Why don’t add salt to the tapscript in Taproot?


The corresponding Merkle proof needs to be given when unlocking UTXO using MAST, where the hash of an unused script will be included. For the observation, it is possible to guess the unused script from the hash. For example, I might be able to get some public keys from the script that is actually being executed, and then I combine them with some time locks to try to hash collisions.

Adding salt to the script would seem to easily prevent this, so why hasn’t Taproot done this? Is this because the hash collision described above is basically infeasible, and because adding salt takes up extra witness space?

Source link

Leave a reply