Schnorr is comingâ¦
In fact, the bitcoin upgrade arguably took its most significant step yet toward implementation last week when influential developer Pieter Wuille unveiled a draft outlining its technical makeup. With the release, the idea, one thatâs been in the works by bitcoin developers for years, is one step closer to improving the scaling and privacy of the worldâs most valuable cryptocurrency.
Effectively, this sets up Schnorr as the next big change to bitcoin, meaning it will be the largest code change since Segregated Witness (SegWit), a pivotal bug fix that prompted a drawn-out battle in the bitcoin community last year before ultimately being adopted.
At a technical level, adding support for Schnorr, a digital signature scheme, would give bitcoin users a new way to generate the cryptographic keys they need to used to store and send bitcoin. By doing so, it also paves the way for a number of exciting benefits, including tackling privacy and scalability, arguably two of bitcoinâs most worrisome problems.
âIt is a building block for a variety of improvements,â Wuille told CoinDesk, adding there are even some further-out improvements that havenât gotten a lot of attention quite yet. And while Wuille hopes the change will ultimately be adopted, he added itâs âultimately up to the usersâ if they want to adopt it â as was the case with SegWit.
Co-authored by several top bitcoin developers, including the likes of Bitcoin Core contributor Johnson Lau and Gregory Maxwell, the technical, math-ridden proposal outlines the exact signature scheme that could be coded in bitcoin.
And while itâs far from that final goal, itâs a necessary piece.
Blockstream engineer and co-author Jonas Nick told CoinDesk:
âStandardizing Schnorr for bitcoin is a big step towards using it in bitcoin.â
For one, the BIP draft helps to avoid future confusion by proposing a standard that ensures that all developers and merchants eventually implement the Schnorr signature code in the same way.
Though the full description can be read in the highly-technical BIP, the main idea is it describes the math necessary to produce Schnorr signatures, offering an alternative to Elliptic Curve Digital Signature Algorithm (ECDSA), the sole algorithm used to produce keys and verify transactions in bitcoin today.
Schnorr will have one thing in common with the signature scheme it seeks to crowd out, though. If plan is accepted, it will use the same mathematical âcurveâ that ECDSA uses to produce the keys, called âsecp256k1.â
Itâs a lot of tricky math, so itâs no surprise the release sparked technical discussion on the bitcoin developer mailing list.
But nothing major has come up so far and developers are optimistic, especially since one of Schnorrâs key benefits is that, unlike ECDSA, Schnorrâs security can actually be proved mathematically.
While Schnorr offers a number of improvements on its own, developers are also excited that it will also pave the way for a range of changes that can be built on top of it, such new privacy techniques.
Right now, itâs obvious when users send so-called âmulti-sig transactions,â which are a more advanced type of transaction where more than one person is required to sign off on a transaction, because of bitcoinâs public ledger. But Schnorr pave the way for a technique that will make these transactions look the same as every other transaction.
Nick noted Schnorr will also lead these advanced transactions will be cheaper as well, an important improvement since transactions can grow very expensive in times of congestion.
And it seems like new tech built on top of Schnorr are being proposed on a regular basis.
âDue to the wealth of new discoveries lately I believe these technologies should be developed in a step-by-step basis, and my focus for a first step is just Schnorr and Taproot,â Wuille said, referring to the bitcoin improvement âTaprootâ proposed earlier this year by another influential bitcoin developer Greg Maxwell to further improve bitcoinâs privacy.
That said, thereâs still a ways to go â Schnorrâs a massive project with many moving pieces.
While this BIP proposes a standard for developers to chime in on, Nick noted thereâs also a code implementation thatâs been in the works for ages, putting much of whatâs in the BIP draft into practice.
Plus, once developers fight it out until they decide there are no longer any outstanding problems, developers need to come up with a way to actually add it to bitcoin, among other things.
âThe specifics for how to deploy it in bitcoin are still being actively discussed,â Nick said.
Having been through a few so-called âconsensusâ changes in his years as a bitcoin developer, Wuille gave a particularly long list of things to do.
âLike any consensus change, it will be a long process involving fully fleshing out a draft for integration, publishing it, gathering comments from the technical community and ecosystem, writing implementations of both consensus rules and integration in wallet software, proposing a deployment plan, and if all goes well, get it activated,â he said.
In the email where he introduced the BIP, he added that if the BIP is âacceptedâ by the broader bitcoin community âweâll work on more production-ready reference implementations and tests.â
Not to mention, thereâs another potential stumbling block on everyoneâs minds.
Schnorr is a particularly big upgrade. Although changes are being made to bitcoinâs most-used client every day, with code contributions coming from a diverse group of contributors stationed around the world, Schnorr is a rarer type of change, since it affects the most important rules in bitcoin.
SegWit was the last code change âconsensusâ change made to bitcoin, sparking a debate so big, those who disagreed with the change split off and created their own cryptocurrency with SegWit removed.
The most enthusiastic SegWit supporters even made hats to express their support for the code change. Blockchain consultant Francis Pouliot joked that similar advocacy hats should be made in advance of Schnorr, in case a similar vicious debate breaks out.
Heâs not the only developer mulling this possibility.
âIt looks for now there are less detractors than there was for SegWit,â developer Riccardo Casatta said, though adding heâs not taking any chances:
âYou cannot say how thingsâ will go and as always, it is better to be patient.â
Welding laser image via Shutterstock
