10c
The input address has been funded multiple times, yet only one script is needed. https://mempool.space/address/17A16QmavnUfCW11DAApiJxp7ARnxN5pGXAnother transaction that has multiple inputs, needs multiple spending scripts: https://mempool.space/tx/15d3611435cc6125758790d13bd2f636559cfc5cac6f58dd9524b7b75b07d733Hence its size is 591 Bytes and it has three scripts: OP_PUSHBYTES_22 0014a3755d554e457e5a2e44973884bb7e7e25dbd64e 3044022059653ba2d57dcee217a1b55422dce4a67b1d92fe80b790a1db16e5aa044245980220705dca7251f2f54200cd35661ce44d13e2bfb5e4081944d12678a18b539b04f001 021273a7845a40aaf8d57be12ab76ec6f77f0ac21e7d38005b66bf81dc2ca58ca8
OP_PUSHBYTES_22 00146d40fa34bc59113c9dbdc3073c3e8d02195e34f1 3044022000fdc16651b8c099c1e27adbf3cbb2bb91c2119cb0779e32362f62133620579d02204ae0a7a37d6dde49a23f6038816ef24ba4296abb96940eeeb6aa8475965614e301 03e8e7e3676d4f964611963e428cc40eb1d537fda89dc7018a7a653b0b85dafe1d
OP_PUSHBYTES_22 0014631a381674498ee85653637f90d77d70cd2d47f8 3044022073769b7f4f4f6a9dd08114ad475ec9096ae9f00f99f2280144ab591a3b822af502205f0e1700ba72ca54f6de65344c6aad2ab1757189da1fc811b3f7d42b68e1cd1601 035b0225eee582b3cbb7f5567cff622cc8e8fc0bf53b652ffdecdbd21a534cc6a9
These input addresses are SegWit though, so it's not much larger than the other transaction indeed. I pasted the witnesses as well, but only the OP_PUSHBYTES_22 lines are ScriptSigs here, whereas in the other transaction the single ScriptSig is quite a bit larger.
Maybe a better single-input transaction is this one, since it is also SegWit: https://mempool.space/tx/7b63b2d05c665c5ae560e57b087947f106d4996ddba0e9511254f48f807a1439It's just 250 Bytes compared to the 591 Byte transaction with 3 inputs, which costs over twice as much in fees. The spending script is just: OP_PUSHBYTES_22 00149d27f79b78ef9c582b8abcec5d266d6a8bfb6ca7
With the following witness. 3045022100ca6637bc27e83ad6a9f8ffe6c36b9e5d62009d18f133d911635faf19eb5bceaa0220422d1b9f3ec222706113c74407b8875bdccf7c3ea93b04ceea0982158a7e513b01 037f358af11fd794b41c5c157725371b4fddcf7b26ae28b465d6e3ea69d9c6cabf
If we inspect the address, we can see that a single small script like this spends the funds of 1 address that has seen over 13,000 transactions. https://mempool.space/address/3J5ZgXpkCffMoDi1snLMw9bY5GCUxyN8nwAfter scrolling a bit, they all look like deposits, so tons of UTXOs. All spent with a single private key, a single signature actually.
|
|
|
|
PrimeNumber7
Copper Member
Legendary
Offline
Activity: 1652
Merit: 1901
Amazon Prime Member #7
|
|
April 03, 2022, 09:58:59 PM |
|
Biggest downside of Option B is the associated higher cost of multi-input transactions. There's no downside. If you use option A, you can spend all the inputs at once, which will reduce the fee by a lot, especially if you used a different transaction for each input. If you use option B, you can choose to either sacrifice your privacy and spend all the inputs at once, or retain it with a higher cost. Anyhow, option B is better, because it leaves you choose to either do it a la option A or even better privacy-wise. With option A, those who are donating know in advance there is a privacy risk prior to sending their coin. With option B, those who are donating think they will have privacy, and may not take steps to improve their privacy prior to sending the donation. Option B will also likely result it in taking longer for privacy to be reduced. I would describe this as a negative because it may result in someone letting their guard down.
|
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1694
Merit: 8318
Bitcoin is a royal fork
|
|
April 04, 2022, 11:04:09 AM |
|
[...] This is indeed correct, I hadn't thought of it. Thanks! With option A, those who are donating know in advance there is a privacy risk prior to sending their coin. With option B, those who are donating think they will have privacy, and may not take steps to improve their privacy prior to sending the donation. I think we're nearby the obvious here. If you're going to donate to an organization regarding Ukraine you should either way be cautious. I'll give a better example: If you're going to buy drugs, is it the address reuse that will make you give special importance to your privacy protection?
|
|
|
|
arabspaceship123
Full Member
Offline
Activity: 896
Merit: 193
web developer for hire
|
|
April 04, 2022, 12:28:55 PM |
|
Hi, I am doing a website project to my new clients. Basically they are a group of atheist individuals from Saudi, Iran and other few Middle East countries.
They want to accept bitcoin donation on website. They demand a system that generates new wallets address every time they accept donation.
Overall, they wanna accept and store bitcoin donations securely and anonymously** online. What is the best solution.
Thanks
Thank you guys for the input! I think it is better to outsource and do this task with help of crypto experts. Their life is important. Thank you again Really ? You could've asked for help without naming countries. You've felt important typing them. You're doing a website for new clients who need anonymity because their lives are important. They've contacted you for the website you don't know how to make anonymous bitcoin donations ? What's really this thread about ?
|
█████████████ ARABSPACESHIP 123 سفينة الفضاء العربية ١٢٣ ████████████ | | || | avatar & signature available to rent | || | | ██████████████████████ Hire me to design your websites ██████████████████████
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18726
|
|
April 04, 2022, 02:19:31 PM |
|
-snip- I might be completely misunderstanding your point, but the single input transactions you have linked to are smaller because they only spend a single UTXO, not because the input address has been reused multiple times. Here is a transaction which spends two UTXOs from the same address. Each input requires it's own signature, since UTXOs are identified by the TXID which created them and the number of outputs in that transaction, and not by whichever address they end up at. In the first transaction you link - https://mempool.space/tx/dcc7b78d453f122cba89cc0168a5a079f9b0b391b474e76e7d12646abebf8e06 - only one signature is needed because only one UTXO is spent, specifically the 2nd output (0 based numbering) from this transaction: https://mempool.space/tx/add0611d0b7b1d1bcada5c4d4bdb4df425ffbcffbb06a3ae6181496a730e97ff:2The second example you give - https://mempool.space/tx/7b63b2d05c665c5ae560e57b087947f106d4996ddba0e9511254f48f807a1439 - has again only spent a single UTXO, specifically the 1st one from this transaction: https://mempool.space/tx/55f932c9334e088f1998a6bb3f232013b12753ca3a67280f0a5988a54717cb44:1In either of the examples you gave, if the owner of those addresses had chosen to spend multiple UTXOs from those addresses, they would still have had to provide a separate signature for each input, despite them all being present on the same address. If I spend 10 inputs on the same address or 10 inputs spread across 10 different addresses, then all else being equal the transactions will be of identical size.
|
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1694
Merit: 8318
Bitcoin is a royal fork
|
|
April 04, 2022, 02:42:12 PM |
|
If I spend 10 inputs on the same address or 10 inputs spread across 10 different addresses, then all else being equal the transactions will be of identical size. The question that comes to mind is: Why do you have to include your public key to scriptSig 10 times if it's from the same address? Isn't 1 enough?
|
|
|
|
n0nce
|
|
April 04, 2022, 03:39:29 PM |
|
In either of the examples you gave, if the owner of those addresses had chosen to spend multiple UTXOs from those addresses, they would still have had to provide a separate signature for each input, despite them all being present on the same address.
If I spend 10 inputs on the same address or 10 inputs spread across 10 different addresses, then all else being equal the transactions will be of identical size.
Oh bloody hell, right, I'm sorry! My Bitcoin basics got a little rusty, I guess. I was under the assumption that you can spend multiple UTXOs which are spendable with the same private key, using a single spending script. In the example you gave, both UTXOs have the same output script: OP_DUP OP_HASH160 OP_PUSHBYTES_20 9c986d774606de094dd48e69ecdf1af34bbb84c0 OP_EQUALVERIFY OP_CHECKSIG
However, the OP_CHECKSIG is what makes the difference. The entire transaction's outputs, inputs, and script (from the most recently-executed OP_CODESEPARATOR to the end) are hashed. The signature used by OP_CHECKSIG must be a valid signature for this hash and public key. If it is, 1 is returned, 0 otherwise.
The signature of two different UTXOs is obviously going to have to be different. If I spend 10 inputs on the same address or 10 inputs spread across 10 different addresses, then all else being equal the transactions will be of identical size. The question that comes to mind is: Why do you have to include your public key to scriptSig 10 times if it's from the same address? Isn't 1 enough? I think that's due to Script being stack-based and popping the value after using it. Therefore you need to add it 1 more time for every extra OP_CHECKSIG that you want to perform.
|
|
|
|
garlonicon
Copper Member
Legendary
Offline
Activity: 914
Merit: 2200
Pawns are the soul of chess
|
|
April 04, 2022, 04:09:27 PM |
|
The signature of two different UTXOs is obviously going to have to be different. It is only partly true, because you can use some tricks to make it the same, for example: "300602010102010103 OP_SWAP OP_CHECKSIG". In that case, you can create two UTXO's with the same signature. You can also replace SIGHASH_SINGLE with SIGHASH_ALL, in this case it will still be spendable. If (r;s) pair is equal for two different UTXO's, then you can still switch to a different (Q;z) pair and get a valid signature.
|
|
|
|
|