| latest-revision | original-author | created | status | title | contributors | type | description | discussions-to | category |
|---|---|---|---|---|---|---|---|---|---|
2019-01-27T00:00:00.000Z |
Ryan Shea (ryan-shea) |
2019-01-01T00:00:00.000Z |
Accepted |
Scriptless Scripts (Schnorr) |
Ryan Shea (ryan-shea); Gareth James (gjradar) |
article |
GitHub URL |
lightning-rnd |
Scriptless Scripts are a way to execute smart contracts off-chain using Schnorr Signatures. Scriptless scripts are a way to encode smart contracts into digital signatures -- effectively accomplishing smart contract features without any scripts.
By removing hash preimages, removing Script tricks that people use to get atomicity between chains and transactions, and moving those onto signatures, contracts are accomplished in something smaller, more efficient, more scalable, more private, an inherently interoperable.
A Schnorr signature is a digital signature produced by the Schnorr signature algorithm that was described by Claus Schnorr. It is a digital signature scheme known for its simplicity, among the first whose security is based on the intractability of certain discrete logarithm problems. It is efficient and generates short signatures.
Smart contracts: Currently, smart contracts are used to process Bitcoin transactions. These include standard transactions that only require a single signature as well as more complex transactions such as time-locked or multi-signature transactions.
Script: These smart contracts are currently processed on-chain using Bitcoin Script.
On-chain vs. off-chain: Bitcoin smart contracts are currently processed “on-chain” which has negative effects on user transaction costs, network participation resource requirements, and privacy (all of which are discussed in more detail below). __The potential power of Scriptless Scripts is that they address these issues by using Schnorr signatures to move smart contract processing off-chain.
The primary benefits of Scriptless scripts are functionality, privacy, and efficiency.
In terms of functionality, Scriptless Scripts could increase the range and complexity of smart contracts that are possible with Bitcoin today. Currently, Bitcoin smart contracts are executed within Bitcoin Script which is limited in the types of contracts that can be executed. This limitation stems from the number of “opcodes” that have been enabled by the network (remember, anything done at the network level requires network-wide consensus, which is hard to achieve).
Scriptless scripts move the specification and execution of these smart contracts from a network-wide decision — as is currently the case for smart contracts that execute within Bitcoin Script — to a decision that only involves the participants of the smart contract. As a result, the range of smart contracts that a Bitcoin user could potentially deploy should increase drastically.
Moving the specification and execution of smart contracts from on-chain to off-chain is also what drives the privacy benefits of Scriptless Scripts. When the smart contracts themselves are on-chain, many details are divulged to the entire network including the number and addresses of participants as well as the amount of capital involved — that’s not ideal as it’s very far afield from typical user expectations regarding contracts and money transfers.
Instead, Scriptless Scripts use Schnorr signatures to move these contracts off-chain. This means that instead of the entire network verifying the actual terms of a contract, the network and its participants simply verify that there is a valid outcome — That is, that the parties to the contract agree that the terms have been satisfied and the resulting transaction is valid.
Said differently, the network doesn’t actually need to know the terms of the contract between Alice and Bob, the network just needs to know that Alice and Bob agree that the terms of their contract have been satisfied and that the resulting transaction is valid — that’s what Scriptless Scripts accomplish.
Scriptless Scripts also offer a significant efficiency advantage: By moving smart contracts off-chain, Scriptless Scripts minimize the amount of data that needs to be verified and stored on the network level. That means less overhead for network participants (e.g. full nodes) and lower transaction fees for users (a win-win).
Ultimately, it’s helpful to think of these innovations in terms of puts and takes and evaluating the tradeoff that’s proposed. Typically, improvements in functionality and privacy come at the expense of efficiency. However, Scriptless Scripts (via Schnorr signatures) could potentially improve functionality and privacy without compromising at all on efficiency.
[4] https://joinmarket.me/blog/blog/flipping-the-scriptless-script-on-schnorr/