One thing about duplicating a group proof on each input is that it doesn’t protect against a constructor removing an input. It protects against reordering, but if a constructor decides to swap an input with a more desirable one, then the proof is invalidated and won’t be detectable. It will just fail when verifying. This would require setting Inputs Modifiable to false if any shares and proofs were added before signing, which I don’t think we want.
1 Like