- Blockstream is looking into using Musig to upgrade the security of the Bitcoin network
- Musig was previously just an academic paper idea, but now it is fast becoming a reality
- Test code is expected to solve the technical limitations of the current ECDSA signature setup
This Monday Blockstream released the Schnorr-based multi-signature scheme – MuSig, test code for a potential upgrade to the Bitcoin (BTC) network.
This announcement reveals that the idea of MuSig as an academic paper is becoming a reality as live code. This week the team was successful in merging the code into a fork of secp256k1 as secp256k1-zkp which represents the high-assurance cryptographic library used by bitcoin Core.
While the crypto community explores the applications of Schnorr Signatures in bitcoin, the developers hope that this code will make it into the upstream library secp256k1 which is used by many crypto projects including Bitcoin Core.
Advantages of Musig
Bitcoin and its clones and forks have a way of verifying ownership of coins and their transfer within their system known as the ECDSA signature algorithm. Unfortunately, it has some technical limitations. The complexity of the ECDSA signatures makes them hard to use, and most developers prefer to use Bitcoin Script. This works well for applications like Lightning and cross-chain atomic swaps.
The report suggests that there was a need to come up with Musig because it offers short signatures, which look similar to the user. This is important because you need efficient verification in the blockchain system. Burdening verifiers more than it is necessary makes no sense. The new signatures also improve your privacy by hiding a signer policy.
When signing in, you have the flexibility to make your contribution to the multisignature by simply using ordinary keypairs. To do this, you do not have to give out any private information regarding the production or control of the keys. Providing such information is not easy because every signer has different and restrictive policies for key management. Also, if you have to depend on the details of key generation, your interaction with Taproot will be affected negatively.
A step forward, but challenges remain
Musig signatures are not entirely different from ECDSA and Schnorr. They all use “nonce,” which requires uniformity and a small deviation results in loss of the secret key – leading you to lose your funds.
The developers behind Musig aimed to create an API that cannot be misused and discourage risky usage of patterns regardless of the situation – “To protect signers who may serialize stale states and restart from them, our API simply does not support serialization of signing sessions.”