With the much-anticipated activation of the Taproot update—the major security and privacy upgrade recently merged into Bitcoin Core—on the horizon, Blockstream, a leading Bitcoin development studio, published the concept of its new signature scheme.
Non-interactive signature scheme for privacy
According to the blog post published by Blockstream researchers Jonas Nick and Tim Ruffing, the first multi-signature scheme from 2018 (MuSig or MuSig1) has one major drawback as it required signers to interact with each other.
That being said, MuSig1 requires three communication rounds, each consisting of forwarding messages between participants in the transaction. That resulted in longer processing of transactions and would potentially become irritating factor in the periods of increased latency.
By contrast, MuSig2 will almost eliminate the need for interaction between signers. The new scheme will include two stages, one of which can be passed even before transaction participants know the message that should be signed.
Scientists assure that the new scheme will retain the simplicity of the MuSig1 design, though it will feature some additional computation.
Bringing zero-knowledge proofs to Bitcoin (BTC)
Also, researchers shared the concept of another protocol, MuSig-DN, that uses zero-knowledge proofs for privacy. They admit that MuSig-DN is very complex compared to MuSig2 and, therefore, may be more difficult to implement:
In practice, we expect that most applications will choose MuSig2 over MuSig-DN because simplicity is a dominant factor for adoption.
However, MuSig-DN is much more attack-resistant. Blockstream officers claim that it is secure when the signing sessions are stored on a persistent medium.
MuSig2 will be presented to the general public within the framework of the Real World Crypto 2021 conference in January 2021.
If Blockstream's sidechain, Liquid, activates its Taproot update before the main Bitcoin (BTC) blockchain does, cryptographers have plans to explore MuSig2 in production even before the upgraded privacy schemes are implemented in Bitcoin. Also, MuSig2 is applicable to c-lightning (Blockstream's client for the Lightning Network) and Blockstream's Green Bitcoin (BTC) wallet.
