Following up on #130598.
I constructed a CAT + CSFS oracle-style script on signet (commit, reveal):
OP_CAT OP_SHA256 OP_CHECKSIGFROMSTACK
Witness: [sig, PART1, PART2]
Message: SHA256(PART1 || PART2)
Since CSFS solely checks the message, the identical (sig, PART1, PART2) seems to be reusable throughout a number of UTXOs with appropriate scripts.
For value oracles that is often acceptable. But when the purpose is single-use authorization (i.e., the signature ought to solely be legitimate for one particular UTXO):
- Is committing to the outpoint contained in the message the one common method?
- Or is there a script-level sample that avoids requiring the oracle to attend for the UTXO to exist earlier than signing?
