No, it’s not secure. If the random nonce ok is revealed, the counterparty can calculate your personal key.
A Schnorr signature consists of two scalars (r,s). The place r is the x coordinate of a degree R generated from a random nonce ok. If I perceive you proper, you’re asking whether or not it’s secure to disclose this ok.
A Schnorr signature is generated within the following method:
- m: message
- x: personal key
- P: public key;
P = x×G - ok: random nonce
- R: random level;
R = ok×G r = R.x(x coordinate of random level R)s = ok + hash(P,R,m)•x
If either side of the final equation are multiplied with the generator level G:
s = ok + hash(P,R,m)•x
s×G = (ok + hash(P,R,m)•x)×G
s×G = ok×G + hash(P,R,m)•x×G
s×G = R + hash(P,R,m)•P
So, any third social gathering can examine whether or not the signature is legitimate by plugging (r,s), the message m from the context of the transaction, and the general public key P from both the prior output or the witness construction into:
s×G = R + hash(P,R,m)•P
If the equation holds, the signature proves that the signer knew the personal key x equivalent to the general public key P.
No, it isn’t secure to share ok, as a result of given ok the counterparty can resolve for the personal key on this equation solely composed of scalars:
x = (s - ok) / hash(P,R,m)
