March 9, 2024

Taproot Consensus: A #BTClayer2 technological solution developed by BEVM

Taproot Consensus is developed for the BEVM as part of the BTClayer2 technology suite. It parallels the #ETHlayer2 Rollup technology solution in terms of its position and objectives.

The Taproot consensus is composed of three parts, combined to form a cohesive technical solution.

The first part: Taproot technology, which includes Musig2, Schnorr signatures, MAST, and more.

The second part: A BFT PoS network composed of Bitcoin SPVs.

The third part: Threshold node communication formed through the Signal Protocol.

Taproot Consensus creates a decentralized #BTClayer2 solution by integrating Bitcoin's native Taproot technology stack with a BFT PoS network composed of Bitcoin SPV nodes.

What is Taproot?

Taproot is the most significant foundational framework upgrade for BTC since its introduction. It primarily comprises the following three BIPs:

BIP340 (Schnorr signature): Schnorr's key aggregation feature allows participants of a single  multi-signature transaction to collaborate in combining their public keys, and produce an aggregate signature that is valid for the sum of their public keys. This saves block space, enhances privacy, and achieves faster transaction verification.

BIP341 (Taproot): Bitcoin Improvement Proposal (BIP) 341 defines Pay-to-Taproot (P2TR), a new way of sending bitcoin. P2TR combines the functionality of Pay-to-Public-Key (P2PK) and Pay-to-Script-Hash (P2SH) scripts, giving users great flexibility and privacy benefits.

BIP342 (Tapscript): Updates the script language used for writing BTC transaction parameters to accommodate users opting into the Schnorr and Taproot technologies.

More about BIP341.

To address the scalability and privacy of the #Bitcoin network.

The main module of Taproot BIP34:

1. Merkle Branches: “Merkle branches let us only reveal the actually executed part of the script to the blockchain, as opposed to all possible ways a script can be executed. Among the various known mechanisms for implementing this, one where the Merkle tree becomes part of the script's structure directly maximizes the space savings, so that approach is chosen”. 

2. Taproot Mast: “Taproot on top of that lets us merge the traditionally separate pay-to-pubkey and pay-to-script hash policies, making all outputs spendable by either a key or (optionally) a script, and indistinguishable from each other. As long as the key-based spending path is used for spending, it is not revealed whether a script path was permitted as well, resulting in space savings and an increase in scripting privacy at spending time”.

3. Shnorr Signature: “Taproot's advantages become apparent under the assumption that most applications involve outputs that could be spent by all parties agreeing. That's where Schnorr signatures come in, as they permit key aggregation: a public key can be constructed from multiple participant public keys, and which requires cooperation between all participants to sign for. Such multi-party public keys and signatures are indistinguishable from their single-party equivalents. This means that with taproot most applications can use the key-based spending path, which is both efficient and private. This can be generalized to arbitrary M-of-N policies, as Schnorr signatures support threshold signing, at the cost of more complex setup protocols”. The protocol setup is a focus of development for the BEVM team, as extending the M-of-N threshold signatures to 1,000 requires the design of a protocol for rapid calculation.

4. As Schnorr signatures also permit batch validation, allowing multiple signatures to be validated together more efficiently than validating each one independently, it will also enhance the performance of BTC network transactions. It allows for batch verification processing of transactions from the BEVM technology, moving from #Layer2 back to the BTC mainnet, increasing the parallel processing of transactions between layer1 and layer2. This saves on transaction fees and improves interaction efficiency between layer2 and layer1.

A BFT PoS network composed of Bitcoin SPVs

1. Bitcoin SPV: Bitcoin lightweight nodes, which do not require all BTC transactions, only need the block header and transactions interacting with layer2 to verify the validity and correctness of transactions.

2. BFT PoS Network: Utilizes a Substrate blockchain framework that combines Aura block production consensus and Grandpa BFT consensus.

How does BEVM design Taproot Consensus?

Taproot Consensus nodes

Taproot Consensus nodes are primarily Bitcoin SPV nodes, which are then elected as Taproot Consensus nodes through governance voting by the entire network of BTC/BEVM stakers, ensuring the security of Taproot Consensus node elections through the safety of Layer2 BFT PoS consensus.

The Design of Taproot Consensus

Taproot consensus nodes combine Musig2 and the Signal  protocol to form decentralized on-chain threshold signatures that interact with the Bitcoin mainnet. Musig2 is a threshold signature scheme based on Taproot's security. The Signal protocol integrates the Double Ratchet Algorithm, pre-keys, and a three-pass Elliptic Curve Diffie-Hellman (3-DH) handshake, and uses Curve25519, AES-256, and HMAC-SHA256 algorithms as cryptographic primitives. It is currently the most secure communication protocol, addressing the security of communication between participants in Musig2's multi-party threshold signatures.

Musig2 ensures the security and flexibility of Bitcoin's threshold signatures, while the Signal protocol secures the communication of Taproot consensus nodes' threshold signatures. Bitcoin SPV nodes ensure the decentralization of Taproot threshold signatures, and the BFT PoS consensus of the BEVM layer2 network ensures the on-chain security of the Bitcoin SPV network.