tl;dr

An update on progress towards making the Bitcoin network quantum-resistant.

Market Snap

Market Wrap

BTC tried and failed to breach $80k this morning, a level which represents break-even for a significant cohort of short-term coins. The tension between ongoing buying interest from institutions in the form of spot BTC ETFs and panicky hot money from retail will take a few days to resolve, but there can only be one winner.

Curious Cryptos’ Commentary – The quantum threat

The most important rule in cryptos is a simple one: the maxis are always wrong.

Obviously, the naysayers are too, but I don’t need to tell you that.

The decentralised world cannot exist without the centralised world.

The centralised world is made so much better by working in harmony with the decentralised world. It really isn’t that hard to understand. Once you do understand that you know that dirty fiat – principally the dollar, for the stablecoin revolution ensures US hegemony in all things financial – will not be replaced by cryptos.

But once you understand that you also know that fiat will always devalue against BTC.

…

The threat that quantum computers pose to BTC is getting ever more attention, and rightly so.

The quantum threat is that the private key – derived from the seed phrase – can be reverse-engineered from a public key. Anyone in possession of the private key can move coins from that wallet to another one that has a different private key. That is a problem, though only if it exists.

It isn’t clear that quantum computers will be able to do that anytime soon, and certainly not without great cost.

A malicious actor with a working quantum computer that can break BTC’s encryption will have the ability to break into every single centralised system known to humanity. Your bank accounts, your investments, your medical records, your emails (however embarrassing some of them might be) will be openly available. The centralised systems that help control the public transport network, that give air flight controllers the information they need to direct planes to safely take off or land (think Breaking Bad here), the movement of goods across oceans, and the internet itself, are all compromised long before that malicious actor gets around to stealing a few Bitcoins. That really would be the least of our troubles.

Nonetheless, we need to be prepared, and we need to make BTC quantum resistant.

The good news is that apart from the short period of time (roughly ten minutes) between each block, everyone can ensure they are resistant to a quantum attack by using the P2PKH (pay to public key hash) protocol, which ensures your public key is not identified on the blockchain, until your coins are spent. Even better news is that if you use a hardware wallet such as Ledger Nano, you don’t even need to worry about this. It is all handled by the software but note that it is incumbent on you not to reuse old addresses.

…

But there is an issue with older coins that used P2PK (pay to public key). Those coins, notably the Satoshi stash, are at risk from the quantum threat as the public keys are sitting there in broad daylight on the blockchain.

Assuming the quantum attacker has had enough fun hacking into every financial institution whilst merrily transferring money and assets worth tens to hundreds of trillions of dollars to places they should not be, releasing everyone’s email for AI to parse to try to blackmail some (most?) of us, shutting down public transport, taking out every social media channel, and generally making all our lives a misery, he might finally turn his attention to the 5.6mm coins worth $450bn or so held in old wallets for which the public key is available.

That is not low-hanging fruit.

But still, we need to prepare.

One proposal gaining support is to freeze those old coins on that assumption that having not been moved for over a decade, the private keys have been lost, probably deliberately so for the Satoshi stash.

The first part of the current proposal stack is BIP-360, a draft soft-fork proposal for a new output type called P2MR (Pay-to-Merkle-Root). P2MR is designed to remove Taproot’s long-exposure public-key risk by eliminating the key-path spend and committing instead to the Merkle root of a script tree. Strictly speaking, P2MR is not the final word in quantum resistance. It deals with long-exposure attacks, where a public key sits on-chain for months or years. A complete answer to short-exposure attacks, including the period while a spend is sitting in the mempool, probably requires post-quantum signatures as well.

BIP361 builds on this with a proposal to prevent BTC being sent to old-style, quantum vulnerable addresses, then later to prevent those addresses from sending BTC. The final step – currently being investigated – is to use zero-knowledge proof of ownership of frozen coins to allow them to be unfrozen.

…

Predictably, the maxis are kicking and screaming about this, claiming that BIP361 undermines the whole ethos and philosophy that underpins BTC. Samuel “Chad” Patt, founder of Op Net, makes a reasonable point:

“Freezing any coins, even ‘lost’ ones, tells the market that all (roughly) 19.8 million BTC currently in circulation are conditionally owned. Institutional risk desks do not care about the reason; they care about the precedent.”

However, his startling conclusion is wildly overstated:

“Bitcoin’s repricing would be instant, not gradual and would be the worst single day in bitcoin's history, but not because of a hack, but because the network will have proven its core value proposition is negotiable.”

Mati Greenspan, a self-outed maxi, reaches a similarly unconvincing conclusion:

“If quantum computers ever crack early Bitcoin wallets, it won’t trigger a rollback or a freeze; it will trigger the largest bug bounty in human history.”

That is one very scary way of looking at the world.

Ken Kruger, founder and CEO of Moon Technologies, sees it differently – he thinks this is an opportunity for BTC:

“It’s extremely challenging to build systems that are truly future-proof, and while Bitcoin has come quite close, quantum may pose a threat that requires trade-offs participants won’t be happy with. So far there’s no solution that doesn’t include compromise: freeze funds or let them be stolen? If solved elegantly, this could be a critical moment Bitcoin proves its resilience as a global monetary system.”

That’s a much better way of looking at it.