If I understand correctly, the idea of ppcman and NewMoneyEra is to generate a minting key pair (public + private) and a script signed by the original private key to allow minting with the minting key.
I don’t think it solves the problem of minting key disclosure.
What would prevent some people from giving their minting key pair and the signed script (minting authorization) to a minting pool proposing something like: “Give us your minting keys, we will mint for you and you won’t need to keep a computer running 24/7”?
If such a pool gets a lot of minting keys, it will generate a lot of blocks, and a single entity generating many blocks is bad for the security of the network.
To solve the minting key disclosure issue, we need a system in which the disclosure has drawbacks.
For example:
- the minting reward could be much smaller if you’re minting with a key that isn’t yours (but how to prove that the minting key is yours without using the original private key we’re trying to protect?)
- the node minting a block could decide to what address the reward will be sent (if the pool mints a block, it can keep the reward; that’s an incentive to mint by yourself)