Written by Mark Lundeberg
@MarkLundeberg is a developer working on the implementation of Schnorr signatures for the Bitcoin Cash network upgrade.
As the Bitcoin Cash (BCH) network upgrade on 15th May draws nearer, a lot of people are wondering what it will involve.
In this article, I’ll give a quick and simple explanation of what the upgrade is all about: Schnorr Signatures.
Why do Schnorr signatures matter? 🖋️
Since Bitcoin’s inception, it has used the ‘Elliptic Curve Digital Signature Algorithm’ (aka ECDSA) for transaction signatures.
However, the Schnorr signature algorithm (coined by German mathematician and cryptographer Claus Schnorr), which actually predates the ECDSA by several years, is more efficient.
Many cryptographers recognize that the Schnorr signature algorithm has a much ‘cleaner’ mathematical design—so why wasn’t it used sooner?
Until 2008, the algorithm was patent encumbered while ECDSA was not (it’s thought that the ECDSA algorithm was deliberately mutated from Schnorr’s design in order to circumvent the patent).
As a result, at the time of the original Bitcoin software release, only ECDSA had become standardized enough to be present in the OpenSSL 0.9.8 library used. In other words, there was initially no other choice but to use ECDSA for Bitcoin.
How will Schnorr signatures benefit the BCH network? 🌐
Fast forward to the present day and, following the patent expiration in 2008, Schnorr signatures have been cooking in the Bitcoin Cash development oven for some time.
With the upcoming upgrade, they’ll finally be released to the BCH network. We’ll be introducing the Schnorr signatures as a simple optional drop-in replacement for ECDSA signatures.
Now, you may be wondering, what does this mean for day-to-day BCH transactions? Here’s a quick summary:
- You won’t have to generate new addresses to start using Schnorr signatures.
- This is because we’re implementing Schnorr on the same curve as ECDSA, so all private and public keys are identical.
- The Schnorr signatures are 64 bytes in contrast to the 70-71 bytes for ECDSA, which leads to 4% smaller transactions on average.
What does this mean for wallet developers? 🖥️
Well, there’s no need to rush in and make urgent changes because Schnorr signatures are entirely optional, and all ECDSA signatures will function just as well as before.
Given the fact that Schnorr signatures promise a better user experience, though, I’m hopeful that many wallets will start switching over to them in the next year or so.
The tech nuts and bolts of Schnorr signatures 🔩
The improved mathematical properties of Schnorr signatures will allow for a couple of benefits upon adoption:
- Scaling: When receiving a new transaction, nodes must verify the signatures before accepting and relaying it to the BCH network. With the upgrade, nodes will be able to perform batch verification by gathering all Schnorr signatures into one bunch before verification, thereby speeding up the whole verification process.
- Privacy: Wallet developers can produce secret Schnorr multisignatures that appear on-chain as a normal, single-signature transaction—despite the fact that they involve several parties. This secret signature aggregation allows for more private smart contracts on the BCH network.
Adopting Schnorr signatures also lays the groundwork for future upgrades that could enable even more advanced cryptographic functions. For instance:
- Public signature aggregation would allow wallets to replace many transaction signatures with just one signature. This could give a further ~20% transaction size decrease, making the network faster and more efficient.
- Sign-to-contract ideas like Taproot and Graftroot would allow for us to increase the privacy aspects even further. They do so by allowing unexecuted smart contracts to be hidden behind ordinary-looking public keys.
It’s worth noting that these ideas are significantly more complex, experimental, and untested in contrast to just having basic Schnorr signatures! However, if their value becomes apparent, there’s nothing stopping them from being introduced later on.
How will the upgrade impact BCH users? 📱
As mentioned earlier, existing wallets using ECDSA will continue to function just as well. However, I encourage developers to upgrade to Schnorr in order to help the network evolve.
From a UX point of view, Bitcoin Cash users and merchants accepting Bitcoin Cash via consumer oriented wallets, such as the Bitcoin.com wallet app, aren’t likely to notice anything different at first glance.
But, if you view a new transaction after the May 15th upgrade, you may notice (and appreciate!) that its size is ~4% smaller than it would have been before.
Onwards and upwards 🚀
Following the network upgrade, as more developers upgrade wallets and toolkits used in other Bitcoin Cash applications, the number of transactions using Schnorr Signatures will steadily increase.
Overall, this will make for a faster, leaner, and more efficient BCH network and, in doing so, will help to make peer-to-peer transactions better for everyone!
If you have any other questions regarding the upgrade, you’re welcome to reach out to me directly on Twitter at @MarkLundeberg.