What are the characteristics of the ideal digital signature for cryptocurrency transaction verification?
The reason I ask is because this answer about bitcoin signatures describes a potential vulnerability which makes this particular use of ECDSA sub-optimal with a possible solution in the comments.
I understand that the ideal characteristics may be currently impossible, such as being collisionless, or even worse forever contradictory but would like to know to understand this particular application of digital signatures.