Bitcoin After Taproot

Taproot, Bitcoin’s biggest upgrade since Segwit in 2017, activated last night. It has taken years to get to this point but this upgrade opens the door for multiple other innovations to occur that are being worked on in parallel.


BIP 340 — Schnorr Signatures

Source: River

BIP 341 — Taproot

Source: River

Again, River has a good diagram to explain that your 50 million sats with Taproot public key Q can be spent either by Schnorr public key P or by any of the script conditions of public key M.

BIP 342 — Tapscript

What’s not in Taproot

With the emergence of so many ideas for improvements to Bitcoin’s script execution (MAST, Taproot, Graftroot, new sighash modes, multisignature schemes, …) there is simply too much to do everything at once. Since aggregation really interacts with all other things, it seems like the better choice to pursue later.

However, once CISA is merged, incentivised coinjoins become a reality as part of that fork. That is because the signature cost savings of multiple signers becomes cheaper than a single signature spend.

What does this mean for me?

Can I do something to take advantage of Taproot?

Source: Murch

You may be thinking, “why would I pay a transaction fee to hodl my sats rather than pay the fee at the point of using them?” I thought the same thing at first but as Murch pointed out, the mempool has been clear for most of 2021 and you can get a transaction in at 1 sat per byte. Even at the second spend, you are saving money once fees reach 2 sats per byte. So if you have a wallet that allows for Taproot receiving, you should send it there, move old UTXOs when the mempool is empty, and take advantage of the privacy benefits of multsig with Taproot.

Source: Twitter answer

How does it improve privacy? Bitcoin Op Tech looked at block 692,039 for multisig use. They broke down the threshold needed such as a 2 of 2 spend like Lightning uses or a common 2 of 3 multisig by color. If these multisig wallets would use a keypath spend rather than a more complex script, they become indistinguishable from a single signature wallet. You also would not be able to isolate specific applications such as Liquid which uses an 11 of 15.

Schnorr and Taproot allows for:

Scriptless Scripts


Adaptor Signatures



BIP118: AnyPrevOut

So what is AnyPrevOut? It’s a proposed upgrade that signs most of the transaction but not the inputs of the the transaction. This allows for a specific kind of spend where any input that satisfies the script with that public key can be used or for inputs to be swapped if needed. This allows for some flexibility in spending conditions, scalability through efficiency, and allows for some interesting things to occur once merged. You can learn more here.




TLUV Covenant proposal

Other possible updates to Bitcoin beyond Taproot:

Stratum v2

Visualisation of distribution change after empowering miners. Source: Braiins

Erlay see BIP330

If anyone more technical than I am sees anything wrong with the above, please DM me for corrections and check out Bitcoin Op Tech which is a newsletter from developments happening in the space. I used their site a lot to fact check myself and provide additional links.



Making shoes you love @atoms. Under caffeinated and over connected. MBA in Sustainability. Please consider the environment before printing this tweet.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Raymond Durk

Making shoes you love @atoms. Under caffeinated and over connected. MBA in Sustainability. Please consider the environment before printing this tweet.