article read aloud can Schnorr signatures against Bitcoins scaling problem:
in a paper by authors belonging to the Bitcoin core so-called Schnorr multi signatures are discussed and evaluated with regard to their implications for Bitcoin. But even if signatures for processing of Bitcoin transactions are necessary, their role is unknown to many. Therefore, an important innovation that is made possible by segregated witness, should be discussed in this article.
Critically, Bitcoin is often seen as immovable dinosaur who does nothing despite Mempool and high transaction fees. Hardly a day goes by, the mother of all Kryptowährungen now useless to explain not Roger Ver or other critics.
That the Bitcoin network has big problems, cannot be – disputed nor the inertia of the core team. However, to be also Bitcoin is evolving. Segregated witness is already part of the main nets, the adoption of SegWit addresses draws wide circles and also the average transaction fee:
Schnorr signatures are a long-discussed innovation possible, but often is forgotten due to segregated witness. Some previously needs to be explained to understand what would this paper and what would mean for Bitcoin Schnorr signatures. While the focus is on a simple statement should be, tech-savvy like forgive any omissions and complement in the comments.
Why does it need signatures?
A signature is the core process of a Bitcoin transaction : If someone with a specific public key money to be sent, is to prove that it has this money at all. Sure, the private key is access to the own Bitcoin guarantees, but what proves the owner this privilege the payee? A disclosure of the private key prohibits, as well a third instance of trusted would be exactly what wanted to abolish Satoshi Nakamoto .
This is the signature comes in: A signature is calculated from the transaction data and the private key. Since this signature as also the public key from the private key generated that everyone can verify that the original owner of the Bitcoin actually was allowed to – spend it without showing his private key.
The role of signatures is well illustrated in the white paper:
as in the case of the conversion of the public keys from the private key, this calculation is virtually irreversible: the computational cost exceeds the economic benefits by far.
Up-to-date is as ECDSA signature scheme (elliptic curve digital signature algorithm) used. Even if this signature scheme definitely served its purpose, a change to Schnorr signatures would be desirable. Schnorr signatures go back on Claus-Peter Schnorr, who has developed this cryptographic scheme in about 1989. Especially so-called Multisignature transactions are the reason.
Multisignature transactions – if more of the money have
transactions can be realized with so-called Multisignature transactions that need to be disposed of several accounts. That is, for example, for escrow accounts. Even more important however is that Multisignature transactions for the lightning network will be needed, because they must be used for the payment channels.
Such Multisignature transactions the signatures but in the existing format of ECDSA, mean that they grow with all involved accounts. The reason is that only the signatures of each participant be hung together in case of ECDSA for a multi signature. By this inefficiency, the Blockchain grows to a strongly, on the other hand, the processing time is also slowed down. This is reflected both on the transaction fees.
Schnorr signatures also create a signature of the transaction and the private key, do this more efficiently than the ECDSA however in several ways: on the one hand, Schnorr signatures are slightly faster to verify existing signatures.
On the other hand – and this is the main motivation, which is addressed in the mentioned paper – signatures, which is to be signed by multiple parties, can be stored in the shorter form: such as in the case of ECDSA signatures with the number of users grow, can remain in the case of Schnorr processing the size of a single user.
Segregated witness enables the Schnorr
problem is however, that the previous Bitcoin protocol allows for no derogation from ECDSA signatures: such changes would be possible only by using an hard fork.
Segregated witness has been explained elsewhere . It should be particularly emphasized that a versioning of the Bitcoin of underlying scripting language without a big hard fork is possible in addition to responses to the scaling problem by separating the transaction signatures from the rest of the data – which in turn on the transition from ECDSA Schnorr the way prepared.
Segregated witness therefore allows the implementation of various solutions regarding the scaling issue and is a central log upgrade, which makes possible further developments in the future.