What is Schnorr Signature?

What is Schnorr Signature?

Unlike most blockchains, BTC has remained largely unchanged since its early days, with most upgrades being limited and aimed at enhancing network efficiency rather than functionality. Updates to the BTC protocol are very rare and are typically used for technical enhancements to ensure network stability and security.

One important upgrade for BTC is Taproot, which introduces several enhancements, including Schnorr signatures. Schnorr signatures offer several advantages over the previous mechanism used for key generation and validation (ECDSA).

In this article, we will explain what Schnorr signatures are and how they make digital signatures on BTC faster and more efficient.

Digital Signatures

• Evening Reading | Why won’t there be a bull market for 23 years?
• Proposal from Synthetix Founder: Opportunities I’ve Discovered and Synthetix’s Next Plans
• Complete Guide to On-chain Wallet Tracking: Practical Tools and Wallet Trackers

Digital signatures are mathematical schemes used to verify the authenticity and integrity of digital information. They provide a way to prove that a message was sent by a specific sender (authenticity) and that it was not altered during transmission (integrity). In other words, digital signatures are not very different from physical signatures, where the sender verifies their identity and specific intent through their unique signature style.

Digital signatures are commonly used in software distribution, financial transactions, contract management software, and many other situations where detecting forgery or tampering is necessary.

The importance of digital signatures in BTC is described in the BTC white paper by Satoshi Nakamoto:

“We define an electronic coin as a chain of digital signatures. Each owner transfers the coin to the next by digitally signing a hash of the previous transaction and the public key of the next owner and adding these to the end of the coin. A payee can verify the signatures to verify the chain of ownership.”

In the case of BTC, digital signatures are used to verify the owner of the private key associated with an address without revealing the private key to the network. When a transaction is submitted to be included in a block, nodes on the BTC network check whether the signature matches the message and accept the transaction if it does.

What is a Schnorr Signature?

Schnorr signatures are a digital signature scheme that can sign transactions and messages efficiently and securely. They were originally described by Claus Schnorr in a 1991 paper.

As an algorithm that uses elliptic curve cryptography, Schnorr was proposed as part of the BTC roadmap to replace the elliptic curve digital signature algorithm (ECDSA). Schnorr has been praised for its simplicity, provable security, and linearity. Since Schnorr requires less computation than ECDSA, it is considered suitable for cryptocurrency transactions.

Advantages of Schnorr Signatures

Schnorr signatures have several benefits, including efficiency, enhanced privacy, and retaining all the functionality and security assumptions of ECDSA. Schnorr signatures can achieve smaller signature sizes, faster verification times, and improved resistance to certain types of attacks.

The most significant advantage of Schnorr signatures is key aggregation – combining multiple signatures into one signature that is valid for the sum of their keys. In other words, Schnorr enables multiple parties to generate a signature that is valid for the sum of their public keys.

Signing aggregation allows multiple signers’ signatures to be combined into a single signature

Key aggregation can lower transaction fees and improve underlying scalability, because electronic signatures from a multi-signature setup occupy the same space in a block as signatures from single-party transactions. This property of Schnorr can be used to reduce the size of multi-signature payments and other transactions related to multi-signatures, such as lightning network channel transactions.

Another important feature of Schnorr signatures is their unforgeability. In the context of digital signatures, unforgeability refers to an attacker’s ability to modify a valid signature such that the modified signature remains valid and authenticates a message different from the original signature. This could cause serious problems for cryptocurrency applications, as malicious attackers could modify transaction signatures to increase the amount of funds transferred or change the recipient of funds.

Schnorr also offers many privacy advantages. It can make multi-signature schemes indistinguishable from traditional single-key ones, and Schnorr makes it more difficult for observers to distinguish between multi-signature spending and single-signature spending in on-chain activity. Additionally, in n-of-m multi-signature setups, Schnorr makes it more difficult for external observers to determine which participants signed the transaction and which did not by looking at on-chain information.

Application of Schnorr in BTC

Schnorr signatures are implemented in BIP-340 as part of the Taproot soft fork upgrade, and were activated on November 14th, 2021 at block height 709,632. Like other BTC upgrade proposals, Taproot was approved by BTC miners through a vote. Taproot is a collection of protocol improvements that introduce several new features, change the way transactions are handled on the blockchain, and enable new script capabilities. Taproot is considered one of the most significant updates to BTC since the adoption of segregated witness (SegWit) in 2017.

Schnorr makes BTC’s digital signatures faster, more secure, and easier to handle. It is worth noting that Schnorr signatures are backward compatible with BTC’s cryptographic algorithms, so they can be introduced through a soft fork upgrade.

Comparison between Schnorr signatures and ECDSA

As mentioned earlier, Schnorr signatures have several advantages over ECDSA, including smaller signature size, faster verification time, and improved resistance to certain types of attacks. Schnorr signatures also allow for signature aggregation, which can reduce transaction fees and improve scalability.

It is worth noting that although Schnorr signatures may be considered more suitable for BTC, ECDSA is still widely used and considered a secure signature scheme. The choice between Schnorr signatures and ECDSA may depend on specific use cases and security requirements.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!