Bitcoin’s Quantum Risk Is Real

Bitcoin’s Quantum Risk Is Real
Kiara Bickers

almost A quarter of bitcoin It is at risk of quantum attack, linked to the general keys that have been revealed on Blockchain. But if a lot of show is weak, it raises deeper concern: Is confidence in the entire security model in Bitcoin at risk?

Imagine waking up, checking your phone, and your bitcoin balance zero. Not only your cold storage, also your exchange balances. gold. Overnight, millions of Utxos drained in a silent and coordinated attack.

This looks extreme, but this type of events will be more than just theft. It will be a direct attack on the value of Bitcoin, a general indication that the basic encryption is no longer safe. The actor at the state level may try to try something like this, not only to steal the coins, but to destroy confidence and cause chaos.

Not every striker behaves loudly. One may take more self -guarantee. With a quantum computer, they can target the oldest UTXOS quietly, and the manufacture of metal currencies from forgotten or inactive portfolios. Their goal will be as much as possible before the rest of the world.

But whether the attack is high, calm, fast or slow, the end result is somewhat the same. The assumptions that safe bitcoin is no longer correct in the post -quarter world. Mathematics that obtained bitcoin from its beginning can be broken at any time, by a machine that no of us has seen yet, but we know that it is in theory.

What are the quantum computers that are already broken

The quantum computer is not just a faster version of our computers today. It is mainly a different type of machine. For most tasks, it will not be much faster than a regular computer. But for the very specific problems, it will be strong enough to break a lot.

Bitcoin’s digital signatures today, including Schnorr and ECDSA, depend on something called A separate Logaret problem. Think about it as a kind of sports street in one direction. It is easy to go to one direction, but very difficult to return. You can take a special key and create a key or a public signature, but do the opposite, and derive the private key from the public key, is practically impossible. That is why you can share your general key on Blockchain safely, because it is possible for anyone to reflect and derive the opposite private key.

But with large quantum computer, this assumption collapses. Use Shore algorithmThe quantum attacker can solve a separate Logaret problem. This “in one direction” is no longer loaded. Looking at any general key on Blockchain, the attacker can extract the opposite key.

Difficult options, big differentials

There are no perfect solutions here. Any plan to defend Bitcoin against these quantum attacks involves some major barters. Some are technical. Some are social. They are all difficult.

One of the possibilities is to introduce a new type of output type, which only uses post -quarter signatures. Instead of relying on separate logarithms, which can be broken by quantum computers, you can lock the coins using quantum safe signatures from the beginning. Anyone who sends money to this address knows that they choose stronger and future safety.

The big comparison here is the size. Most of the post -pillars signatures are often measured in kilobite instead of the guns. This means that post -quarter signatures can be greater than 40 to 600 times from the current bitcoin signatures. If ECDSA/Schnorr signature fits in a text message, the post -quarter signature may be a large number of a small digital image. It costs more to broadcast, and more to store it on Blockchain. HD portfolios, Multisig settings, and even basic basic management are more complex or may not work at all. The signs of the threshold with post -quarter signatures remain an open research problem.

A relevant proposal comes to go beyond the whole quarter Jameson Loop, who suggested a 4 -year immigration window. After entering the post -quarter signatures, the Bitcoin ecosystem gave a few years to rotate to safe outputs of the quantity. After that, the coins that are not transported as lost. Adian approach, but it sets a clear final date and gives the network time to adapt before any crisis.

Until the threat becomes more realistic, we prefer to rely on the encryption that we already trust. But if we all agree that Bitcoin needs a plan, what will it be?

Nobody wants to rush to Chinese Bitcoin with unproven assumptions. Instead of pressing something completely new, Bitcoin may already have a built -in starting point. root!

Hidden Taproot safety after a quarter

Taproot, presented in 2021, is mostly known for improving privacy and efficiency. What many users do not realize is that it can also be a basis for a smoother transition to the post -quarter world.

Each Taproot output contains a set at the beginning of alternative spending conditions. These alternative text program tracks have not been revealed unless they were used. Currently, most Taproot coins are spent using the SCNORR signatures, but those hidden paths can be used for almost anything. This includes post -Quantum (PQ) checks.

The idea that the inner structure of Taproot can resist quantum attacks to Matt Coralo, which he first published. And recently, Publish Tim Ruffing Of Blockstream Research Paper Show that this approach is in fact safe: the return paths within Taproot can remain reliable, even if the Schnorr and ECDSA are broken.

This opens the door for a simple but strong upgrade path.

Step 1: Add after a quarter symbols

The first step is to provide support for the QUANTUM signatures in the Bitcoin text program. This can be done by adding new OPCS codes that allow radical text programs to check PQ signatures, using currently uniform and evaluated algorithms.

In this way, users can start creating Taproot outputs with two spending tracks:

  • The main track still uses a quick and effective SCNORR signature for daily use.
  • The course of the textual programs will contain post -quarter obstacles, which are only revealed if necessary.

Nothing changes in the short term. Currency behaves the same. But if a quantitative threat appears, the reserve is already.

Step 2: Duck the killing key

Later, if a large quantum computer is developed and the risks become real, Bitcoin can disable the SCNORR and ECDSA spending.

This killing key is to protect the network by preventing coins in weak outputs from theft. As long as users have transported their coins to Taproot outputs that include post -quarter obstacles, these coins will remain safe and spend.

The transition will lead to some friction, but we hope it will be less exposed than the last minute. Thanks to the textual hidden Taproot paths, most of this work can happen quietly.

Prepare without panic

There is no countdown hour to threaten quantity. We have no idea when this penetration will occur in quantum computing. It can be a decade away, or it may be much closer. Nobody knows.

Nothing of this is simple. There are still open questions about the post -quarter algorithms that we must use, how to make them effective enough for Bitcoin, and how to maintain basic features such as Multisig and the main derivation. But the most important thing is to start. Ideally, not after the first computers related to encryption, but now, while the system is still safe and the promotion paths are still available.

By enabling the post -quarter signature support in the Bitcoin text program today, we give users time to prepare. Education can gradually occur, without dismay. Users can start deporting coins in their pace. If we wait for a long time, we lose this luxury. The promotions that took place under stress are rarely running.

Tim Raving’s work places a possible way forward. A plan that already benefits bitcoin tools. Read to him A complete paper to understand how this works in detail.

This is a guest function by Kiara Bickers from Blockstream. The opinions that are expressed are completely property and do not necessarily reflect the views of BTC Inc or Magazine Bitcoin.

The post Bitcoin’s Quantum Risk Is Real first appeared on Investorempires.com.