MuSig is a protocol for aggregating public keys and signatures for the schnorr digital signature algorithm.
MuSig allows multiple users each with their own private key to create a combined public key that’s indistinguishable from any other schnorr pubkey, including being the same size as a single-user pubkey. It further describes how the users who created the pubkey can work together to securely create a signature corresponding to the pubkey. Like the pubkey, the signature is indistinguishable from any other schnorr signature.
Compared to traditional script-based multisig, MuSig uses less block space and is more private, but it may also require more interactivity between the participants.
Primary code and documentation
Optech newsletter and website mentions
- Composable MuSig—concerns about safely using signer sub-groups
- MuSig and attacks based on Wagner’s algorithm
- Schnorr signatures and musig
- LN gossip update proposal to use MuSig
- Breaking Bitcoin presentation: secure protocols on bip-taproot
- Optech executive briefing: the next soft fork
- Extensions to PSBTs to help make them compatible with advanced protocols
- Libsecp256k1-zkp supports MuSig key and signature aggregation