An effort to put a solid taproot proposal was done by developer Anthony Towns, the proposal was about segwit v1 with several adjustments to the current segwit version which included :
- replacing the ECDSA
CheckMultiSignops with new
- introducing a
33-bytev1 witness addresses that encode a
secp256k1ECC Point P that is spendable either by a direct schnorr signature of a script with the witness data and a taproot/merkle path to the script.
- Versions for taproot scripts
OP_MASKto support script masking via sighash
- Making invalid opcodes upgradeable to have more flexibility than
Taproot is a mechanism that works like MAST but without the 32 byte overhead, it was created earlier this year by developer Greg Maxwell.
An update on Taproot was recently published on the Bitcoin-dev mailing list dubbed Generalized Taproot, its essentially a recursive taproot which is as space efficient as taproot in some cases and sometimes potentially more efficient in cases like when one merkle branch is more likely than the other.
Generalized Taproot is not something that we will see being deployed any time soon but it could be a further enhancement to the increasing amount of applications built on Schnorr Signatures coming in the next months/years.