May 29, 2024

‍The Culmination of Bitcoin's Native Extension Technologies - Interpreting the BEVM Taproot Consensus Technical Yellow Paper


On May 20, 2024, the BEVM Bitcoin Layer2 development team officially released the technical yellow paper titled 'Taproot Consensus: A Decentralized BTC Layer2 Solution.

The yellow paper provides a comprehensive description of how Taproot Consensus is implemented and how it combines Schnorr signatures, MAST, Bitcoin SPV nodes, and other native Bitcoin technologies to construct a fully decentralized BTC Layer2 solution.

After thoroughly reading the paper, the author was struck by the realization that the Taproot Consensus solution proposed by the BEVM team is truly the culmination of Bitcoin's native extension technologies. Taproot Consensus does not modify or add to Bitcoin's codebase in any way. Instead, it ingeniously combines several major native Bitcoin technologies through innovative composition, with a simple yet elegant approach.

Before delving into the interpretation of the yellow paper, it is necessary to review the history of Bitcoin's technical evolution. This will help us understand how Taproot Consensus emerged organically from Bitcoin's development trajectory.

Main Content

I. The History of Bitcoin's Technical Evolution

October 31, 2008

Satoshi Nakamoto published a paper titled "Bitcoin: A Peer-to-Peer Electronic Cash System," formally proposing a complete technical implementation of Bitcoin.

In Chapter 8 of the paper, Satoshi mentioned a solution called Simple Payment Verification (SPV), a technique that allows users to verify payments without running a full Bitcoin node, by only storing block headers.

January 3, 2009

Satoshi mined the genesis block on a small server in Helsinki, marking the official birth of Bitcoin.

It is worth noting that in Bitcoin's original codebase, Satoshi used the Elliptic Curve Digital Signature Algorithm (ECDSA) instead of the more Bitcoin-suitable Schnorr Signature algorithm. This was not because ECDSA was superior to Schnorr Signatures, but rather because Schnorr Signatures were not open-source at the time and were still under patent protection. Hence, Satoshi opted for the already open-sourced ECDSA.

Schnorr Signatures retain all the functionalities and security assumptions of ECDSA but can overcome the limitation of Bitcoin's ECDSA framework, which restricts it to a maximum of 15 multi-signatures. Schnorr Signatures enable efficient aggregation of 1000+ addresses to jointly manage Bitcoin without impacting signature speed.


After years of extensive verification, Bitcoin core developers like Gregory Maxwell formally proposed a Bitcoin Improvement Proposal (BIP) to introduce Schnorr Signatures into the Bitcoin network.

November 14, 2021

Bitcoin officially completed the Taproot upgrade, formally incorporating Schnorr Signatures into the network, ushering in a new era of decentralized multi-signatures for Bitcoin.

In addition to Schnorr Signatures, the Taproot upgrade also introduced Merkelized Abstract Syntax Trees (MAST), a technology that enables Bitcoin to possess smart contract-like capabilities. MAST organizes the logic of multi-conditional contracts into a Merkle tree structure, allowing Bitcoin's codebase to execute functions similar to smart contracts (albeit limited to payment verification and distinct from Ethereum's complex smart contracts).

Schnorr Signatures can enable 1000+ multi-signature addresses for Bitcoin, while MAST can drive these Schnorr multi-signature addresses through Bitcoin's codebase, effectively realizing a decentralized multi-signature network for Bitcoin without human intervention.

This means that Bitcoin can shed a layer of trust constraints and enable more complex and varied business scenarios on its Layer2.

The Taproot Consensus solution proposed by the BEVM team is precisely the culmination of Bitcoin's technological evolution from 2008 to 2021.

II. Overview of the Taproot Consensus Solutions

The Taproot Consensus technical yellow paper begins by stating: "Bitcoin's non-Turing-complete nature limits its ability to directly implement Layer2 extension solutions similar to Ethereum's Rollups. Bitcoin's script contract layer can only perform simple transfer operations and cannot support more complex smart contract functionalities. Therefore, it is infeasible to construct a Layer2 extension solution solely based on Bitcoin's script layer."

This opening paragraph succinctly highlights Bitcoin's non-Turing-complete nature and the limitation of its script contracts to only execute transfer operations. It suggests that the correct approach for Bitcoin's expansion is not to modify its base layer but to leverage its existing capabilities to construct a fully decentralized Layer2 extension solution.

Taproot Consensus achieves this by combining Bitcoin's Taproot technology (Schnorr Signatures and MAST), Bitcoin SPV light nodes, and the BFT PoS consensus mechanism to build a decentralized and highly consistent Layer2 network.

III. Detailed Explanation of the Taproot Consensus Architecture

The Taproot Consensus solution proposed by the BEVM team comprises three components: Schnorr+MAST, Bitcoin SPV, and Aura+Grandpa.

Schnorr+MAST, as we discussed earlier, combines these two major native Bitcoin technologies introduced by the Taproot upgrade, enabling decentralized multi-signature management of Bitcoin without human intervention, driven by Bitcoin's codebase.

But who drives this codebase? It is driven by the consensus achieved on the Layer2 network.

How does the Layer2 network reach consensus, and how is this consensus synchronized with Bitcoin's base layer?

This is where Bitcoin SPV+BFT PoS Consensus (Aura+Grandpa) comes into play.

Bitcoin SPV is the Simple Payment Verification solution proposed by Satoshi Nakamoto, allowing users to synchronize and verify Bitcoin transactions without running a full node by only storing block headers. This feature enables Taproot Consensus to synchronize with the BTC state in a fully decentralized and permissionless environment.

Aura+Grandpa is a widely adopted advanced PoS consensus protocol that implements Byzantine Fault Tolerance, ensuring high consistency among network nodes through distributed protocols (most blockchains built on the Substrate framework use Aura+Grandpa).

To summarize the operational principles of Taproot Consensus' three components:

"In the BEVM system, each validator holds a private key for Schnorr signatures. The properties of Schnorr signatures enable efficient signature aggregation, improving the system's security and efficiency. Through the MuSig2 multi-signature scheme, an aggregated public key Pagg is generated, forming a large Merkle Abstract Syntax Tree (MAST).

After generating the root hash of the MAST tree, validators submit BTC transactions and inscribe data onto the MAST-generated threshold signature address, enabling data submission from the BTC mainnet to the BEVM network. Simultaneously, each validator acts as a Bitcoin SPV (Simplified Payment Verification) light node, allowing them to securely and permissionlessly synchronize the state of the BTC network."

In simple terms:

Taproot Consensus uses Schnorr+MAST to construct decentralized BTC multi-signature management on Bitcoin's base layer. On the Layer2, it operates a network of Bitcoin SPV nodes. In the case of BEVM, the entire Layer2 network runs Bitcoin SPV nodes, which can synchronize data from Bitcoin's base layer. To ensure the security and trustworthiness of the Layer2 network, BEVM integrates the Bitcoin SPV node network with the Aura+Grandpa consensus, effectively imbuing the Bitcoin SPV node network with the security level of BFT consensus. In other words, the management of the BEVM network's assets is not controlled by multi-signature individuals but driven by BFT consensus, achieving true decentralization.

IV. Other Technical Details in the Yellow Paper

Apart from the technical framework outlined above, the Taproot Consensus yellow paper also provides detailed explanations of Schnorr Signatures, MAST, Bitcoin SPV light nodes, Aura+Grandpa, and other technical implementations. For those interested in learning about Bitcoin's latest technologies, this yellow paper by the BEVM team serves as a comprehensive and detailed resource.

Furthermore, the yellow paper meticulously explains the implementation process of MuSig2 and the differences between the renowned BTC Layer2 project Mezo and Taproot Consensus.

Mezo's underlying technical structure is based on the tBTC protocol. tBTC utilizes Bitcoin's multi-signature capabilities to construct a threshold signature network. Compared to traditional distributed networks, this structure offers stronger consistency.

However, tBTC still requires signatures from 9 individuals, a multi-signature participant network. To truly achieve a consensus-driven system without relying on individuals, it is necessary to integrate the multi-signature network with the Byzantine Fault Tolerant (BFT) Proof-of-Stake (PoS) consensus mechanism. (This is the fundamental difference between distributed networks and blockchains. Distributed networks emphasize distribution but lack Byzantine fault-tolerant consensus, while blockchains, although also distributed networks, are driven by Byzantine fault-tolerant consensus mechanisms, making them truly decentralized networks.)

The Taproot Consensus solution adopts this more advanced design approach. By combining Schnorr signatures, MAST, Bitcoin SPV light nodes, and the Aura and Grandpa Byzantine fault-tolerant consensus mechanisms, it has constructed a highly consistent and secure decentralized Layer2 extension solution. This integration not only enhances the scalability and usability of the Bitcoin network but also ensures the security and consistency of the BEVM network.

In summary:

The technical yellow paper released by the BEVM team systematically and comprehensively describes the implementation approach and technical details of Taproot Consensus, presenting a Bitcoin Layer2 solution entirely built upon Bitcoin's native technologies.

Taproot Consensus not only respects and inherits Bitcoin's existing technical direction but also innovatively combines the technologies introduced by Bitcoin's successive upgrades through compositional innovation. It is truly the culmination of Bitcoin's native extension technologies.

As the Bitcoin ecosystem continues to evolve, it will become increasingly evident that truly decentralized Bitcoin Layer2 solutions are the inevitable path for the ecosystem's development, and solutions like Taproot Consensus will truly shine.