Generating a taproot utxo and proving ownership

This whole process could be completely invisible to the user, but unfortunately the current world of Bitcoin wallets requires a manual process.
There are two current Bitcoin wallets in wide usage that actually support taproot wallets: Bitcoin Core, and Sparrow. Neither support exporting the private key of an individual address.
As a result, the autct tool has a method "newkeys", which, as explained there, will generate a single private key, output as WIF, along with the corresponding taproot ("p2tr") address.
Here are the steps in detail:
  1. Generate a private key (WIF) and address (bech32m), using this command: target/release/autct -M newkeys -k none. Keep a note of them; you will need them to access your funds!
    Also, add a flag -n mainnet|signet|regtest if you need to; the default is mainnet.
  2. Copy the WIF into a file "privkey" (or any name) in the working directory. Recommendation: make its read permission user-only.
    • If you are using Core (Ignore and go to the next step if using Sparrow)
    . Do the following sub-steps using the RPC:
    bitcoin-cli getdescriptorinfo "tr(WIF)"
    The output of getdescriptorinfo will show you the checksum in the "checksum" field. Copy it. Then:
    bitcoin-cli importdescriptors "[{\"desc\":\"tr(WIF)#abcdefg\",\"timestamp\":\"now\",\"label\":\"anything\"}]" where "abcdefg" should be replaced with your checksum. Copy this syntax exactly; the backslashes are escaping each " except the outer ones.
    You can use e.g. bitcoin-cli getaddressesbylabel anything to sanity check that the address is present in the wallet.
  3. Fund the p2tr address from the first step with any amount above 500K sats.
  4. After confirmation, download the keyset file from here. It will include your utxo, as long as your utxo was in the blockchain before the starting block of that file.
  5. Generate the proof with the command: target/release/autct -M prove -k hodlboardmainnet:name-of-keyset-file -i privkey -b 1024 --base64-proof true. , where the -i argument should match your private key file, and "name-of-keyset-file" should be the (relative or absolute) path to the file you downloaded in the previous step. Don't change the name of the file. Note that the proving is slow; 30-150 seconds is typical currently, though it will be improved later.
  6. Take the base64 string printed out from the previous step and use it in the signup page here.
  7. After you have successfully signed up, sweep the private key into a wallet, either Sparrow (easier for most users), or Bitcoin Core. See a few notes on this below.

Sweeping the funds
If you are using Sparrow: After you've created a new empty wallet, you can go to Tools->Sweep Private Key and then enter the WIF into the first textbox, and choose Script Type : Taproot(P2TR). Then, "Create Transaction" will sweep the funds you earlier used for the proof, into that wallet.

If you are using Core: In this case, you don't need to sweep, but you might want to move the funds, of course: Simply use bitcoin-cli sendtoaddress destination-address amount "" "" true true 3, or similar (check the help of sendtoaddress; the two "" are empty comment fields, the first true means "subtract fee from amount" (so that you don't get change), the second true means RBF, and the 3 is the target blocks to confirmation for the fee estimator).