You request commitments just to be sure that everybody is on the samepage and wants to sign the transaction. Then everybody send their Ri's. You verify that the hash of the obtained Ri's match the received commitments ti's. This shows that everybody was honest when they were sending the commitments.
Short answer is that, you don't reveal the data until everybody is onboard. Instead you reveal the hash of the data which does not leak any info since hash functions are one-way functions.
15:20 Why there is a need to send ti if Ri is sent too and ti could be computed from it?
ti's are commitments. When every ti is received, they send Ri's to each other and check if hash of Ri's match the commitments ti's.
@@CihangirTezcan sorry, but I still don't understand why is it needed
You request commitments just to be sure that everybody is on the samepage and wants to sign the transaction. Then everybody send their Ri's. You verify that the hash of the obtained Ri's match the received commitments ti's. This shows that everybody was honest when they were sending the commitments.
@@CihangirTezcan why can't everybody send Ri on the first step?
Short answer is that, you don't reveal the data until everybody is onboard. Instead you reveal the hash of the data which does not leak any info since hash functions are one-way functions.
at5:01 the R should be =g^r
Yes, this was already mentioned in the caption of the video. Thanks.