To the Math wiz out there, the ideal solution would be an SP address that can be derived from the pubkey directly in such a way that nobody needs to "set it up" with a supporting client.
The goal is...
What's the goal? More precisely, what do you mean by 'proof'? I don't think you're really asking about SP, and key derivation, and Diffie-Hellman shared tweaks, or any of that. You're asking more about proofs that a transaction happened
> Zap events then would have to contain a proof of a bitcoin transaction without identifying it directly.
There is no such proof, except maybe with some zero-knowledge magic, and I don't think ZK systems are mature enough and scalable enough and simple enough to be used for this today
Is it sufficient that both the sender and receiver sign an event which basically says "trust us, this on-chain zap happened"? Or do you really need a proof that the transaction happened?
> Zap events then would have to contain a proof of a bitcoin transaction without identifying it directly.
There is no such proof, except maybe with some zero-knowledge magic, and I don't think ZK systems are mature enough and scalable enough and simple enough to be used for this today
Is it sufficient that both the sender and receiver sign an event which basically says "trust us, this on-chain zap happened"? Or do you really need a proof that the transaction happened?
1