Pages:
Author

Topic: [D-8] Bitcoin is getting 3 major upgrades - Schnorr, Taproot and Tapscript (Read 753 times)

hero member
Activity: 2702
Merit: 716
Nothing lasts forever
I first got to know about Taproot when I was attending my first ever meet on the 'Bitcoin Core PR Review Club'. The first meeting was great and I got to know a lot of insightful thoughts.
Then I researched what Taproot is all about and how it will increase privacy in bitcoin transactions. Then I got to know that it will also change from the tradition ECDSA to Schnorr signatures.
The fascinating thing is there's nobody to oppose these upgrades like how people had a huge debate over the SegWit upgrade.
A good number of mining pools have already started showing support for the upgrade. (List of pools supporting Taproot upgrade : https://taprootactivation.com/ )
legendary
Activity: 3430
Merit: 3080
Hello Jet Cash! The year almost passed and I was curious if you can offer some updates regarding the 3 enhancements you mentioned in OP, which were planned for this year - Taproot, Tapscript and Schnorr signatures. What happened with these network upgrades and the soft fork?

there are a few recent developments:

  • the coded versions of the taproot/tapscript/schnorr specifications are in the codebase for Bitcoin 0.21.0, this is available as a testing release from https://bitcoincore.org/bin
  • mining pools with a collective 82.5% of the Bitcoin hashrate have made positive statements of some kind regarding their role in signalling for supporting the soft fork (they seem to prefer BIP8 signalling)

all that remains is for the actual soft-fork activation parameters to be agreed, then written for a possible Bitcoin version 0.21.1 (or 0.21.2, soft fork activation code usually goes into a minor 0.x.x release instead of a major 0.x.0 release). The remaining hashrate represented by the mining pools that haven't made a statement on the softfork will either follow the pools that signal (as there's a possibility of activation on timeout being included in the activation parameters), or run the risk of mining blocks that are invalidated by other Bitcoin nodes. So they would lose their miners to other pools sooner or later.

Once the soft fork activates, then wallet software needs to be rewritten to sign with schnorr, and to read and write taproot script. This will altogether (fork activation + wallet sf upgrading) take several months, hopefully it might be possible to use the features sometime next year. I imagine early 2022 at the latest.
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
There hasn't been a significant upgrade to Bitcoin since SegWit, but I gather there is likely to be a soft fork later this year to introduce these 3 enhancements.

Hello Jet Cash! The year almost passed and I was curious if you can offer some updates regarding the 3 enhancements you mentioned in OP, which were planned for this year - Taproot, Tapscript and Schnorr signatures. What happened with these network upgrades and the soft fork?
member
Activity: 224
Merit: 31
All three of these upgrades are really interesting. Personally cant wait to see the implementation of Schnorr and Taproot to give true privacy features into Bitcoin, indecently i was having a discussion on another thread  (https://bitcointalksearch.org/topic/how-do-they-tag-btc-from-gambling-mixers-dark-markets-etc-5272501) here about tainted coins and how a government and chain analysis company look into transaction history to taint coins (from sources they deem unworthy including mixers and dexes) and black list wallets. The implementation of schnorr and taproot for script privacy should make wallet/use-case fingerprinting more difficult for taint analysis.

Also wouldn't this also help with decorrelation for Lightning Network using PTLCs vs. HTLCs.

Here are some easy to understand articles i found on these proposals for anyone who wants to read up more:

1) https://medium.com/interdax/how-will-schnorr-signatures-benefit-bitcoin-b4482cf85d40

2) https://medium.com/interdax/what-is-taproot-and-how-will-it-benefit-bitcoin-5c8944eed8da

3) https://medium.com/interdax/what-is-tapscript-and-how-will-it-benefit-bitcoin-96fbb43a7169

4) https://bitcoinmagazine.com/articles/2020-and-beyond-bitcoins-potential-protocol-upgrades

5) https://www.coindesk.com/bitcoins-future-exactly-how-a-coming-upgrade-could-improve-privacy-and-scaling
hero member
Activity: 2618
Merit: 548
DGbet.fun - Crypto Sportsbook
Are these updates are added to the network, or those are into implementation. Going through the article Taproot, it is easily understandable for technically skilled one's. More technical things are found in it. If someone can simplify the advantages and the associated update change it'd be helpful to all levels of users.
legendary
Activity: 3472
Merit: 10611
BTCBTCThis is my first time hearing these new updates, I thought Segwit was the last and final update since it will finally make us able to pay a low-cost transactions fees.
SegWit was neither the first nor the last update to bitcoin protocol. it was one of many updates that we had and will continue having. it just made a lot of noise because there were groups of scammers trying to cause drama, the same people who ended up creating their own shitcoin by copying bitcoin and its name.

Quote
with these new updates, we can say that Bitcoin will make another improvement steps ahead from its underdog rival (BCH).
bcash is not bitcoin's rival! it is yet another copycat shitcoin among thousands of them. the fact that they make more noise doesn't make their shitcoin any different from the rest of them.
copper member
Activity: 28
Merit: 0
BTCBTCThis is my first time hearing these new updates, I thought Segwit was the last and final update since it will finally make us able to pay a low-cost transactions fees. with these new updates, we can say that Bitcoin will make another improvement steps ahead from its underdog rival (BCH).
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
i only heard about this topic/upgrades yesterday and have also opened a german thread about it
https://bitcointalksearch.org/topic/was-ist-das-taprootschnorr-upgrade-und-wann-kommt-es-5267427
legendary
Activity: 1904
Merit: 1159
I see a few comments saying that Schnorr signatures will result in making public keys indistinguishable from the transactions and the amounts involved will be invisible, making bitcoin more private. This seems to be a myth as this is not the effect neither the intent of Schnorr induced privacy feature, AFAICT.

Correct, those would require hard fork changes to Bitcoin like the implementation of RingCT in Monero and/or CT on the Liquid sidechain.
Thanks. I'll quote this as a +1 to myself and for clarity on differences between Schnorr's effects and confidential transactions.

Taproot will not hide the actual address/ transaction amounts involved.

True, but combined with Schnorr signatures, there are some pretty interesting applications. One could atomically swap from Bitcoin to a different cryptocurrency, but all an observer could see on the blockchain is a simple payment.

That opens up a whole new world for output mixing and amount obfuscation via private payment channels and atomic swaps.
I am yet to get a hang of the atomic swap concept. That is actually quite interesting that swapping bitcoin would be indistinguishable from a simple payment. While reading about sidechains, i came across the fact that a UTXO generated on parent chain is locked to the SPV proof on the child chain. This gets confusing very quickly and will take some more time to understand, at which point, I'd be happy to share my understanding.

I look at crypto from multiple angles.

--snip--
I don’t think these ideas to make Btc more flexible to move around are bad.

I think they will make old money old idea guys nervous.

kind of like oil vs solar.

Absolutely good sir.. Smiley Such increased functionality gives more power to every bitcoin user to defend themselves from arbitrary bank controls and the overarching effect that central banks world over have on jobs, economy and inflation in cohort with Governments and big corporations. Like nullius would say, "Bitcoin is for everyone."

Bitcoin is more than a technology:  Bitcoin is a social phenomenon.  And it is the first mass social movement in history that does not propose any opinion other than its own value.

People who disagree with each other about everything else, can agree about Bitcoin.  That is what gives Bitcoin its value:  Everybody wants Bitcoin, no matter what their opinions about anything else!  And that is what makes Bitcoin immune to financial censorship.  There are people from completely opposite ends of the political spectrum who came to Bitcoin, because big banks disliked them, closed their accounts, and shut them out of the fiat financial system.

It’s scary that banks can impose an unwritten law of their own, with no accountability and no appeal, just by closing people’s accounts.  Bitcoin stops that.

legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
I see a few comments saying that Schnorr signatures will result in making public keys indistinguishable from the transactions and the amounts involved will be invisible, making bitcoin more private. This seems to be a myth as this is not the effect neither the intent of Schnorr induced privacy feature, AFAICT.

Correct, those would require hard fork changes to Bitcoin like the implementation of RingCT in Monero and/or CT on the Liquid sidechain.

Taproot will not hide the actual address/ transaction amounts involved.

True, but combined with Schnorr signatures, there are some pretty interesting applications. One could atomically swap from Bitcoin to a different cryptocurrency, but all an observer could see on the blockchain is a simple payment.

That opens up a whole new world for output mixing and amount obfuscation via private payment channels and atomic swaps.
legendary
Activity: 4326
Merit: 8950
'The right to privacy matters'
I look at crypto from multiple angles.

Think of crypto as presidential candidate Andrew Yang.

Think of banks as presidential candidate Micheal Bloomberg.

New school vs Old school 🏫.

These ideas 💡 look to make crypto much more like money 💵.

I see lots of roadblocks tossed at BTC .

New York state made very strict rules against pools.  Forcing a major pool based in New York to close.

Maybe someone can confirm if it was  btc guild.

USA government made every coin to to coin  trade a reportable tax event.

Other countries followed suit.

I don’t think these ideas to make Btc more flexible to move around are bad.

I think they will make old money old idea guys nervous.

kind of like oil vs solar.
legendary
Activity: 1904
Merit: 1159
This should have been an interesting discussion purely on the basis of the implications on security and usability of bitcoin in a business scenario with multiple entities. I am sharing my understanding which may have some chinks. You are welcome to poke holes and discuss.


Talking just about Taproot and Schnorr signatures, Schnorr signature is proposed to be an additional scheme of generating signatures (Public-Private key pairs) along with the existing ECDSA signatures. Apart from increased provable security, the main benefit that is meant to be derived from Schnorr is the ability to implement "Signature aggregation".

It allows the generation of a single signature which is valid for the sum of multiple public keys. This is particularly useful in multisig transactions. A multisig transaction's size is dependent on the number of parties involved. For example, in a typical 2 of 3 Multisig, the 2 collaborating parties put their signatures. Both these signatures need to be included to make the transaction valid. This increases the size of a multisig transaction.

Using Schnorr signatures allow the formation of a signature which is the "aggregate" of the two collaborating signatures but takes up the same space as a single signature.

Next up, the privacy related problem is that such an aggregated transaction is distinguishable from a normal transaction. (How this distinction happens is for technically-higher beings to explain). This is where taproot comes in that enables the formation of aggregate/ multisig transactions in such a way that they are indistinguishable from normal transactions.

Note:I see a few comments saying that Schnorr signatures will result in making public keys indistinguishable from the transactions and the amounts involved will be invisible, making bitcoin more private. This seems to be a myth as this is not the effect neither the intent of Schnorr induced privacy feature, AFAICT.




This brings me to one of the best points raised in terms of pure discussion of things like consensus and privacy which normal users should be interested in.
I look at the over all concept and see it making btc more like a bank/money item then a stock/commodity item.

I am not sure worldwide banking would like this. As it makes btc more threatening to them.
Taproot gives more functionality to bitcoin in terms of implementing complex scripts involving multiple parties while keeping the details private. It opens up several use-cases that "money" should have. Like allowing you to form a "will" or a "trust fund" while taking into consideration several real-world conditions/ contingencies while keeping it hidden that such a collaboration is involved behind the scene. It surely makes bitcoin have more functionality in terms of the buzz word FinTech. This is but an obvious evolution IMO.

So if bittrex coinbase and hitbtc all have trackable multiple signature wallets.  taproot will hide them from us.
...
then they can conspire to raise and crash coin price with very little ability to see they are doing it.
Taproot will not hide the actual address/ transaction amounts involved. It will simply reduce the signature size involved while signing transactions from such a wallet.

So basically the idea scares me.
From what i read, i think the fear is misplaced. If anyone else thinks its a valid fear then this is something worth more discussion and research.
legendary
Activity: 4326
Merit: 8950
'The right to privacy matters'
okay a bank moves money all over and has maybe a 10% cash 💰 reserve.


This just like segwit is going to allow off book 📚 transactions.

I look at the over all concept and see it making btc more like a bank/money item then a stock/commodity item.

I am not sure worldwide banking would like this. As it makes btc more threatening to them.

Personally I don’t think 🤔 Its a good idea.

But maybe its okay. It is an issue for btc to make a lot more transactions.

I think off book coin sales based on reserves of 10 percent in a given exchange are really a bigger problem

Then people realize. I think this makes it easier to do just that.

Cryptocoins are so subject to manipulation by large players and hiding all transactions behind a taproot means a multi sign wallet like coinbase or bittrex will be hidden better.



edit:  this idea below will be easier to do with taproot.


So if bittrex coinbase and hitbtc all have trackable multiple signature wallets.  taproot will hide them from us.

 then they can conspire to raise and crash coin price with very little ability to see they are doing it.

any three exchanges can do the example. or four or five.

all hiding behind taproot in the name of privacy.

So basically the idea scares me.
legendary
Activity: 2464
Merit: 1387
I had this single proposal in my mind, but in a sort of abstract way.
I thought Schnorr could be added on its own but Taproot was a Schnorr
add-on so to speak.

How I understand it is that Schnorr is enabling the scaling and some
privacy features while Taproot and Tapscript are additional complimentary
scaling and privacy features.

The 3 indeed acting as a single proposal as explained above
by gmaxwell and in one of my links.

Quote
Taproot was first introduced by Bitcoin Core developer Greg Maxwell in Jan. 2018 and formalized by another Bitcoin Core developer, Pieter Wuille, in May as a soft fork bundled with Schnorr.

*Credit to Greg Maxwell
staff
Activity: 4284
Merit: 8808
There is a *single* proposal.  It has three parts, for engineering/review reasons.  You can't separately implement the different parts and you wouldn't want to if you could.  By themselves each of the parts is not very useful, its their combination that makes them very useful. Sort of like how a car has many parts which can be separately engineered and analyized, but the drive shaft in isolation isn't useful.

Segwit was split across 4 BIPs (5 if you count the later bc1 address stuff).
legendary
Activity: 2464
Merit: 1387
Can you provide a source to show that these are going to be implemented in Bitcoin?

I know there's a lot of debate going on right now saying Schnorr signatures should be added in addition to Taproot, but I haven't seen much debate surrounding Tapscript.

Is this just speculation, or has it been formally announced that these changes will be implemented?

Its not speculation the 3 BIP's are coded all that is waiting to happen is
a decision on how to implement it so there will be discussion around that.

Tapscript provides the updated script part of Taproot, the two BIP's are
not that extensive but they  are what creates the privacy of the Schnorr signatures.

Brewmaster has posted a link to the Schnorr Signature proposition

-snip-

Schnorr related discussions existed around the time of SegWit and the BIP was actually created last year in July and has been discussed and improved ever since. you can see it here: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-July/016203.html
it was only recently that the final draft was added to the "bitcoin account" on github.


and here is a link to the 3 proposals > https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-May/016914.html
hero member
Activity: 1638
Merit: 756
Bobby Fischer was right
Time locks! Finally.
We will get unbreakable time capsule for our coins, that's awesome.
Everyone with not so strong will and patience will get native blockchain support for making  HODL easier  Grin
To me it all looks like a big hand shake in the general direction of big business aka banks or other financial institutions.
I have no problem with that, in fact that may be quite beneficiary which is obvious.

As far as i understand Taproot combines Schnorr and MAST.?
Taproot upgrade consists of Schnorr, that is a form of MAST but upgraded and possible protocol upgrade called tapscript.
Hope that this clears that out for you. But keep on researching though.
legendary
Activity: 1372
Merit: 1027
Dump it!!!
Can you provide a source to show that these are going to be implemented in Bitcoin?

I know there's a lot of debate going on right now saying Schnorr signatures should be added in addition to Taproot, but I haven't seen much debate surrounding Tapscript.

Is this just speculation, or has it been formally announced that these changes will be implemented?
hero member
Activity: 1078
Merit: 537
This is the first of my debate threads for members to earn merit for taking part in Bitcoin debates.

There hasn't been a significant upgrade to Bitcoin since SegWit, but I gather there is likely to be a soft fork later this year to introduce these 3 enhancements. I've already posted a thread about Schnorr signatures, and how they can improve block packing, but what about Taproot? I believe that these changes will help Bitcoin along its path to maturity and acceptance by investors. What do you think?

So complicated for me  Cheesy

As far as i understand Taproot combines Schnorr and MAST.?

It is clear that a better privacy and scalability upgrades will be benefitical for the ecosystem.  if it will change the lightening network transactions more private and cheaper, i think it is something good huh?


legendary
Activity: 2128
Merit: 1293
There is trouble abrewing
There hasn't been a significant upgrade to Bitcoin since SegWit, but I gather there is likely to be a soft fork later this year to introduce these 3 enhancements. I've already posted a thread about Schnorr signatures, and how they can improve block packing, but what about Taproot? I believe that these changes will help Bitcoin along its path to maturity and acceptance by investors. What do you think?

BIP 141 was posted in the very end of 2015, and it took us 1,5 years to see SegWit activated - BIPs 340-342 were posted just recently, and I have a feeling they will take much longer to become a part of the protocol, and there's even a chance that some might never get accepted, or it will take much longer than expected. These changes have bigger scale than SegWit, so the devs will need more time to review and test them.

i don't think it is that recent though.
Schnorr related discussions existed around the time of SegWit and the BIP was actually created last year in July and has been discussed and improved ever since. you can see it here: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-July/016203.html
it was only recently that the final draft was added to the "bitcoin account" on github.
Pages:
Jump to: