As you may know, Bitcoin enforces ownership rights with somETHing called the Elliptic Curve Digital Signature Algorithm (or ECDSA). The algorithm allows you to take one number (i.e., a private key) and derive a public key from it.
The magic of this is that, while it’s easy for you to get the public key from the private key, the reverse is impossible. Your private key is your passport to the Bitcoin network. It’s what allows you to generate an address for receiving coins, and what later allows you to spend them.
In this article, we’ll take a look at what are schnorr signatures, and the anticipated schnorr signature implementation to the Bitcoin blockchain.
What Are Schnorr Signatures?
Schnorr signatures are a different kind of scheme. It operates similarly to the Elliptic Curve Digital Signature Algorithm which we use currently, but boasts a number of advantages over it. Schnorr signatures actually predate ECDSA, leading many to wonder why they weren’t integrated into Bitcoin from the start.
One possible explanation is that Claus P. Schnorr – the scheme’s creator – patented them. The patents expired in early 2008, months before the Bitcoin white paper’s release, but the scheme still had no standardization across the board. As such, Satoshi Nakamoto opted for the more widely-accepted (and open-source) ECDSA.
Key Advantages of Schnorr Signatures
Schnorr signatures are quite simple compared to other schemes. As a result, they’re more provably secure than their alternatives. To put it in lay terms, their powerful linearity property makes the scheme particularly attractive for certain activities – most notably, multisignature transactions. You may know that Bitcoin already supports multisig, but it doesn’t do so in the prettiest of ways.
When you create a multisignature address, whoever sends you funds doesn’t need to know what conditions you’ve set for spending the inputs. They might not even know that they’re sending funds to a multisig setup – the only peculiarity about the address is that it begins with a “3”. However, you reveal its nature when you want to move the funds.
From a privacy standpoint, this isn’t great. To add to this, if we create a bigger multisig, then we’re taking up quite a bit of space on the blockchain. That can be expensive, as it will result in a lengthy transaction – remember that the more bytes in your transaction, the more you need to pay.
Schnorr signatures have been touted as a solution to these privacy and scalability issues. They allow for things like signature aggregation, which combine the signatures of multiple signers into a single signature. The resulting “master signature” would still be the same length as a regular, one-person signature, leading to significant space savings. In addition, the combined signatures make it a lot more difficult for an observer to determine who signed (or didn’t sign) a transaction since you wouldn’t even be able to distinguish between single-party transactions and multisig ones.
Crucially, Schnorr signatures are a building block for further advancements. Once implemented, they can be leveraged to improve technologies in crypto such as atomic swaps and the Lightning Network.
Bitcoin Schnorr Signature Implementation
As with most upgrades to the Bitcoin protocol, it could take time for the broader community of Bitcoin users to agree on the Schnorr signature inclusion. Bitcoin Core contributors Pieter Wuille, Jonas Nick, and Tim Ruffing have submitted a draft Bitcoin Improvement Proposal (BIP), but there’s still a bit of work to be done.
Blockstream has already released an implementation – MuSig. Allowing for signature and key aggregation, it may well serve as the foundation for Bitcoin’s own Schnorr signature scheme.
Schnorr signatures could be merged into the code as a soft fork, meaning that a change would not split the network. Instead, it would be an “opt-in” upgrade. NonETHeless, it would be optimistic to assume that we’ll see them integrated in the near future – it could still take a couple of years before consensus is reached.
Closing Thoughts
Schnorr signatures are one of the most highly-anticipated milestones on the current Bitcoin roadmap. With just a single upgrade, they can provide significant privacy and scalability benefits. Perhaps more interestingly, the schnorr signature implementation also set the scene for further developments in Bitcoin smart contracts and more advanced constructs like Taproot.
