The first Bitcoin privacy update in four years is bringing changes that are broadly popular among the user base. The “Taproot” update, scheduled for November, changes the digital signature algorithm underpinning the system in such a way that complex transactions will have an added layer of anonymity. But the really big news is that this clears a path to make “smart contracts” more accessible, something that could broadly increase the scope of applications that can operate on the blockchain.
Approved by Bitcoin Community, privacy update brings much-desired features
Bitcoin privacy updates are rare, with the last taking place in 2017. Proposed changes can be submitted by anyone to the Bitcoin repository, but must be approved by an editor. Bitcoin miners then “vote” on the proposed change by upgrading their software to a new version that includes the proposal. If at least 95% of miners do this, the change is implemented for all Bitcoin users. Some prior proposals have been extremely contentious among miners, in some cases prompting forks that break from the original (such as Bitcoin Cash). This particular change was subject to a special “Speedy Trial” proposal that only required 90% consensus to move things forward.
This new privacy update seems to be almost universally accepted by the Bitcoin market, however. The central feature of Taproot is an update to the digital signatures that safeguard the use of Bitcoin wallets to make transactions. These are currently encrypted with the “Elliptic Curve Digital Signature Algorithm,” which are being switched over to “Schnorr signatures.” For the layman, the important distinction between the two is that the new signature type obscures transactions that are composed of multiple signatures. It is also more efficient in terms of taking up space on the blockchain, which opens the door to allow a broader use of “smart contracts” that store details of agreements to pay.
Why are smart contracts so desirable? They are essentially pieces of code that allow for automatic execution of approved agreements. Being able to fit them on the blockchain allows for the adoption of all sorts of applications that are currently difficult to handle without fiat currency systems. For example, a smart contract can specify ownership rights over multiple steps of a transaction to work within complex logistics chains. There are many industries that can potentially make use of smart contracts to integrate cryptocurrency, from medicine to gambling.
In terms of the privacy update, the new signatures do not really anonymize individual one-on-one transactions in any new way. But they do mask larger transactions that involve multiple signatures, making it unclear as to how many wallets are involved. The new system combines the keys and signatures used by all parties in a transaction into one new public key and signature. While this information will be obscured from the casual viewer, some internet forensics firms are already saying that they expect to be able to find this information.
Ethereum already has a more robust smart contract landscape, but sits behind Bitcoin in terms of uptake and value per coin. It has also had serious issues with transaction speed, something slated to be addressed in the forthcoming Ethereum 2.0 update (which may not roll out until 2022). Smart contracts are available with Bitcoin’s core protocol, but in a much more limited (and expensive) form than will be possible once the privacy update rolls out.
Risk involved in the Bitcoin upgrade
Though the privacy update is widely embraced by the community, all involved are proceeding with caution. A mistake in the implementation could lead to a bug or creation of a vulnerability in the system that could entirely undermine faith in cryptocurrency. Bitcoin had to weather a serious blow of this nature in 2013 when a version update inadvertently caused the blockchain to fork, but a quick consensus response from miners (who collectively “downgraded” back to the pre-split version) allowed for a fast recovery.
And though smart contracts offer an immense amount of potential, experimentation with them in more traditional markets has been equally slow and cautious. The “Decentralized Autonomous Organization” (DAO) serves as a cautionary tale. The organization was formed in 2016 as an experimental new type of open source venture capital fund on an Ethereum network, one based on decisions made by AI and crowdsourcing instead of a small group of partners. This bold experiment with the “wisdom of the crowds” became extremely popular among holders of Ether tokens, at least until hackers made use of potential security vulnerabilities outlined in a research paper to steal some $50 million in digital currency from its investors a few months later. Even if DAO had not been plagued with security issues, it was also sailing into legally murky territory in terms of laws governing stock sales and may very well have drawn the attention of government regulators if it had not flamed out so fast.