Just SegWit? Bitcoin Core Is Already Working on a New Scaling Upgrade

Bitcoin developers are making progress on Schnorr, a function for aggregating signatures and in turn, a way to increase the capacity of the network.

AccessTimeIconOct 12, 2017 at 8:00 a.m. UTC
Updated Sep 13, 2021 at 7:01 a.m. UTC
Layer 2

Bitcoin's core developer team isn't yet done scaling the cryptocurrency's protocol.

Despite the fact that a years-in-the-making change called Segregated Witness (SegWit) activated on the network just over six weeks ago (with businesses and users now slowly updating and average block sizes inching upward), the upgrade has already started a chain reaction of work on other optimizations geared toward accommodating more users.

So, while businesses and miners are pushing for more aggressive scaling via the controversial Segwit2x proposal, the open-source team behind bitcoin's most widely used software is focused on other efforts entirely. Called "Schnorr signatures," the technology offers another signature scheme option alongside Elliptic Curve Digital Signature Algorithm (ECDSA). One benefit is that it supports "signature aggregation" on the bitcoin blockchain.

While that may sound complex, the change aims to consolidate activity that already takes place on the network with each transaction. Under the ECDSA scheme, each piece of a bitcoin transaction is signed individually, while with Schnorr signatures, all of this data can be signed once.

And doing so could improve bitcoin in a few key ways, according to developers working on the effort.

Blockstream engineer Jonas Nick told CoinDesk that this method of mashing signature data together should be considered "low-hanging fruit for helping bitcoin scale."

First, by decreasing the number of signatures, it increases the amount of transaction data that can fit into each block. Second, by merging signatures, the technology could enhance privacy by making it harder to determine where transactions are coming from.

Third, it's believed the change could curb "spam attacks," where one entity sends a bunch of small bitcoin transactions that take up extra space in the blockchain, potentially making nodes more difficult to run.

Success through failure

Though the new signature technology has been an idea since at least 2013, developers have recently made some breakthroughs, bringing Schnorr signatures closer to actual implementation on bitcoin.

SegWit was the first necessary step in that the code change, which moves signature data to another part of the block, making Schnorr (or something like it) possible to implement with a backward-compatible software upgrade (soft fork), where it wasn't previously.

Then, most recently, developers stumbled upon under-the-radar cryptography research that could help them build the algorithm faster.

According to a transcript of Bitcoin Core's annual meeting over the summer, developers submitted a paper outlining their signature aggregation scheme to Financial Cryptography and Data Security 2017. While the conference committee rejected the paper – asserting that the security proof for the signature aggregation scheme provided in the paper was too flimsy – they also suggested another paper, which provided a stronger security proof.

Bitcoin Core contributor Bryan Bishop told CoinDesk:

"This is important and useful because it means that the cryptography has been studied in the past to a further extent than we previously thought."

With this work already done, developers can spend less time ironing out the security signature scheme, and more time figuring out how to implement it on bitcoin.

Next steps towards reality

Blockstream's Nick points to an in-progress bundle of code changes called "aggsig module" as the main place where Schnorr signatures are being worked on.

Code contributions – from Andrew Poelstra, Greg Maxwell, Pieter Wuille, Peter Dettman and others – date back as far as 2012, showing this module as the most advanced in terms of being worked on over the longest number of years.

While many developers there have turned their attention to optimizing the performance of the Schnorr code implementation to make sure the verification of signatures is as fast as possible, Nick said, there are still some missing pieces to the aggsig module before it can be fused into bitcoin itself.

For example, bitcoin's OP_CHECKSIG function checks to see if someone really owns the bitcoin they're trying to send. Currently the function does not take the new Schnorr signatures into account, meaning it can't do the aggregating signatures, said Nick.

"There's no public proposal yet specifying how [that] would exactly work," he explained, adding that developers need to write up some sort of a roadmap for the new function, before it can be implemented.

Still, he was optimistic that the change will not take long to implement, calling it "relatively straightforward."

Nick concluded:

"The right people just need to find time to focus on it."

Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which helped organize the Segwit2x scaling proposal, and has an ownership stake in Blockstream.

Correction: An earlier version of the article misstated where Schnorr signatures can be used. That has been corrected.

Colored pencils image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.


CoinDesk - Unknown
How to Connect MetaMask to the Avalanche Network

The crypto wallet can connect with many other blockchains besides Ethereum, including the Avalanche network.

CoinDesk - Unknown
CoinDesk - Unknown
Crypto Exchange Bullish.com Reportedly Cuts About 10% of Workforce

The company last week extended the deadline to complete its SPAC merger until the end of 2022.

CoinDesk - Unknown
CoinDesk - Unknown
La plataforma de préstamos cripto CoinLoan limita retiros de dinero

La medida se levantará si las condiciones del mercado lo permiten, dijo la plataforma de préstamos.

CoinDesk - Unknown
CoinDesk - Unknown
The Era of Easy DeFi Yields Is Over

Alpha in DeFi is about to get a lot scarcer (although still super attractive). Luckily, risk management will eventually get much simpler.

CoinDesk - Unknown