On Sun, Jul 8, 2018, 07:26 Erik Aronesty via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
To save space, start with the wiki terminology on schnorr sigs.

Consider changing the "e" term in the schnorr algorithm to hash of message (elligator style) to the power of r, rather than using concatenation.  

This is a very vague description. Is there some paper you can reference, or a more detailed explanation of the algorithm?

This would allow m of n devices to sign a transaction without any of them knowing a private key at all.
IE: each device can roll a random number as a share and the interpolation of that is the private key.   

The public shares can be broadcast and combines.  And signature shares can be broadcast and combined.

The net result of this is it really possible for an arbitrary set of devices to create a perfectly secure public-private key pair set.
At no point was the private key anywhere.

All of this sounds like a threshold signature scheme, which as Tim pointed out is already possible with Schnorr.

What are the advantages of what you're describing?

Cheers,

-- 
Pieter