I would like to create a Taproot wallet that meets the following conditions:
- Users can use their keys to spend UTXOs at any time
- There is a special key, provided by a recovery service, that can only be used to spend UTXOs after one year. This is the case when the user loses the seed and so a trusted recovery service can act.
I created the following miniscript to meet these requirements:
tr(
dummy_key,
{and_v(
v:pk(recovery_key),
older(52560)
),
pk(user_xpub)}
)
Examples for the above variables:
let dummy_key = "d01115d548e7561b15c38f004d734633687cf4419620095bc5b0f47070afe85a";
let user_xpub = "[6f53d49c/44h/1h/0h]tpubDDjsCRDQ9YzyaAq9rspCfq8RZFrWoBpYnLxK6sS2hS2yukqSczgcYiur8Scx4Hd5AZatxTuzMtJQJhchufv1FRFanLqUP7JHwusSSpfcEp2/0/*";
let recovery_key = "c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5";
So my understanding is:
-
The above script path correctly supports any key derived from user_xpub at anytime OR the recovery_key after one year.
-
Since the tr() expression needs to support the case where the user has lost their seed/signer wallet and can no longer sign transactions, user_xpub cannot be in the key path and a dummy key must be used. Therefore, a dummy key shared between the recovery service and the user is the only way to make this script work.
-
The above script works interchangeably with public and private keys.
Are statements 1,2 and 3 correct?
