Taproot is almost here, one of Bitcoin’s most significant upgrades in years

Taproot is one of Bitcoin’s most impactful improvements in years, and it’s here in less than two weeks (at block height 709,632 expected on November 16).

The upgrade makes Bitcoin transactions more private and compact, plus new features like time-decaying multisig wallets.

As of June 12, a 90% supermajority of miners and mining pools had locked-in for Taproot by signaling a green light for this month’s activation.

Bitcoin block 709,631 will be the final block for Bitcoin node owners running existing consensus rules (which don’t consider Taproot’s functionality).

Once that block has been mined, the majority of the world’s Bitcoin node operators — running Bitcoin Core 0.21.1, 22.0, and related releases — will enforce new Taproot rules. 

There are over 12,000 Bitcoin full nodes reachable around the world. This makes Bitcoin the most decentralized blockchain in the world (Ethereum boasts just 2,640 fully-synced nodes at press time).

Taproot is Bitcoin privacy

Assuming all goes well, Bitcoin users will benefit from easier, less expensive, and more private use of multiple signature smart contracts (“multisigs”).

With Taproot, both regular and multisig transactions will look the same, improving privacy for everyone using the Bitcoin network.

Technically speaking, Taproot accomplishes this by enabling payments to Schnorr public keys that can commit to a script revealed at spending time. 

A transaction’s sender will need to satisfy one of the committed scripts or provide a signature that verifies against the public key. Schnorr signatures allow the script to be kept private.

Because all Taproot outputs appear the same (in length and type of characters) within blocks, users of the Bitcoin network will no longer reveal whether they are conducting a regular or multisig transaction to the rest of the world. 

This is a major privacy and performance upgrade.

I actually strongly disagree with this. Taproot directly addresses one (of many) major way in which tracking of individual transactors happens today. Lightning (once some of the low-hanging fruit is solved) changes the privacy attack model from "offline" to "active adversary".

— Matt Corallo (@TheBlueMatt) May 8, 2021

Some users wonder why Bitcoin hadn’t adopted Schnorr signatures until now. The reason is because patent protection had not expired on the technology when Satoshi Nakamoto was creating Bitcoin. 

Nakamoto wanted to use Schnorr, but opted for open source ECDSA temporarily until Schnorr signatures would become open source.

Lower Bitcoin fees, too

Bitcoin developers designed Taproot to allow Schnorr signatures that simplify multiparty construction like MuSig.

Devs say that Taproot’s use of multisig instead of multisig opcodes will reduce transaction size. This shrinks the transaction fees that multisig users have to pay.

Taproot also enables Merklized Abstract Syntax Trees (MAST), or the use of Merkle trees to set conditions for spending BTC. 

MSAT means users can even commit to more than one script. Final script selection happens when users send transactions.

With MAST, unused conditions will not be stored on Bitcoin’s blockchain when somebody sends BTC. This reduces fees for MAST-related transactions.

Taproot secures the Bitcoin stash

As a protocol, Bitcoin’s top levels of security consists of four lines of defense: multi-vendor, multi-signature, geographically-distributed, and offline private key management.

This setup is the current gold standard for cold storage Bitcoin wallets and secures hundreds of billions of dollars today.

Taproot will allow multisig wallets that support time-decay functionality.

In a Taproot three-signature multisig wallet, funds could be:

• spent at any time by three keys,
• or after three days with only two of the original three keys,
• or after 10 days with only one of the original three keys.

The length of time and the combination of such wallets are infinitely customizable. 

By daisy-chaining time-decay wallets together with other security features of Bitcoin, it’s possible that Taproot will afford Bitcoin owners even higher security of their savings than was ever before possible.

What about chain splits?

Despite over 90% activation consensus for Taproot, developers have considered the remote possibility that nodes running older versions of Bitcoin Core might not accept Taproot activation.

Running incompatible nodes can cause forks in the blockchain. In 2015, the activation of BIP66 led to several splits in Bitcoin’s blockchain. Some node owners had failed to update to a compatible version.

Significant engineering work has gone into preventing similar errors during the November 16 activation. Bitcoin Core developers say that they have resolved the issues that caused the 2015 splits in the chain.

Node operators can monitor the system for possible chain splits using services like ForkMonitor.info, or full node tools like the GetChainTips RPC command in Bitcoin Core.

A split caused by planned softforks like the Taproot update could put lightweight clients at risk of false confirmations. 

Read more: [What is Bitcoin?]

Developers say that most miners and node operators have agreed to enforce new Taproot rules. So, a major split is exceedingly unlikely. 

Node operators running Taproot-compatible versions of Bitcoin Core can manually reject incompatible blocks using the command InvalidateBlock.

Exchanges and significant market participants might temporarily raise their confirmation limit around block 709,632 to reduce the risk of a double-spend attack.

Developers have recommended that Bitcoin transaction recipients raise their required confirmations to at least 30 for at least a few hours while Taproot activates.

Follow us on Twitter for more informed crypto news.