Taproot brings new optimizations to security and usability to the Bitcoin network as the activation is locked in.
By the time this is published, Taproot will be locked-in for activation. This means that on block 709,632 (mid-November 2021), the new rules defined by a series of Bitcoin Improvement Proposals (BIPs) will be activated and start being enforced. This is a momentous achievement for Bitcoin and will enable so many awesome new things for not just Bitcoin but everything built on top of it, too.
Previously, it was debated if Bitcoin could come to consensus on another soft fork after the drama behind the 2017 SegWit upgrade. This previous soft fork spun out multiple camps that hard forked from the original Bitcoin chain, creating new altcoins. Meanwhile, the Bitcoin community was left with deep battle scars after months of debating and fighting for what resulted in a user activated soft fork (UASF).
It's been almost four years since SegWit activated and people were skeptical that the Bitcoin community could overcome these battle scars for the next upgrade to Bitcoin. However, we have done it! It was a long process of debating on pull requests (PRs), Internet Relay Chat (IRC) channels, and Twitter, but it has finally come to a close.
Taproot as an upgrade had virtually no push back; by and large every core developer agreed with the consensus changes proposed in BIP340, BIP341 and BIP342. These BIPs propose changes that add privacy and optimizations as well as enabling new features in the future without any new security assumptions. Taproot by itself is a no-brainer upgrade to the Bitcoin protocol. The controversy came in when the discussions started on how to activate Taproot.
The controversy began with BIP8 which was created in response to what happened with SegWit. It made two changes to BIP9, the activation method used for SegWit. The first change was to define the start and end times of the activation by block height instead of real-world time. This makes defining the activation window slightly better because we aren't reliant on blocks having exactly a 10-minute block time but with the tradeoff of being worse for test networks.
The second change was to add an optional user activated soft fork (UASF) at the end of the activation, known as lock-in-on-timeout or LOT. Both of these changes sparked heavy debate on if they should be made and resulted in many PRs being opened and closed to Bitcoin Core. The LOT parameter was eventually thrown out and replaced with a procedure called Speedy Trial.
Speedy Trial was proposed to break the stalemate between the two camps arguing over how to set LOT (true vs false). Speedy Trial described a three-month activation window instead of a one-year window, but with a minimum activation height that would be further in the future and with no UASF. This was structured so that we could either activate quickly or fail quickly. If we were to fail quickly, we could go back to debating. Or if we did activate quickly, the surrounding ecosystem would have more time to prepare for the upgrade.
Most developers agreed to try Speedy Trial which led to two PRs being opened to Bitcoin Core, one by Andrew Chow and another by A.J. Towns. Chow’s PR proposed using block height while Towns’ used real-world time. This led to further debate and lots of discussion on IRC that was eventually settled by a blockchain coin flip, decided based on if the hash of a block in the future was even or odd. The coin flip resulted in A.J. Towns’ PR being chosen, reviewed, and eventually merged.
All of this debate finally led to the culmination of Taproot being able to activate. Then we just needed miners to signal, which happened relatively quickly. Alejandro De La Torre, vice president of Poolin, had already gotten mining pools to commit to saying they would signal. However, at the start only Slush Pool was signaling. The plebs took to the streets and made memes donning green squares, a reference to taproot.watch’s way of showing which blocks signaled for activation and which did not. However, after only three difficulty adjustment periods we have achieved almost 99% of the hash power from miners signaling and have locked in the activation of Taproot.
Now that we can confidently say that Taproot will be part of the Bitcoin protocol, we should know what this will mean for Bitcoin and its many layers. As stated in the beginning, Taproot brings privacy and optimizations while allowing for new features in the future.
Taproot is able to add privacy to Bitcoin by allowing users to create multiple spending rules for their funds, but they only need to reveal the rules that were used for that transaction. In some cases there is no need to reveal there ever were other spending rules. The average Bitcoin user today doesn't have a need for these sorts of complex rule scripts. However, most scaling solutions in Bitcoin do. Layers such as the Lightning Network, Liquid, and other sidechains all use scripted rules like multisig, hash time locks, and other tools to make their system secure. Today this all needs to be put on chain and revealed to the entire network. With Taproot this information no longer needs to be revealed all the time and transactions like Lightning channel opens can look exactly like a normal user’s transactions. So not only will it benefit Lightning users but it will benefit everyone as the general anonymity set of Bitcoin will grow, making privacy-compromising chain analysis harder to do.
Along with all these privacy improvements are lots of optimizations. Since we no longer need to reveal as much information on-chain, transactions will use less data and thus will reduce fees. This also means that more transactions will fit in each block and every unspent transaction output (UTXO) will be that much more efficient.
Not only do we get space-saving optimizations from Taproot, but we also get optimizations that will help with the speed of verifying transactions. Today, Bitcoin uses the Elliptic Curve Digital Signature Algorithm (ECDSA) for signing transactions, but Taproot adds a new way to sign called Schnorr signatures. Schnorr signatures enable some of the space-saving optimizations we talked about while also being faster to verify, so running a full node will be less resource intensive with the same transaction throughput if Taproot sees significant adoption.
Taproot will also enable many new use cases and features. Something that has been talked about for awhile is Point Time Lock Contracts (PTLCs). PTLCs are a change to the Lightning Network that enable developers to build more complex applications on top of Lightning like Discreet Log Contracts, stuck-less payments and more. Taproot also allows for much less invasive upgrades in the future. Taproot left many new upgrade paths that we are already seeing people write proposals to use, namely SIGHASH_ANYPREVOUT. This should make the next Bitcoin soft fork happen more quickly and be less controversial as it will not carry as much weight as the upgrades before it.
In conclusion, Bitcoin has upgraded and has taken a step forward in making privacy better for its users. This did not come easy and it certainly shouldn't have. However, now it's time to celebrate and then start building.
This is a guest post by Ben Carman. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc. or Bitcoin Magazine.