This paper presents a simple three-round multiparty Schnorr signing protocol that is fully simulatable, secure under concurrent composition, and proven secure in the standard model or random-oracle model. The protocol is designed to work in the setting of a dishonest majority, where any number of parties can be corrupted. It securely realizes an ideal Schnorr signing functionality with perfect security in the ideal commitment and zero-knowledge hybrid model. The protocol does not assume that all parties begin with the message to be signed, the identities of the participating parties, or a unique common session identifier, as this is often not the case in practice. Instead, the parties achieve consensus on these parameters as the protocol progresses. The protocol is based on a simple three-round process where parties first run a simulatable coin tossing phase to choose the nonce for the signature. They then decommit to reveal their commitments and provide a zero-knowledge proof of knowledge of the discrete log. Finally, each party computes the signature components and sends them to the coordinator. The protocol is proven secure under the standard real/ideal paradigm for MPC, and in a hybrid model with ideal zero-knowledge and commitment functionalities, the simulator does not rewind the adversary, and the simulation is perfect. This means that the protocol is secure under composition when run concurrently with arbitrary other secure and insecure protocols. The protocol is efficient and simple, supporting quorum thresholds and being extremely efficient. It is designed to work in a communication model where all messages are sent via a central coordinator, and all parties have a public-key infrastructure. The protocol is secure even if related keys are used, and it is proven secure under the standard model or random-oracle model. The protocol is also secure under concurrent composition and is fully simulatable, making it a strong candidate for use in practical applications. The protocol is designed to be used in scenarios where a few milliseconds of performance gain is not significant, and being highly confident in the security of the protocol takes priority.This paper presents a simple three-round multiparty Schnorr signing protocol that is fully simulatable, secure under concurrent composition, and proven secure in the standard model or random-oracle model. The protocol is designed to work in the setting of a dishonest majority, where any number of parties can be corrupted. It securely realizes an ideal Schnorr signing functionality with perfect security in the ideal commitment and zero-knowledge hybrid model. The protocol does not assume that all parties begin with the message to be signed, the identities of the participating parties, or a unique common session identifier, as this is often not the case in practice. Instead, the parties achieve consensus on these parameters as the protocol progresses. The protocol is based on a simple three-round process where parties first run a simulatable coin tossing phase to choose the nonce for the signature. They then decommit to reveal their commitments and provide a zero-knowledge proof of knowledge of the discrete log. Finally, each party computes the signature components and sends them to the coordinator. The protocol is proven secure under the standard real/ideal paradigm for MPC, and in a hybrid model with ideal zero-knowledge and commitment functionalities, the simulator does not rewind the adversary, and the simulation is perfect. This means that the protocol is secure under composition when run concurrently with arbitrary other secure and insecure protocols. The protocol is efficient and simple, supporting quorum thresholds and being extremely efficient. It is designed to work in a communication model where all messages are sent via a central coordinator, and all parties have a public-key infrastructure. The protocol is secure even if related keys are used, and it is proven secure under the standard model or random-oracle model. The protocol is also secure under concurrent composition and is fully simulatable, making it a strong candidate for use in practical applications. The protocol is designed to be used in scenarios where a few milliseconds of performance gain is not significant, and being highly confident in the security of the protocol takes priority.