While laying in bed this morning I had a flash of insight on how to significantly reduce the size of the signatures that prove who a payment is from.
Given Public Information (in blockchain):
dan => DANS_EXT_PUBLIC_KEY
scott => SCOTTS_EXT_PUBLIC_KEY
Assuming scott wants to send dan a payment anonymously, yet wants dan to know it is from him.
scott: Generate OneTimePrivateKey & OneTimePublicKey Pair
scott: OneTimePrivateKey * DANS_EXT_PUBLIC_KEY => SECRET
DANS_EXT_PUBLIC_KEY.child( SECRET ) => RECEIVE_PUBLIC_KEY => RECEIVE_ADDRESS
scott: RECEIVE_PUBLIC_KEY * SCOTTS_EXT_PRIVATE_KEY => CHECK_SECRET
=> SHORT_HASH(CHECK_SECRET) == SHORT_SIGNATURE
scott-broadcast: OneTimePublicKey + RECEIVE_ADDRESS + ENCRYPT( from scott + SHORT_SIGNATURE, SECRET )
dan: OneTimePublicKey * DANS_EXT_PRIVATE_KEY => SECRET
DANS_EXT_PRIVATE_KEY.child( SECRET ) =>
RECEIVE_PRIVATE_KEY =>
RECEIVE_PUBLIC_KEY => RECEIVE_ADDRESS
dan: DECRYPT( data, SECRET ) => "from scott" + SHORT_SIGNATURE )
dan: SCOTT_EXT_PUBLIC_KEY * RECEIVE_PRIVATE_KEY => CHECK_SECRET => SHORT_HASH(CHECK_SECRET)
HI BM , I know you are busy recently , if you have spare , can you explain why use EXT_PRIVATE_KEY.child( SECRET ) rather than EXT_PRIVATE_KEY(SECRET) ,
generate many child key is the reason of low inefficiency?