Disclaimer: The information contained in this explanation is the result of my understanding of Schnorr Signatures and may contain some errors. Search and confirm the information.
Table of contents 1.
Introduction 2.
What are Schnorr signatures? 3.
A comparison of Schnorr signatures and ECDSA? 4.
Can it be applied to the Bitcoin network?IntroductionHumans knew signatures as a way to prove ownership, as you need a unique paper, pen and signature that is difficult for everyone to emulate.
Science evolved and evolved until we became in the digital age, so signatures evolved with it to become digital, but instead of being based on paper and pen, we became dependent on the strong digital signature scheme.
Bitcoin is a digital coin and therefore it is based on a digital signature but instead of the paper and pen model we can do this by performing some great math on the secp256k1 curve called Elliptic Curve Digital Signature Algorithm (or ECDSA). The algorithm allows you to take one number (i.e. a private key) and derive a public key from it.
Well that's good, but how does that algorithm work? You will get all your answers on this topic. Read it and then return here.
What is Elliptic Curve Cryptography? Understand how is it related to Bitcoin Thanks
webtricksIt is beautiful now that we have a public key, you can show your public key to anyone. You can add it to your website and share your public addresses with others so they can send you Bitcoin.
We have a private key, when currencies are sent, they can check that the ECDSA signature matches the message. If not, they will only reject it
What are Schnorr signatures?Schnorr signatures are quite simple compared to ECDSA signature, more secure with powerful property: linearity.
Historically: Schnorr's signatures are already ahead of ECDSA, but why haven't they been integrated into Bitcoin from the start ?!
There are many interpretations that answer this question, but the most reasonable one is that the patents expired in early 2008, before the release of the Bitcoin white paper, and scheme did not have standardization across the board. As such, Satoshi Nakamoto chose the most acceptable (and open source) ECDSA.
A comparison of Schnorr signatures and ECDSA?We all know that Bitcoin already supports multisig, it's good and providing privacy, nobody knows the specific conditions for spending from inputs or sometimes they don't know it's a multi-signature address (although it starts with 3)
However, when you want to send currencies, the problems begin: let us assume that you set conditions for spending that are 3 out of 5, so public keys and valid signatures must be available. When transferring money outside the address. Everyone can find out.
The more people, the higher the number of bytes in your transaction, and the higher the fee accordingly.
Solutions provided by Schnorr SignaturesSchnorr Signatures can be a solution to the problems of privacy and scalability, as it allows some features, the most prominent of which is the collection of the signature, which works to collect many signatories in one signature, so that the final signature is the same length as the signature of one person and thus you will not even be able to distinguish between normal transactions and multisig transactions.
also has some advantages that can be used in the lightning network.
Can it be applied to the Bitcoin network?Schnorr signatures does not need a hard fork, so the change can take place without the fear of network splitting. But adoption may take some time.
Bitcoin Improvement Proposal (BIP 0340) has been submitted by Peter & Will, Jonas Nick and Tim Roving.
https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki
