Efficient Verifiably Encrypted ECDSA-Like Signatures and Their Applications

Verifiably encrypted signature (VES) allows a signer to encrypt a signature under the public key of a trusted third party (aka adjudicator) in a verifiable manner. Recently, Yang et al. proposed a practical verifiably encrypted signature scheme for ECDSA and initiated the study of escrow protocol for Bitcoin via VES. This paper generalizes and improves the VES scheme of Yang et al. , such that it covers a family of signatures with similar structures, including ECDSA, Schnorr and their variants. Our construction is very efficient: comparing with Yang et al. ’s construction, the size of the resulting VES (for ECDSA) is reduced by more than 25 times. The only caveat is that the adjudicator is required to store a look-up table of size around 270MB. Our scheme naturally gives rise to escrow protocols for mainstream cryptocurrencies that employ ECDSA-like signatures to authorise transaction, including Bitcoin, Ethereum, Cardano, Chainlink, etc.