Hi opus-lux, thanks for sharing your idea. It sounds potentially interesting, but I don’t understand your proposal well-enough, yet. Is there a more comprehensive description somewhere?
I’m not sure I fully understand this part. Would output scripts based on this construction commit to exactly one Winternitz public key, or would they commit to the whole authorization chain? The former would be an issue, as we need to be able to produce more than one signature for an output script, e.g., when our first transaction attempt does not succeed, we want to be able to make a higher feerate transaction, or when we create transactions with inputs from multiple users and a participant defects.