The proposal for Taproot, a long-anticipated technological change to bitcoin, is “nearly ready" according to developers – a notable update that comes nearly two years after its introduction.
First unveiled by Bitcoin Core developer Greg Maxwell in January 2018, Taproot offers a new degree of privacy by making all transactions – no matter how complicated – appear the same to observers of blockchain data. The code adds what supporters call a much-needed feature to the network, and brings with it significant implications for scaling, fungibility and script innovation.
Taproot is expected to be bundled together with Schnorr, a related upgrade that seeks to enable signature aggregation and make Taproot’s implementation possible.
Right now, the Taproot/Schnorr soft fork – proposed in May by Bitcoin Core developer Pieter Wuille – is moving through the ecosystem feedback phase as developers recommend and review possible changes to the draft.
On Dec. 17, Wuille put out an update on the project during the final scheduled meeting of the Taproot review group, where he revealed that developers were finishing addressing all comments from the review and that the Taproot proposal was “nearly ready.”
The proposal moving forward is designed to save 30% to 75% in fee use and accelerate block validation by up to 2.5 times, Square Crypto product manager Steve Lee predicted during a presentation from last summer.
It's a process that has attracted interest and excitement from different quarters of the crypto ecosystem. Recent survey data collected by The Block that indicates that Taproot is high on the list of technological developments being followed.
Bitcoin relies on public-key cryptography to validate transactions. The current Elliptic Curve Digital Signature Algorithm has several shortcomings when it comes to privacy and fungibility, and the Taproot/Schnorr soft fork aims to fix them by hiding specific payment types from outside observers.
In his presentation, Lee gave the example of a 2-of-3 multi-signature design to illustrate how Taproot could bring benefits to the network.
Suppose there's an exchange featuring a hot key, a trusted 3rd party key, and a cold wallet emergency backup key, he said. Conventionally, participants would need to broadcast all three keys as well as the two signatures used to spend the coins.
The proposed upgrade, however, would aggregate these keys into a single Schnorr signature, which would then be used to validate a Taproot output key that represents all the complexities involved.
As a result, observers of the blockchain would simply see a single output without knowing which two keys were deployed to validate the transaction. This would reduce transaction size, save fees, and improve privacy, Lee said.
“You can have a Lightning channel open or closed, a simple payment between two people, or a very sophisticated smart contract, and they all of the sudden became indistinguishable by spending Bitcoin using Taproot,” he contended.
Taproot also opens the door for inscription innovation, according to Lee, as it allows for complicated arrangements of signatures and keys and eliminates limitations for how many scripts can be used to spend coins.
“The benefits are very clear and overwhelming and there’s really no known controversy or concern with it,” Lee said.
Taproot is attracting wide interest from the Bitcoin community, new survey data indicates.
Indeed, the Taproot/Schnorr upgrade was the third-most popular write-in topic that industry participants said they are most excited to see in 2020, according to The Block's soon-to-be-released research survey of over 100 investors, analysts and executives, among others.
Jimmy Song, a Bitcoin Core developer and Bitcoin Fellow at Blockchain Capital, echoed the optimism and predicted that Taproot will not only save fees and blockspace, but also enable new features and generate more interests to the network.
“There will no longer be any penalties in terms of fees for multisig and that should lead the industry toward using best practices,” he told The Block. “We expect that this will create more interest in Lightning in general as the bleeding edge of Bitcoin will be a little less bloody.
“Finally, we expect Taproot to be incorporated by more wallets and more interesting features built for those who are securing their Bitcoin,” he added.
Wuille’s draft has not been formally proposed as a Bitcoin Improvement Proposal, or BIP, but the Bitcoin Core contributor told The Block that he plans to undertake that step.
After that, he will open a pull request to Bitcoin Core with the proposed consensus rule changes, which will likely bring in another round of reviews around Taproot’s implementation.
“If all goes well, and it's clear that Taproot as proposed is what the ecosystem is willing to adopt, it will be merged, and discussion will start about how to activate it on the network,” Wuille said. “If that too goes well, a release with the activation will be published, and if the conditions to activate it are met, we'll be live.”
Other potential upgrades
Bitcoin’s consensus layers have not seen any soft fork or hard fork for over two years. The last upgrade was Segregated Witness (SegWit), which was activated in Aug. 2017 and recently hit a 60% adoption rate.
However, as the Bitcoin community enters 2020, there are a number of other notable proposals on the horizon as well.
Besides Taproot and Schnorr, potential upgrades also include Graftroot, SIGHASH_NOINPUT, the “Great Consensus Clean-up,” and OP_CHECKTEMPLATEVERIFY:
- Graftroot: Create threshold signatures for every alternative scripting condition.
Graftroot is a follow-up proposal made by Maxwell and aimed at offering similar benefits as Taproot while offering greater efficiency and flexibility for smart contracts. Compared to Taproot, which generates a threshold public key representing all scripting conditions, Graftroot creates a key for each condition, allowing participants to delegate their ability to sign a specific script to anyone they choose.
One drawback of Graftroot is that it requires participants to communicate with each other in order to sign the alternative scripts. Wuille said he didn't include Graftroot because it's not applicable to as large a set of use cases as Taproot, and requires an interactive setup at sending time, thus making it unusable for transactions in contexts like paper wallets.
- SIGHASH_NOINPUT: Remove commitment to outputs from the signature verification process.
With the “Noinput” feature, signatures would not need to commit to any of the inputs and, consequently, the outputs being spent. This would make possible the rewriting of a signed transaction without generating a new signature and streamline the Lightning user experience.
According to Wuille, it was not included because there is still active discussion on how exactly to incorporate it, and it can be implemented later with effectively no downsides.
- The Great Consensus Clean-up: Address edge-case vulnerabilities.
This proposed update seeks to remove long-known vulnerabilities connected to transaction validation and make the network more robust.
For example, it would remove transactions that require excessive possessing power and address weak spots in the protocol’s difficulty adjustment algorithm. Right now, these problems are taken care of on a case-to-case basis.
- OP_CHECKTEMPLATEVERIFY: Enable transactions that require a subsequent transaction.
This opcode would, if implemented, help address network congestion and expenses during peak hours by essentially allowing a transaction to be cut in two with the goal of making the fee market more stable. It would also enable Bitcoin vault setups and better Channel Factories on the Lightning Network.
Developers have long been contemplating how to best arrange and carry out these upgrades. Wuille told The Block that his draft proposal excludes some features due to the technical complexities they pose.
“I don't think that Bitcoin would tolerate one new soft fork every month that introduces a new feature, for logistical and technical reasons,” he said. “At the same time, combining literally everything we know of as potentially beneficial change would become very complex to review.”
© 2023 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.