Editorial 1 August 2018

Cecille de Jesus

There are still two unexpired patents that may be in conflict with Schnorr signatures in BTC

Either lawsuits fly or they shake hands.

Many argue that the main reason ECDSA was favoured over Schnorr signatures despite its supposed advantages over the former were merely to avoid complications with patents. Schnorr signatures were covered by a patent which forced developers to use free alternatives, and kept it from being standardized.

Luckily, that patent expired in 2008.

Earlier this month, Pieter Wuille published a proposal for the use of Schnorr signatures instead of ECDSA (Elliptic Curve Digital Signature Algorithm)—which has been the standard for Bitcoin since its inception.

But despite the expiration of the Schnorr signature patent, there are two existing and unexpired patents that may botch this plan. While Schnorr signatures in general are now fair game, there are certain specific applications of the algorithm that are covered by patents—which are still very much in force.

Patents clash

It can be quite hard to find conflicting patents especially in a field as complex as cryptography and digital signatures, particularly because applications are written as outlines of methods rather than specifically naming prior inventions they are based on.

But a gruelling search yields to two patents that could spell trouble as they are similar to how BTC devs intend to use Schnorr signatures for the legacy chain.

1. Masking and Additive Decomposition Techniques for Cryptographic Field Operations, Vincent Dupaquis, Michel Douguet

“Masking and additive decomposition techniques are used to mask secret material used in field operations (e.g., point multiplication operations) performed by cryptographic processes (e.g., elliptic curve cryptographic processes). The masking and additive decomposition techniques help thwart “side-channel” attacks (e.g., power and electromagnetic analysis attacks).”

2. Signing Methods for Delivering Partial Signatures, and/or Threshold Signatures, Corresponding Verification Methods, and Corresponding Electronic Devices, Marc Joye, Benoit Libert

“…a signing method delivering a partial signature associated with a message, said partial signature being used in a threshold signing method, the signing method being executed on an electronic device. The signing method is remarkable in that it comprises: – obtaining a partial secret key SK i being obtained from an output of a secret sharing scheme, said partial secret key SK i being equal to {u1 (i), uK+1 (i)}, where elements uj (i) ∈ Zp for all j ∈ {1,…, K + 1}, with p being a prime number, and K being an integer greater or equal to one; – determining from said partial key, K elements tj = g -uj(i) , with j ∈ {1,…,K + 1} and g being a generator of a group G, said group G being part of a bilinear group (G, Ĝ, G T ) with Ĝ being a group and G T being a target group; – determining from said message a vector so as to define a Groth-Sahai common reference string; – determining Groth-Sahai commitments on said K + 1 elements t j with j ∈ {1,…,Κ + 1} from said Groth-Sahai common reference string, said Groth-Sahai commitments belonging to said group G; and – determining a non-interactive witness indistinguishable proof comprising K(K + 1) elements, all the K(K + 1) elements belonging to said group Ĝ, said proof guarantying that said K + 1 elements tj verify K pairing equations; – delivering said partial signature associated with said message, said partial signature comprising said Groth-Sahai commitments, and said non-interactive witness indistinguishable proof.”

If the devs are unaware of these existing patents, that means they will potentially invite a string of lawsuits towards the BTC camp. It’s either that or they submit to the patent terms. If they do, we have yet to see how that will play out.

Note: Tokens on the Bitcoin Core (segwit) Chain are Referred to as BTC coins. Bitcoin Satoshi Vision (BSV) is today the only Bitcoin implementation that follows Satoshi Nakamoto’s original whitepaper for Peer to Peer Electronic Cash. Bitcoin BSV is the only major public blockchain that maintains the original vision for Bitcoin as fast, frictionless, electronic cash.


Add a Comment

latest news

Under China’s new blockchain laws, Bitmain-ABC’s BCH is in trouble

Editorial 15 January 2019

Under China’s new blockchain laws, Bitmain-ABC’s BCH is in trouble

Under the new regulations, blockchain information service providers are within the purview of the CAC and a range of penalties has been outlined for the violation of the provisions.

Read More
The split, and the future… Now we build

Editorial 9 January 2019

The split, and the future… Now we build

I've gone silent on my thoughts... because like many of you, I have been devastated by the fallout of the split.

Read More

Editorial 8 January 2019


作为唯一延续比特币最初愿景的区块链,比特币SV(BSV)挖出了大小为103MB的区块,这是世界上有史以来从公链上挖出的最大区块。这一首次跨越了100MB门槛的区块于1月3日在区块高度563638处挖出,其中包含中国矿池Mempool的460400笔交易。这一创纪录的区块恰逢比特币区块链的创世块十周年之际被挖出。这项最新扩容成果有效地证实了比特币SV正朝着成为全球性企业区块链的正确方向发展。 BSV在2018年11月15日备受争议的比特币现金硬分叉中脱颖而出,致力于保护比特币的原始设计。比特币SV是以比特币创始人中本聪提出的“中本聪愿景(Satoshi ...

Read More