Despite the funny name, the signatures of Schnorr – the most important event for bitcoin
«To the moon!»
Although usually in the world of cryptocurrency this slogan is used when the coin starts to increase in price, this time it can perfectly illustrate the excitement and excitement of significant progress in the long-awaited optimization of the bitcoin code.
The technology called “Schnorr signature” should replace the existing scheme of bitcoin signatures – henceforth they will be mixed. In part, this concept is so attractive because of the release of space on the blockchain, which should help solve the problem with the delay in transactions and the high commissions that Bitcoin users sometimes have to pay.
Developers who created the technology argue that such a change will accelerate the processing of transactions by 25-30%.
“The signatures of Schnorr and the applications based on them inspire great hopes. Based on recent discussions about computing power, any significant increase in efficiency will be very beneficial for bitcoin, “said Yannick Seurin, a cryptographer at the French agency for cybersecurity ANSSI, who worked on this cryptographic scheme.
Bitcoin-community has united around several technologies to increase the effectiveness of bitcoin and cheaper, faster and simpler payments. The Schnorr scheme is just one of many joining the FIBRE optimization network, and the most ambitious of them is the Lightning Network.
However, recently this technology was in the center of attention of famous bitcoin developers. And not only because SegWit technology on which the Schnorr scheme is based was activated in Bitcoin, but also due to other advantages offered by this type of signatures: improving the privacy of a certain type of transactions and reducing the amount of spam that overloads the network.
Jonas Nick, for example, told CoinDesk about his interest in increasing privacy – which is not surprising for Blockstream’s security infrastructure specialist. He is curious to see how this will work with other code parameters to optimize the use of bitcoin.
“It is especially interesting for me to work on the task, to make smart contracts look like ordinary payments in a chain. Signatures Schnorr play in this important role, along with MAST, Taproot and Graftroot “- Nick Nick noted.
The excitement around Schnorr’s signatures is quite understandable because the technology began to be developed in 2012. Although some can show this for quite a long period, such delays will not surprise the experts on the topic. First, not many developers who know well the algorithms of bitcoin and cryptography can help in working with this algorithm. And secondly, since this scheme will become a significant change in the network of bitcoins, the turnover of which is over $ 100 billion, this technology should be thoroughly tested. Both these facts significantly slowed the development of signatures.
During a conversation in Stanford, the famous bitcoin developer and co-founder of Blockstream, Peter Vuille said that over the years programmers have faced several “non-obvious problems”.
For example, last year Vuille and other developers registered an “attack of fraudsters” on the signature of Schnorr, which led them to develop a draft of a possible solution to the problem. But the scientific department, to which the project was submitted, categorically rejected it, pointing to the best, though not connected with bitcoin, the project that solved the issue in a more secure way.
This is how the cryptographer Seurin from ANSSI appeared in the team of bitcoin developers.
“I noticed that the scheme of aggregation of signatures, over which they thought, did not have a proper safety analysis. Since provable security is my main specialization, and I used to work on Schnorr’s signatures, I contacted Peter Vuille, “says Seurin.
Then Viulla sent Seurin his project and together with the main developer Gregory Maxwell and Blockstream mathematician Andrew Poelstra wrote a more secure structure. This worked, although later a new problem arose.
Another vector of the attack was discovered by Blockstream engineer Russell O’Connor (Voille called it “Russell attack”), which would allow users to steal bitcoins sent with signature.
“The conclusion that of all this can be done (at least, that I did for myself) – the models of attacks in schemes with several sides can be very subtle and elusive. They were not at all obvious, “said Vuille during the presentation.
Process and Policy
The above attack vectors are solved, but work on the technology continues. Vuille said that several proposals for the improvement of bitcoin (BIP) are under development. And once they are completed, it becomes clear how the new signature scheme works, and how it can be added to bitcoin. In addition, after this and other bitcoin developers will have a chance to view them and offer their changes.
The code has been in the works for a long time and, according to Nick, it passes random testing. Random testing means loading random data into the code and checking the correctness of the output signal.
“Since you do these hundreds of times per second on many cores for a certain time, random testing is a great way to detect subtle errors. While we have not solved the problem, but our confidence in the implementation has strengthened, “- says Nick
If this is the case, a ready-made project code may appear soon, according to Vuille. In a conversation, Vuille said: “If you do not take into account the policy, adding an operation code by releasing a new version of the SegWit script is not so difficult.” However, given the discussion about the activation of SegWit, the policy can hardly be ignored. Anyway, the code change attracted a lot of attention: developers wrote posts on blogs with explanations, and many users discussed this on Reddit.
But, given billions of dollars at stake, if the change makes it difficult for the bitcoin to function normally (an indicative example is the attacks mentioned above), most stakeholders will think hard before adding the code. Developer Nicholas Dorir, for his part, believes that adding Schnorr’s signatures to bitcoin can take a couple of years. And even Vuille during the presentation recognized the realism of such terms. He reported about the following:
“I would like to see how our child joins the bitcoin system, but this is by no means a fast process.”