Bitcoin’s Taproot/Schnorr Made Simple
You may have heard some of the buzz around the Taproot/Schnorr implementation coming to Bitcoin, but what does it mean exactly? In this article, we explain what they mean, and why they are important to the continued success of Bitcoin.
Bitcoin’s Taproot and Schnorr Proposals Made Simple
It’s not always easy to understand what’s “under the hood” as far as Bitcoin is concerned, which is why we’ve dedicated an article to helping you understand some upcoming changes expected to be included in the next release of the Bitcoin Core software client. A series of proposals that have already been green-lit by the developer community – most commonly referred to as Taproot/Schnorr – aim to introduce some sophisticated alterations that will allow Bitcoin to do things which it previously could not.
Today we present to you not only a very basic primer on the changes being introduced by Taproot/Schnorr, but the rationale behind why they should be made in the first place, so that you, as a BTC holder and/or enthusiast, can be a bit better informed about what makes Bitcoin so great, and what helps it along on its quest to become the future of money.
Taproot/Schnorr will add a lot of privacy. You won't be able to tell by the output anything about the conditions which will allow someone to spend it. It could be single-key, multi-key or a timelocked k-of-n. Huge win, IMO.
— Jimmy Song (송재준) (@jimmysong) February 18, 2020
Why Does Bitcoin Need to be Changed?
Since its initial release by Satoshi Nakamoto in 2009, the Bitcoin Protocol has changed quite a bit, and even though it is entirely functional now, it still gets new updates pretty regularly. In addition to fixing minor bugs and technical problems, the reason why Bitcoin continues to undergo transformations like Taproot/Schnorr (a soft fork) is because it is still sorely lacking in terms of transaction capacity, aka its ability to scale. In its current state, the Bitcoin Network can process a maximum of roughly 7 transactions per second, which renders it extremely slow compared to what major credit card agencies like Visa or MasterCard are capable of performing (for example, the Visa network is capable of processing up to 65,000 transactions per second).
Because of its backlog of transactions (known as the mempool), it often times takes 30 minutes to an hour for a single transaction to be confirmed. This means that Bitcoin simply can’t handle an increased user demand as it currently is, and needs modifications in order to achieve mass adoption. However, these changes need to be carefully implemented in such a manner that Bitcoin’s accessibility is not compromised and it can remain decentralized, run by anybody.
Bitcoin’s scalability is limited largely by the size of each transaction. In order for a bitcoin transaction to be validated by miners and added to the blockchain, it must contain certain information necessary to prove that sufficient coins are owned by the party/parties transmitting them, as well as information required to relay the transaction from one address (or multiple addresses) to another. This means that each transaction takes up a certain amount of bytes, and as each block can only hold 1 megabyte, only a certain number of transactions can fit in each block.
How Can Bitcoin Scale?
Though the obvious solution would be to increase the block size limit, which is exactly what hard-forked coins like Bitcoin Cash (BSV) and Bitcoin SV (BSV) have done. Bitcoin itself (BTC) has resisted this change due to the fact that a blockchain that is too large cannot be stored by anybody, but would require specialized servers dedicated to the task. This would in turn limit the ability to run full nodes to those who were well-financed, potentially cutting out everyday users from having a say in how the network should be run. Unfortunately, its commitment to remaining decentralized has left Bitcoin without the ability to truly scale to a mainstream-level degree on its own. While the Lightning Network proposes a scalability solution by moving transactions off-chain, it remains overwhelmingly complex for most users and is still in rather early phases of development.
However, what if there was a way to make each bitcoin transaction smaller, therefore allowing more transactions to fit into each block? This is exactly what was accomplished with the soft fork introduction of SegWit in Bitcoin’s last major upgrade, signaled into activation in August 2017, and what is being expanded upon with Schnorr and Taproot in the next one. Though it is not known when the upgrade will occur (presumably it will be named the Bitcoin Core 0.20 client release), the changes to allow for smaller transactions have already been proposed in a series of three BIPs, or Bitcoin Improvement Protocols (BIP 340, 341 and 342).
What is Schnorr and Taproot?
Without getting too technical, we describe what inclusion of each of the three new BIPs accomplishes below.
- BIP 340: Schnorr Signatures. As original implemented by Satoshi Nakamoto, Bitcoin’s underlying cryptographic mechanism relies upon the Elliptic Curve Digital Signature Algorithm (ECDSA). This allows Bitcoin’s private and public key pairs to be generated in a secure fashion to ensure that coins can only be spent by their rightful owner. The Schnorr signature algorithm is an alternative way to generate key pairs which has several advantages over ECDSA.
For one, its public keys and signatures are smaller in size, meaning less data has to be included in each bitcoin transaction. Another advantage is that it allows parties in a multisignature transaction to generate a single signature that represents all of the public keys involved rather than each public key being included in the transaction separately, thereby saving transaction data size. Lastly, Schnorr signatures are more secure than ECDSA signatures, as they rely upon a lower degree of assumptions and are non-malleable, meaning there is no chance that a message can be altered after being signed.
- BIP 341: Taproot. Taproot is the name given to a series of changes designed to provide better fungibility in bitcoin transactions by disguising the type of transaction being made. In essence, regardless of whether it is a simple transaction between two parties, a multisignature transaction, a Lightning Network channel being opened or closed, or even a complex smart contract-related transaction, Taproot allows all signatures to have the same sort of format, meaning it is much more difficult for blockchain observers to know which type of transaction is being made.
This type of change, first proposed by Bitcoin Core developer Greg Maxwell in January 2018, can only be made possible with the implementation of Schnorr signatures, and provides BTC users with a greater degree of privacy by obfuscating some details of their transactions. It also allows Bitcoin users to run sophisticated smart contracts at a fraction of the cost by cutting back on the fee required to execute each related transaction. It is estimated that Taproot could save smart contract and multisig users up to 75% in transaction fees, simultaneously accelerating block validation times by up to 250%.
- BIP 342: Validation of Taproot Scripts. This BIP basically serves to ready the Bitcoin infrastructure to process Schnorr signatures. It does this by modifying a number of signature opcodes which guide how certain scripts related to transaction processing handle Schnorr-based transactions. Thanks to BIP 342, which is perhaps the trickiest of all three BIPs, the Bitcoin Network will be able to process both ECDSA and Schnorr signatures while simultaneously allowing advanced scripts and smart contracts to be run without necessitating a hard fork.
Bitcoin itself has not had a hard or soft fork in over two years, with the last hard fork being Bitcoin Cash, and the last soft fork being the implementation of SegWit, both occurring in August 2017. This time around, the changes being made are likely to be far less contentious, as there is no block size limit debate at play, and Taproot/Schnorr do not alter the Bitcoin protocol at a base level.
Regardless of how complex they may be, it is important for all BTC holders to have a fundamental understanding (or at least awareness) of changes being implemented in Bitcoin. This will help them to not only make more informed investment decisions but be ready to counter misinformation as well.
For a more in depth explanation of Taproot/Schnorr, this well-written Medium article by Galaxy Digital is a good place to start. Alternatively, if you have any questions on the proposals, feel free to leave them in the comment box below, and we’ll be sure to get back to you as soon as we can.