Taproot, a privacy and scalability upgrade Bitcoin developers have long been drooling over, finally activated last weekend. But more upgrades are in the pipeline, being worked on by developers behind the scenes.
Taproot is a particularly big upgrade in Bitcoin, called a “soft fork,” which isn’t executed all that often in Bitcoinland. Before Taproot, the last soft fork was SegWit, which activated on Bitcoin four years ago. Soft forks aren’t all that common. Nonetheless, they are an important type of upgrade that has repercussions for many projects building on top of Bitcoin, iteratively improving functionality of the open source digital currency.
So, what could be next, after Taproot? In fact, developers have been eyeing many other important soft fork changes to Bitcoin over the years.
Though, as a quick aside, it’s worth mentioning that even though Taproot has now activated, the work for Taproot is far from over. To use Taproot transactions, Bitcoin wallets, exchanges and other services will need to upgrade to support them. Plus, many of the changes developers have been eyeing that rely on Taproot, still need to be made. But even if some exchanges and wallets have yet to adopt Taproot, some like BitGo and Blockstream Green have been speedier, and more than 50 percent of nodes supporting Bitcoin are running the upgraded software.
Still, for a long view of what’s in store for Bitcoin, let’s take a look at some of the other possible soft fork changes that are in the pipeline.
SIGHASH_ANYPREVOUT, described in detail in Bitcoin Improvement Proposal (BIP) 118, looks like someone is shouting gibberish at you via text. But the change is much less dramatic than it looks.
In short, it allows a new type of signing option when signing a transaction, allowing a user to sign a transaction without adding a specific output (which is the coins they want to send) – at least not right away. This code change helps with a variety of technical problems, including one facing the Lightning Network, the overlay network to Bitcoin that increases transaction scalability and speed, and decreases costs.
One of the pain points of the Lightning Network is needing to store up-to-date data. Similar to losing a bitcoin private key, if users lose this data they might not be able to get their funds back. Proposed Lightning Network revamp Eltoo could help to reduce the state storage, but it needs SIGHASH_ANYPREVOUT to work properly.
“In a nutshell, this would get rid of the penalty based construction we use right now and reduce a lot of overhead for maintaining channel state as the state becomes symmetrical for all participants,” as Lightning Network researcher Rene Pickhardt put it in a StackExchange post.
The Lightning Network works as is. But SIGHASH_ANYPREVOUT paves the way for Eltoo, which could make Lightning easier to use.
Covenants are a proposed change to Bitcoin’s code that would restrict where a user can send their funds. For example, a covenant could restrict where the bitcoin can be sent, so that it can only go to a few whitelisted addresses.
Why would a user want to restrict the use of their funds? There are a number of reasons. One is security. Covenants make it easier to implement “vaults,” where users can still get their funds back even if a thief tries to run off with them. But that’s just one application. Covenants can also help with congestion control and channel factories, another proposed idea for further boosting scalability of the Lightning Network.
That’s the general idea behind covenants. There are at least a couple of proposals for covenants floating around, including OP_CHECKTEMPLATEVERIFY (outlined in BIP 119) and OP_TAPLEAF_UPDATE_VERIFY, each of which takes a different technical approach.
“Sidechains” have long been a proposed feature to add to Bitcoin. They’re additional blockchains “pegged” to Bitcoin. These sidechains can have new and experimental technologies that Bitcoin doesn’t have yet – such as adding zk-SNARKs functionality similar to the privacy coin zcash, allowing users much more privacy than bitcoin offers. Users can effectively lock up their bitcoin in order to use the new type of coins in the sidechain.
In the past, sidechains have been called the “altcoin killer.” Because sidechains offer a way to add new, experimental technology to Bitcoin, they are supposed to make it less necessary to launch a new coin to test out new ideas.
Drivechains are a spin on this idea invented by researcher Paul Sztorc. In addition to writing up his proposed changes in BIPs 300 and 301, he and other developers have implemented a working version of the idea.
Drivechains are a more controversial proposal, though, because some developers argue they could hand miners (who secure bitcoin) more power. For this reason, Bitcoin developers told CoinDesk that they see drivechains as the least likely upgrade of the bunch.
Cross-input signature aggregation
Now that Taproot has gone through, cross-input signature aggregation (sometimes called just CISA) can be added on top of it.
Digital signatures are a crucial piece of Bitcoin. When a user wants to send some bitcoin, they must use their private key to “sign” coins, proving that they own their bitcoins, allowing them to send the bitcoins to someone else. Taproot introduces Schnorr signatures, which allow for multiple signatures to be combined into one, making transactions a bit less expensive and boosting scalability.
On top of this, CISA proposes allowing signatures in a single transaction to be aggregated. One of the exciting consequences of CISA is that it can make CoinJoins cheaper. Using wallets like Wasabi and Samourai, CoinJoins are a method of boosting a user’s privacy by combining a number of user’s coins together into one transaction and “mixing” them, so that it is difficult to tell where any of the coins came from.
Right now, CoinJoins are cumbersome and they’re more expensive than normal transactions. But with CISA, they could be much cheaper. All of the signatures in the transaction can be mashed together, reducing the cost of the CoinJoin transaction.
“Instead of paying for the privilege of better privacy, you would be saving money to get better privacy. This will be particularly true of exchanges, where a lot of these transactions take place. They will want to [CoinJoin] exiting customer transactions with lots of other transactions to save money, and the side-effect will be more privacy for the rest of that transaction!” as Jimmy Song put it in his Bitcoin Tech Talk newsletter.
Only time will tell if any of these proposals will make it into Bitcoin. Once more concrete proposals are put forth, it will be up to the community to decide if they are good changes worth pursuing – or not.