Overview
MuSig 2 is a simple two-round Schnorr multisig system. It’s a signature scheme that is a notable improvement over Bitcoin’s classic ECDSA-based multisign primarily due to its use of aggregation: multiple keys are “added” together to create a multisig, and the sum key is not just the same size as an individual key, but in fact indistiguishable from an individual key.
MuSig was originally released in 2018, then updated in 2020 to reduce the required communication rounds from three to two, hence the name: MuSig 2.
Why is MuSig Important?
MuSig is one of two major methods to take advantage of Schnorr-based signatures, allowing users to take advantage of a fast, scalable, and aggregatable signature system (the other being FROST).
The general advantages of Schnorr signatures, as described in “A Layperson’s Introduction to Schnorr” are:
- Compactness
- Signature Aggregation
- Faster Verification
- Blind Signatures
- Adapter Signatures
Unlike FROST, MuSig 2 does not support threshold signatures, except through the use of a supplement such as a Taproot tree. However, it can support full accountability: an advantage of FROST is that you can’t prove who signed in an m-of-n signature, but in MuSig you know exactly who signed if the public keys are available.
Links
- MuSig2: Simple Two-Round Schnorr Multisignatures (Medium article)
-
MuSig2: Simple Two-Round Schnorr Multi-Signatures (eprint PDF)
- Docs: secp256k1_musig.h (GitHub)
- Examples (GitHub)