MuSig / MuSig2
Cryptography● Common
A Schnorr-based multi-signature scheme enabling n-of-n key aggregation into a single public key and signature indistinguishable from a regular single-sig. MuSig2 is the practical variant requiring only 2 rounds of communication (vs 3 in MuSig1), making it suitable for interactive signing. Produces 64-byte signatures regardless of participant count. Requires careful nonce handling to prevent key extraction attacks.
Technical Notes
MuSig2 uses pre-computed nonce commitments to achieve 2-round signing. The aggregated public key P = H(L,X1)·X1 + H(L,X2)·X2 + ... where L is the multiset of all pubkeys. Vulnerable to rogue key attacks without proof-of-possession or key aggregation coefficient.
Metadata
Visibility: Public
Created:1/3/2026by System