Bitcoin Forum

Other => Beginners & Help => Topic started by: JetAid on February 21, 2019, 01:06:30 PM



Title: Schnorr signatures are creeping into the news again
Post by: JetAid on February 21, 2019, 01:06:30 PM
In case you haven't heard of Schnorr signatures, here is the Wikipedia definition -
https://en.wikipedia.org/wiki/Schnorr_signature

Here is an article on Medium describing its potential impact on Bitcoin -
https://medium.com/@SDWouters/why-schnorr-signatures-will-help-solve-2-of-bitcoins-biggest-problems-today-9b7718e7861c

I'm starting to see comments that suggest that it could be included in the Bitcoin Core software within a year or so, that sounds a bit optimistic to me. So for all you aspiring Bitcoin pros of the future - do you think that this will have much of an impact on Bitcoin acceptance? This probably won't be so for basic transactions, but would it be useful for asset payments?

It's time I started a merit awarding promo, so I'll be watching this thread for the best discussions, especially from newer members.

[WHOOPS]
Posted by Jet Cash of course. Apologies, but I was logged in as JetAid ro work on some admin for Fit to Talk.


Title: Re: Schnorr signatures are creeping into the news again
Post by: Velkro on February 21, 2019, 02:09:04 PM
I'm starting to see comments that suggest that it could be included in the Bitcoin Core software within a year or so, that sounds a bit optimistic to me. So for all you aspiring Bitcoin pros of the future - do you think that this will have much of an impact on Bitcoin acceptance?
Maybe not acceptance but it will allow Bitcoin to grow faster and without barriers of speed for example.
Its holy grail of Bitcoin more than ETF's most people talk abouit.
It will be trully great step for Bitcoin and i hope they will manage to implement it. Its very complicated and innovatory theory that will need to work on actual project like Bitcoin. Much work to do, hundreds of hours for Bitcoin programmers which are volunteers mostly.


Title: Re: Schnorr signatures are creeping into the news again
Post by: r1s2g3 on February 21, 2019, 02:35:11 PM
Recently some company send approximately 500 satoshi to the random user. This dust payment is pain for the users whoever received it.
Schnorr signature will help in combating this kind of spam attack too. 


Title: Re: Schnorr signatures are creeping into the news again
Post by: Pmalek on February 23, 2019, 04:21:03 PM
It could even be used faster than we think as Bitcoin Cash is planning to include Schnorr signatures into their May 2019 upgrade together with better SegWit recovery mechanisms. They talk about that here:
https://bitsonline.com/schnorr-bitcoin-cash-upgrade/

I also found some additional news. The company Blockstream published a Schnorr based test code called MuSig but according to their team it is still insecure.
Quote
MuSig signatures, just like Schnorr signatures or ECDSA, use in their construction a secret ‘nonce’ which must be produced uniformly randomly. Any deviation from uniform, even by a single bit, can lead to secret key loss and stolen funds.
More about that here:
https://cointelegraph.com/news/blockstream-publishes-schnorr-based-test-code-for-bitcoin-blockchain-upgrade



Title: Re: Schnorr signatures are creeping into the news again
Post by: pooya87 on February 24, 2019, 08:05:16 AM
~
Since beginning, MuSig:Schnorr (which made for Bitcoin) was developed by developer who work at blockstream (or used to work there) and when people talking about Schnorr for Bitcoin, actually they're talking about MuSig Schnorr.

For people who interested with it's technical detail, you can check this thread MuSig: Schnorr Multisig and signature aggregation (https://bitcointalk.org/index.php?topic=2818782.0)

MuSig is only one part of Schnorr signatures that focuses on an alternative and safer way of "multi signature" features of Schnorr signatures which is used for aggregating signatures and for example offer the possibility of having a 50 of 50 multi sign transaction but only with the size of a single key tx since there will only be 1 signature and 1 public key and that will increase scaling of bitcoin drastically considering currently a lot of the transactions in blocks are multisignature with at least 3 signatures so using Schnorr can drop at least 2 sig + 2 public keys from each of them (considering they are 2 of 3) and that is 2*(32+32+7)+2*(33+1) = 210 bytes per tx! also considering this will probably be released with new SegWit version and SegWit has some overhead we can effectively be saving about 205 bytes per transaction per block and that is great.

but Schnorr is a lot more than just MuSig! https://github.com/sipa/bips/blob/bip-schnorr/bip-schnorr.mediawiki
the main thing i am excited about is batch verification. not to mention that creating signature is so much faster with ECSDSA compared to ECDSA because it doesn't have the modular multiplicative inverse.