Bitcoin privacy may be greatly improved: What are the improvement proposals for Schnorr and Taproot?

Source: LongHash

Editor's Note: The original title is "Improved Solutions to be Implemented or Will Greatly Enhance Bitcoin Privacy"

The privacy of Bitcoin has always been a topic of confusion for newcomers just entering the market. On the one hand, for users who are active on the dark network and other illegal websites, cryptocurrency has always been the preferred method of payment, and it is clear that they need to hide their financial activities. On the other hand, the blockchain records every transaction since the birth of the Bitcoin network, and is available to everyone.

In other words, the privacy status of Bitcoin is actually very complicated. Although there are now wallets like Wasabi Wallet and Samourai Wallet that can help users increase their anonymity, there is clearly a lot of room for improvement.

There are two Bitcoin Improvement Proposals (BIPs) under review, namely Schnorr and Taproot. If they can reach a consensus on the network nodes, then the solution to this problem may be able to go a step further in the right direction.

What is Schnorr and Taproot?

Schnorr is able to increase privacy and reduce costs for users who rely on multi-issue technology security. Taproot is an improvement to the Bitcoin Smart Contract feature and does not pose other privacy issues.

Bitcoin developers have been studying the symbiotic relationship between privacy and extensibility – Taproot is an answer to this topic. If there is less open transaction information on the blockchain, then the blockchain analyst can analyze less data. The combination of Schnorr and Taproot will make blockchain observers unable to determine if Taproot's new features are working.

One of the biggest features of Schnorr and Taproot is that there is no difference after different types of transactions are chained. For example, a transaction closed through a cooperative lightning network channel would look like a normal one-to-one transaction.

(It's important to note here that Schnorr and Taproot have other potential advantages, but this article focuses on their performance in terms of user privacy.)

How Schnorr and Taproot Improve Bitcoin Privacy

Simply put, according to the current Schnorr proposal, first integrating the signatures involved in the transaction and then broadcasting the transactions to the Bitcoin network can make multi-signal transactions and single-signal transactions seem difficult to distinguish (for details, see the Bitcoin Optech Newsletter). Published a report).

This in itself greatly enhances privacy, because the blockchain observer can no longer see the specific structure of the M-of-N multi-sign of a transaction, and it is difficult to find out based on a transaction. Bound Bitcoin Wallet Software.

Similarly, Taproot's cost also enables this indistinguishable transaction format, so Taproot's new smart contract functionality will be the same as a typical transaction on the blockchain.

In other words, different types of users will be configured in the same anonymous collection. This is very important for privacy, and it may be much simpler for users to be hidden in the cluster in the future.

From a privacy perspective, one of Schnorr's most exciting things is the ability to increase the usefulness of atomic trading. This feature is generally mentioned when two types of cryptocurrencies are exchanged without trust, such as replacing BTC with ETH, but atomic switching is also useful in improving user privacy.

Today, the problem with bitcoin exchange is that the link between the two outputs of Bitcoin in the exchange is reflected in the chain as evidence. This adaptive association can be erased by adaptive signatures implemented by Schnorr. Recently, Max Hillebrand, an open source software entrepreneur and contributor to the Wasabi wallet, discussed the potential benefits of Bitcoin atomic exchange for improving privacy at the 2019 mascot conference in Prague.

Hillebrand mentioned in his speech:

“Through this simple technique, we can break the assumption that a party (input) initiates payment to the other party (output) in a transaction, and it is not just for using scriptless scripts. People, even for anyone using Taproot – Taproot's single key, MuSig; Taproot cooperative lightning network channel closed, or Taproot channel factory open; use Taproot Statechain to make money, or use Taproot electronic cash to play As long as it can be implemented by SegWit version 1.0 Taproot, anyone who uses this signature mechanism can reasonably deny that they have exchanged atoms. So, when you enable this feature, you can 'One party (input) initiates payment to the other party (output)' is erased in this transaction record. This is very powerful."

He also added:

"With this technology, we can solve the biggest privacy problem of Bitcoin, that is, the problem that the input can be bound to the output. I believe that we can achieve it very quickly, and the privacy of Bitcoin will be greatly improved by then."

When can it be achieved?

The Schnorr and Taproot BIP are currently in the review phase. It is now difficult to predict when these changes will be added to the Bitcoin consensus-related software, not to mention when it will be activated for users in the network.

The fact that these two proposals supplement the Bitcoin consensus rules is actually not controversial, but some people think that there will be huge differences in the segregated witness period. It has been pointed out that some Bitcoin user groups may oppose privacy improvements, such as those that Schnorr and Taproot can achieve, but now the overall atmosphere of the Bitcoin network is much less than the part of the expansion.

In the worst case, this user-activated soft fork may become the activation mechanism for Schnorr and Taproot, just like the isolation testimony of the year.

In addition, it's important to note that developers still need to develop wallets to help users use these new tools while protecting privacy, and users also need to decide whether to use these walllets. While Schnorr and Taproot's goal is to reduce the problems associated with this bitcoin selectivity (Opt-in) privacy, the need to address bitcoin privacy issues is more active, rather than Monero's implementation through default mechanisms. Anonymous privacy currency.

Greg Maxwell, former CTO and Taproot concept creator of Blockstream, talked about this in a recent Reddit comment:

"[Taproot] doesn't protect privacy on its own like a trick. We need to develop tools/protocols/software on top of it and then deploy it widely before providing formal privacy protection."

Maxwell wrote,

"It's just technically feasible, it doesn't mean how reasonable. Assuming that everything is deployed, the nature of Taproot is actually a [big] reduction rather than a complete solution to this optional privacy problem (Monero can )."

As we have said in the past, Bitcoin users are not the most active in terms of privacy requirements. Address reuse on the Internet is still very common, and CoinJoin transactions (an anonymous transaction/coin mode) account for only a small portion of Bitcoin's total transaction volume.

Ultimately, cross-input aggregations may be implemented on the Bitcoin network so that aggregated signatures can be enabled at the input involved in the CoinJoin transaction. This also motivates Bitcoin users to use CoinJoin because this transaction costs less than the traditional method.

Having said that, we can return to the topic of symbiotic relationship between privacy and scalability. If this solution is implemented smoothly, then such a blockchain will not only improve privacy, but also improve scalability.

However, even with the appropriate incentives to persuade more users to pursue financial privacy, many problems still exist, such as the amount involved in bitcoin transactions, this public information is always there. Liquid Sidechain's Confidential Trading has made a lot of progress in this area, but it is unclear when, how, or whether this privacy mechanism can actually be incorporated into the Bitcoin backbone.

Although the current Schnorr and Taproot solutions are not perfect, their implementation of bitcoin privacy is sufficient in most use cases. As Hillebrand said in related keynote speeches:

“Although it is not a panacea for all problems, it is an integral part of our development of a powerful Bitcoin privacy defense tool.”

LongHash , read the blockchain with data.