Author

Topic: Schnorr signatures are creeping into the news again (Read 216 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
MuSig is only one part of Schnorr signatures that focuses on an alternative and safer way of "multi signature" features of Schnorr signatures which is used for aggregating signatures and for example offer the possibility of having a 50 of 50 multi sign transaction but only with the size of a single key tx since there will only be 1 signature and 1 public key and that will increase scaling of bitcoin drastically considering currently a lot of the transactions in blocks are multisignature with at least 3 signatures so using Schnorr can drop at least 2 sig + 2 public keys from each of them (considering they are 2 of 3) and that is 2*(32+32+7)+2*(33+1) = 210 bytes per tx! also considering this will probably be released with new SegWit version and SegWit has some overhead we can effectively be saving about 205 bytes per transaction per block and that is great.

Thanks for detailed explanation

but Schnorr is a lot more than just MuSig! https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki
the main thing i am excited about is batch verification. not to mention that creating signature is so much faster with ECSDSA compared to ECDSA because it doesn't have the modular multiplicative inverse.

True, but specifically MuSig is used together with Schnorr because naive/default Schnorr multiple key aggregation have security/privacy flaws.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I also found some additional news. The company Blockstream published a Schnorr based test code called MuSig but according to their team it is still insecure.
Quote
MuSig signatures, just like Schnorr signatures or ECDSA, use in their construction a secret ‘nonce’ which must be produced uniformly randomly. Any deviation from uniform, even by a single bit, can lead to secret key loss and stolen funds.
More about that here:
https://cointelegraph.com/news/blockstream-publishes-schnorr-based-test-code-for-bitcoin-blockchain-upgrade

Since beginning, MuSig:Schnorr (which made for Bitcoin) was developed by developer who work at blockstream (or used to work there) and when people talking about Schnorr for Bitcoin, actually they're talking about MuSig Schnorr.

For people who interested with it's technical detail, you can check this thread MuSig: Schnorr Multisig and signature aggregation
legendary
Activity: 3472
Merit: 10611
~
Since beginning, MuSig:Schnorr (which made for Bitcoin) was developed by developer who work at blockstream (or used to work there) and when people talking about Schnorr for Bitcoin, actually they're talking about MuSig Schnorr.

For people who interested with it's technical detail, you can check this thread MuSig: Schnorr Multisig and signature aggregation

MuSig is only one part of Schnorr signatures that focuses on an alternative and safer way of "multi signature" features of Schnorr signatures which is used for aggregating signatures and for example offer the possibility of having a 50 of 50 multi sign transaction but only with the size of a single key tx since there will only be 1 signature and 1 public key and that will increase scaling of bitcoin drastically considering currently a lot of the transactions in blocks are multisignature with at least 3 signatures so using Schnorr can drop at least 2 sig + 2 public keys from each of them (considering they are 2 of 3) and that is 2*(32+32+7)+2*(33+1) = 210 bytes per tx! also considering this will probably be released with new SegWit version and SegWit has some overhead we can effectively be saving about 205 bytes per transaction per block and that is great.

but Schnorr is a lot more than just MuSig! https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki
the main thing i am excited about is batch verification. not to mention that creating signature is so much faster with ECSDSA compared to ECDSA because it doesn't have the modular multiplicative inverse.
legendary
Activity: 2730
Merit: 7065
It could even be used faster than we think as Bitcoin Cash is planning to include Schnorr signatures into their May 2019 upgrade together with better SegWit recovery mechanisms. They talk about that here:
https://bitsonline.com/schnorr-bitcoin-cash-upgrade/

I also found some additional news. The company Blockstream published a Schnorr based test code called MuSig but according to their team it is still insecure.
Quote
MuSig signatures, just like Schnorr signatures or ECDSA, use in their construction a secret ‘nonce’ which must be produced uniformly randomly. Any deviation from uniform, even by a single bit, can lead to secret key loss and stolen funds.
More about that here:
https://cointelegraph.com/news/blockstream-publishes-schnorr-based-test-code-for-bitcoin-blockchain-upgrade

sr. member
Activity: 742
Merit: 395
I am alive but in hibernation.
Recently some company send approximately 500 satoshi to the random user. This dust payment is pain for the users whoever received it.
Schnorr signature will help in combating this kind of spam attack too. 
legendary
Activity: 2296
Merit: 1014
I'm starting to see comments that suggest that it could be included in the Bitcoin Core software within a year or so, that sounds a bit optimistic to me. So for all you aspiring Bitcoin pros of the future - do you think that this will have much of an impact on Bitcoin acceptance?
Maybe not acceptance but it will allow Bitcoin to grow faster and without barriers of speed for example.
Its holy grail of Bitcoin more than ETF's most people talk abouit.
It will be trully great step for Bitcoin and i hope they will manage to implement it. Its very complicated and innovatory theory that will need to work on actual project like Bitcoin. Much work to do, hundreds of hours for Bitcoin programmers which are volunteers mostly.
member
Activity: 122
Merit: 20
Jet Cash's better half
In case you haven't heard of Schnorr signatures, here is the Wikipedia definition -
https://en.wikipedia.org/wiki/Schnorr_signature

Here is an article on Medium describing its potential impact on Bitcoin -
https://medium.com/@SDWouters/why-schnorr-signatures-will-help-solve-2-of-bitcoins-biggest-problems-today-9b7718e7861c

I'm starting to see comments that suggest that it could be included in the Bitcoin Core software within a year or so, that sounds a bit optimistic to me. So for all you aspiring Bitcoin pros of the future - do you think that this will have much of an impact on Bitcoin acceptance? This probably won't be so for basic transactions, but would it be useful for asset payments?

It's time I started a merit awarding promo, so I'll be watching this thread for the best discussions, especially from newer members.

[WHOOPS]
Posted by Jet Cash of course. Apologies, but I was logged in as JetAid ro work on some admin for Fit to Talk.
Jump to: