A brand new proposal circulating amongst Bitcoin builders is forcing the community to confront a long-standing theoretical threat: the impression of quantum computing on its cryptographic foundations.
Bitcoin Enchancment Proposal 361 (BIP-361), launched by a gaggle of researchers together with Jameson Lopp, outlines a structured plan emigrate the community away from legacy signature schemes and towards quantum-resistant alternate options. If adopted, the proposal would impose a phased deadline that would finally render unmigrated cash completely unspendable.
The proposal goals to cut back Bitcoin’s publicity to a future situation through which sufficiently superior quantum computer systems can break the elliptic curve cryptography that underpins its present system.
“Even when Bitcoin shouldn’t be a major preliminary goal of a cryptographically related quantum pc, widespread data that such a pc exists and is able to breaking Bitcoin’s cryptography will injury religion within the community,” the BIP authors wrote.
At this time, Bitcoin depends on ECDSA and Schnorr signatures to safe transactions. Each stay sturdy in opposition to classical computing however are theoretically weak to Shor’s algorithm, which may permit an attacker to derive non-public keys from uncovered public keys. This threat shouldn’t be evenly distributed throughout the community. Older handle sorts, notably pay-to-public-key outputs and reused addresses, reveal public keys onchain and are thought of essentially the most weak.
Estimates cited by the proposal recommend that greater than one-third of all bitcoin in circulation falls into this class, together with early holdings attributed to Satoshi Nakamoto. In a quantum assault situation, these funds could possibly be compromised, doubtlessly destabilizing the community and redistributing wealth to technologically superior actors.
The proposal’s transition phases
BIP-361 introduces a three-phase transition designed to preempt that end result. Section A, anticipated roughly three years after activation, would prohibit new transactions from sending funds to legacy handle sorts. Whereas customers may nonetheless transfer funds out of weak addresses, the restriction would push wallets and companies towards adopting quantum-resistant codecs.
Section B, starting about two years later, would escalate the transition by invalidating all legacy signatures on the consensus degree. At that time, any bitcoin that has not been migrated would turn out to be successfully frozen, unable to be spent below community guidelines.
A proposed Section C, nonetheless below analysis, would provide a restricted restoration mechanism. This is able to depend on zero-knowledge proofs tied to seed phrases, permitting customers to exhibit possession of frozen funds with out exposing non-public keys. The feasibility and timeline of this part stay unsure.
The proposal frames the pressured migration as a defensive measure somewhat than a punitive one. By freezing cash that fail to improve, the authors argue the community can eradicate a significant assault floor earlier than quantum capabilities emerge.
Additionally they notice that completely inaccessible cash would scale back efficient provide, a dynamic lengthy mentioned inside Bitcoin’s financial mannequin.
No activation timeline has been set, and BIP-361 stays in draft kind.
