Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.

Bitcoin's privacy is pretty abysmal – after all, what else can you say when anyone in the world can look up any transaction using a web explorer?

But while that's the case today, developers have long been trying to find a fix, or at least improve it over time. One of bitcoin's most famous developers, Greg Maxwell, even aroused quite a bit of interest when he proposed something called Taproot back in January.

Far from providing full bitcoin privacy, Taproot's code offers a way to make all transactions on the blockchain look the same to outsiders. Still, chatter about the proposal has arguably faded as other projects caught the community's eye and bitcoin's price tumbled.

Among those who haven't forgotten about the proposal, though, are bitcoin's developers, as plenty of toiling has been going on behind the scenes. Mathematician Andrew Poelstra pulled together a mathematical security proof in April, while Xapo engineer and Bitcoin Core contributor Anthony Towns put forward an idea for potentially decreasing how much data the technique uses in July.

The continued work showcases why many believe Taproot to be a discovery that provides an "enormous privacy win" for bitcoin, as Blockstream co-founder Pieter Wuille put it in a recent talk. Even better, it's actually not a crazy difficult change to make to bitcoin.

"Taproot is simple enough it could probably go in straight away," Towns told CoinDesk.

The problem, and it's a big one, is it's dependent on tech that doesn't exist yet.

Towns explained:

"Without Schnorr, Taproot doesn't get you all the way to where you want to go."

The missing piece

The reason is that Taproot would keep it a secret that any advanced payment is occurring on bitcoin.

More commonly known as smart contracts, there are a variety of complex transactions used in bitcoin, like the kind that enables the off-blockchain protocol lightning for more scalable bitcoin payments and other complex types that are still in development.

But because bitcoin's ledger is public, it's obvious when someone uses one of these transactions.

Taproot puts an end to that by making these transactions look the same as every other "boring payment," as Maxwell put it in the technology's announcement post.

Yet, it can't do this without Schnorr, an upgrade to bitcoin's signature scheme that's been on developer's coding agenda for years. The signature scheme is supposed to be better than bitcoin's current signature scheme "in basically every way." And it enables Taproot because it allows signature data to be mashed together into one.

"Schnorr is necessary for that because without it, we cannot encode multiple keys into a single key," Wuille continued in his presentation.

Schnorr's just finally getting off the ground. In fact, it looks like it's going to be bitcoin's next crucial change, with Wuille recently publishing a (very) technical proposal detailing how it might one day be added to bitcoin.

But since Schnorr's been taking years, developers have long been dreaming about what they can build on top once the technology is actually live.

As Towns put it, Schnorr is a "more exciting" change, but Taproot is "the cherry on the top."

Developers have long been thinking about other enhancements, including those enabled by Schnorr, though it's worth noting that Taproot isn't the only important change being considered. Towns thinks the privacy enhancement might be rolled in with other upgrades.

"As far as I'm concerned, Taproot, Schnorr, Graftroot is a bundle that all goes together," he said, referring to yet another technology Maxwell pioneered.

And it doesn't stop there. Towns guesses that still even other long-anticipated changes will go in at the same time, including MAST, a proposal to boost bitcoin smart contracts, and SIGHASH_NOINPUT, a change that could usher in a more reliable lightning network - the tech bitcoiners hope will help bring bitcoin to the masses.

Even though these technologies have different names and have been proposed at different times, Towns is starting to think of them as one thing.

Deciding what's next

There are so many proposed changes, in fact, developers have been grappling with which should be made first.

Wuille explained in his talk why it's not such an easy decision. There's a small pressure for deploying all these features together at once. Each time they deploy a new "consensus change," it requires a new addressing format.

Since the addresses are different than the old one, this makes it very obvious who's using the new feature - especially since not everyone is going to suddenly adopt the feature the day it launches. It's going to take time, just like past changes have taken time.

That's a small hit to privacy. And doing this more than once would be even worse.

On the other hand, deploying all these changes together would be a mess.

Speaking of other changes, there's also so-called "signature aggregation," the most-hyped application of Schnorr, which could help to scale bitcoin even further. But since it's so complex and needs further review, this is one change that developers think should be added to bitcoin later on.

But Schnorr might not ultimately prove to be a roadblock for Taproot.

In fact, Wuille's been focusing on a proposal to deploy Schnorr and Taproot together, partly because he thinks the privacy addition from Taproot is so exciting, calling it an "enormous win" for smart contracts in bitcoin.

On the Schnorr front, Towns mentioned that developers are still working out some kinks, such as a hardware attack vector that Maxwell discovered. Developers are cagey to give code timelines, since upgrades often take longer than expected. And Schnorr is no different.

Earlier on, Poelstra was hopeful it could be deployed by the end of the year, giving bitcoin users a chance to decide whether to adopt it or not. But it all depends on how quickly developers can settle on a path for the change, code it up, and get it reviewed.

As Towns put it:

"You can't come up with a proposal until you know what to stick in it. The only real delay is finalizing what's going into it. "

Tree root image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.