Bitcoin's Taproot proposal has been supported by the community and is expected to be activated in November this year, which has aroused great concern in the encryption community. Why is Taproot causing concern? Because it is one of the most important upgrades of Bitcoin in recent years.

image description

(from linuxfoundation.org)

first level title

Taproot Upgrade for Bitcoin

The Taproot soft fork upgrade has several benefits for Bitcoin, including enhanced privacy, lower fees, and improved scalability.

One of the biggest concerns in the crypto community right now is privacy. Anything that happens on the Bitcoin chain can be viewed. In order to solve this problem, many privacy solutions and even privacy tokens have been developed to try to solve the privacy problem in the encryption field. However, so far, it is almost unrealistic for privacy coins to try to replace BTC through privacy attributes.

Generally speaking, Bitcoin expenditures need to be signed, and other conditions can also be added, such as time locks, multi-signatures, etc. In order to meet the needs of more scenarios, these conditions can be compounded, for example, it can only be used after a certain block height, and it must satisfy multiple signatures before spending. For example, the BTC held by a certain project has a specific expenditure plan (such as supporting development, etc.), and can be spent by using time lock + multi-signature.

Taproot also supports the Bitcoin network for these complex function transactions, such as multi-signature, time-locked issuance, etc. But the difference is that the current solution needs to disclose the entire script (condition) when spending in btc. If the conditions are complex, the amount of data will be large, and the execution will be expensive and inefficient. Also, it is bad for privacy as the script reveals information about all parties involved.

Upgrading through Taproot can solve the above problems.

With Taproot, these complex functions appear to be a transaction, the conditions of which can be hidden. That is to say, with Taproot, the traces of Bitcoin script can be hidden. For example, Taproot can be used to pay for btc on the Lightning Network, and people can only see these peer-to-peer transactions.

In addition, the Taproot upgrade is also conducive to reducing fees and improving scalability, providing more convenience for complex Bitcoin transactions.

first level title

MAST+Schnorr

*MAST

image description

(Not all scripts need to be disclosed in Mast structure, Bitmex Research)

MAST attempts to use Merkle trees to encode actions in scripts. When BTC is spent, it only needs to provide its branch operation and connect the branch hash to the fixed-size Merkle root, thereby reducing the transaction size and saving block space. It hashes separately the different conditions under which funds are payable, all included in a Merkle tree, and forms a single hash (Merkle root), thereby locking tokens.

With the MAST structure, only the satisfied conditions need to be revealed, which increases privacy. In addition, when it is combined with the Schnorr signature scheme, it can also hide the results of MAST to achieve better privacy requirements.

Overall, MAST supports more complex transactions with various spending conditions, and at the same time, it can achieve privacy protection without revealing scripts that were not executed or conditions that were not triggered. In addition, another benefit of the MAST structure is that complex transactions can achieve a significant reduction in transaction size. Some transactions have many complicated conditions, but as the number of scripts increases, the MAST transaction size grows logarithmically, not linearly.

(Number of Scripts vs. Transaction Size, David A. Harding)

*Schnorr

The Bitcoin community also incorporated Schnorr signature technology into the Taproot soft fork upgrade. The purpose of Schnorr signature is to achieve high efficiency. Bitcoin's current signature scheme is ECDSA, which and the Schnorr signature scheme both belong to the elliptic curve digital signature algorithm, but Schnorr can implement "aggregate signature".

To put it simply, multiple signatures in a transaction can be combined into one. By combining public keys and signatures into "threshold public key" and "threshold signature", the transaction looks no different from ordinary transactions. "Threshold public key" allows participants' public keys to be superimposed, and "threshold signature" allows participants' signatures to be combined to make payments according to agreed conditions. The Schnorr signature algorithm can make multi-signature more efficient, and because it looks the same as ordinary transactions, it also improves privacy.

epilogue

epilogue

Putting aside complex technical issues, Taproot brings benefits to Bitcoin that were not there before:

*lower costs

For some complex transactions, the amount of data will be greatly reduced, which will significantly reduce the cost of these complex transactions. The reduction in fees is conducive to improving complex transaction activities on Bitcoin.

*hate strong privacy

The privacy of transactions can be enhanced through the combination of Schnorr signature and MSAT, and some complex transactions look similar to ordinary transactions.

* Improve scalability and security

Combining Mast and Schnorr signatures can allow blocks to contain more transactions and reduce the amount of data, which not only lowers transaction fees, but also improves scalability and security. However, don't have high expectations for its expanded throughput, it mainly reduces the size of the multi-signature. There is still a certain ceiling to achieve greater scalability through it.