MuSig is a protocol for aggregating public keys and signatures for the schnorr digital signature algorithm.
MuSig allows multiple users each with their own private key to create a combined public key that’s indistinguishable from any other schnorr pubkey, including being the same size as a single-user pubkey. It further describes how the users who created the pubkey can work together to securely create a signature corresponding to the pubkey. Like the pubkey, the signature is indistinguishable from any other schnorr signature.
Compared to traditional script-based multisig, MuSig uses less block space and is more private, but it may also require more interactivity between the participants.
Primary code and documentation
Optech newsletter and website mentions
- 2019-12-30 Composable MuSig—concerns about safely using signer sub-groups
- 2019-11-27 MuSig and attacks based on Wagner’s algorithm
- 2019-10-29 Schnorr signatures and musig
- 2019-07-17 LN gossip update proposal to use MuSig
- 2019-06-19 Breaking Bitcoin presentation: secure protocols on bip-taproot
- 2019-06-14 Optech executive briefing: the next soft fork
- 2019-03-12 Extensions to PSBTs to help make them compatible with advanced protocols
- 2019-02-26 Libsecp256k1-zkp supports MuSig key and signature aggregation
- 2018-12-28 2018 year-in-review: publication of MuSig protocol
- 2018-08-07 BLS signatures based on the MuSig construction