Taproot Upgrade Explained: The Way To More Private And Efficient Bitcoin

Two types of transactions in the Bitcoin network are becoming increasingly popular: multi-signature and time-locked. Multisig feature allows to send Bitcoins only when enough private keys are present, and time lock sets a specified date or block height to perform a transaction. But here’s a problem: both features undermine the privacy of money transfers. Furthermore, they demand extra space in blocks which makes the blockchain even more congested. Taproot upgrade is to solve these problems: it restores privacy for all types of transactions and is supposed to make Bitcoin 20% more scalable and efficient. Here’s how.

Privacy vs. usability in Bitcoin: no need to choose anymore

Although Bitcoin can’t guarantee total anonymity to its users, it gave a lot to the fans of private money transfers. Never before in history was it possible to send any sum to anyone in the world without disclosing transaction details to banks, regulators, and governments.

However, new features such as multisig and time-locked transactions compromise this privacy. In regular transactions, only public keys are seen by anyone in the blockchain, whereas it’s nearly impossible to link them with the coin owners. If you use multisig or time lock, information about additional transactional conditions goes public. If Alice contracts Bob to send him 1 Bitcoin on August 1 if certain conditions are met, everyone in the world can guess that Alice and Bob have such an agreement. This is how usability harms privacy in Bitcoin. However, with the Taproot upgrade, you won’t have to choose: top-notch cryptographic protocols will protect all types of transactions.

Along with this, Taproot is to improve Bitcoin’s efficiency. A usual block in the BTC network is 1 MB in size and contains about 500 transactions, but all these extra contract’s conditions also take space. They clutter Bitcoin up and make more people wait until their transactions are processed. Taproot upgrade will remove multisig and time lock data from blocks, which is supposed to raise Bitcoin’s throughput by 20%.

How does Taproot work?

Taproot upgrade leverages the Schnorr signature scheme and Merkelized Abstract Syntax Trees (MAST). In simple words, it aggregates several signatures of a transaction into one. For instance, when several signatures are needed in multisig transactions, Schorr signature puts them all into one ‘threshold’ signature without any threat to the transaction verification. Only 1 public key will be displayed in the blockchain.

Schnorr signatures had been introduced long before Bitcoin. However, when Satoshi Nakamoto was developing the first cryptocurrency, they were still protected by a patent, and he had to use elliptic curve digital signatures (ECD signatures) instead. This algorithm is at the core of Bitcoin’s functionality: it matches public keys with private ones, which is necessary to prove your ownership of these coins. But the problem with ECD is that if there are two public keys, you need two signatures, and the public keys have to be written in the block.

On the contrary, Schnorr algorithm allows to aggregate one signature out of many, which corresponds to one private key aggregated from several ones. With Schnorr, the sum of signatures equals a signature of the sum of the private keys. This sounds complex, but we’ll explain this in simple terms.

Let’s say Alice, Bob and Michael want to use multisig transactions. With ECD, Alice’s signature is “Alice”, Bob’s one is “Bob”, and Michael’s is “Michael.” If we put them together, we’ll have something like “AlBoMa.” Now, let’s suppose their private keys are 5, 10, and 20, respectively. Their sum is 35. What we have is that we can’t relate “AlBoMa” to 35 to verify the individual components of the transaction. This is how ECD works, and that’s why it requires separate signatures for each key.

But let’s say Alice’s signature is 50, Bob’s one is 100, and Michael’s one is 200, while their keys are 5, 10, and 20, respectively. Here, it’s easy to use addition and multiplication to aggregate all signatures in one threshold signature and all keys into one threshold key. This is how MAST trees and Schnorr signatures work — the ones to be implemented in the Taproot upgrade.

When will Taproot go live?

Since Bitcoin isn’t managed by a centralized authority, it can’t simply implement an upgrade in one day. For this, the network needs an agreement of a decentralised team of developers and miners. Since this is a huge community, the process took quite a while. The Taproot Bitcoin Improvement Proposal number 341 was introduced by a developer Greg Maxwell in January 2018 — and only in October 2020, Taproot was added to the Bitcoin Core library at the request of Pieter Wuille. For the proposal to be accepted, at least 90% of all blocks in a special 2-week epoch needed to contain special ‘signal bits’ — miners’ signals for their support of the upgrade. This condition was met, and as of July 2021, all miners have supported Taproot:

Such a consensus is quite a rare thing for crypto updates. This time, it went this way because Schnorr signatures are considered one of the best cryptographic solutions by the majority of developers and miners.

Taproot upgrade is dubbed one of the major updates in the history of Bitcoin, and definitely the largest one since the SegWit implementation in 2017. As the consensus was reached, Taproot will go live in a November 2021 soft fork.

Summary

Taproot update will increase privacy for multisig and time-locked transactions. It will modify the way signatures and private keys work, allowing to put a few in one and making numerous public keys invisible to the public. By cutting the amount of information to be written in blocks, Taproot also increases the Bitcoin network’s throughput. The update was widely supported in the community and will go live this November.

Bitcoin, however, is not the only cryptocurrency that undergoes major upgrades this year. Its second-largest counterpart Ethereum is implementing several hard forks in 2021 on its way to scalable and energy-efficient Ethereum 2.0. We collected and explained all you need to know about these changes.