Why Are Taproot Smart Contracts More Private? A Non-Technical Explanation
Our exploration of the new superpowers Taproot gives to Bitcoin continues. Yesterday, we defined smart contracts and covered the functionality of the Taproot-enabled ones. To summarize, Taproot gives new characteristics to Bitcoin layer one that enable smart contract expressiveness in layer two solutions. Today, the topic is privacy. What happens on the blockchain stays there forever. With that in mind, these Taproot contracts only reveal absolutely necessary information.
How do they manage to do that? Let’s ask the experts.
How Does Taproot Privacy Work?
In the past, to execute a contract, each and every node of the Bitcoin network had to run it. That left the parties involved in the contract vulnerable and exposed, as Bitcoin Magazine explains.
“This network-wide execution also means that the parties involved have no privacy regarding what their smart contract entails: The entire network will know exactly what it looks like. By extension, this is bad for fungibility as well. If the smart contract is unpopular for some reason, the funds involved — publicly visible on the blockchain — are tainted.”
For the Bitcoin network to prosper the developers have to think of every scenario, and this is one. The Taproot upgrade fixes this. Blockstream gives us a slightly more technical explanation, “The innovation of Taproot is to embed the scripting capability, which previously had to be conspicuously opted into by wallet software (for example, to support escrow payments, Lightning HTLCs or multisignature policies), inside the key itself.” This is one of the innovations that’ll help future wallets to function in a lighter and more effective way. Bitcoinist will cover that topic later on. For now, Blockstream informs us that after Taproot:
“Under typical circumstances, the existence of this script is never revealed at all. Only if the script is needed is it revealed. To further improve this situation, thanks to the use of Schnorr signatures rather than ECDSA, script is necessary in far fewer situations than before.”
The Previous Configuration Was Data Heavy
Post-Taproot, everything will be lighter. Before Taproot, in a previous Bitcoinist post, we got technical by quoting Bitcoin Magazine:
“It’s currently necessary to reveal all the possible conditions that could have been met — including the conditions that weren’t met.” This is “data heavy” and a privacy risk. Under Taproot, “all the different conditions under which the funds can be spent are individually hashed (as opposed to combined into a single hash) and included in a Merkle tree.” So, if any of the data has to be revealed, “The rest of the Merkle tree remains hashed and hidden.”
It’s also worth noting that, post-Taproot, it won’t be possible to identify the nature of most transactions. All of them will look the same on the blockchain. Bitcoinist explained this before:
“Taproot provides a new output type with a single signing key form, thus changing the transaction processes. This translates into improvements for superior privacy, lower fees, more flexible multi-sig, and bitcoin’s availability to be locked to multiple scripts at once.River Financial further explains that “Since the Lightning Network relies on 2-of-2 multisig, Taproot makes it impossible to discern which transactions create Lightning channels.”
Are There Privacy Holes In Taproot?
Unfortunately, a Reddit user already figured out a way to identify the opening of public Lightning Network channels.
“It is correct that with Taproot one cannot tell the difference between LN channel openings and a normal transactions in cooperative scenarios solely based on on-chain data. Unfortunately public channels announce the “Channel Point” (see this example) to the world, which is the channel opening output, which is exactly the information that Taproot tries to hide. It is still helpful for private channels though.”
In any case, there’ll be more privacy all around the Bitcoin network. As Johnny Lyu, CEO at Kucoin, recently told Bitcoinist:
“The third aspect will benefit users – to improve privacy protection. The SSA bundling system will make it more difficult to track individual transactions, thereby strengthening the level of privacy protection for bitcoin senders.”
And that’s where we are.Source