Author: David A. Harding 2021-03-16 00:24:01
Published on: 2021-03-16T00:24:01+00:00
Bitcoin developers are concerned about the threat of quantum computing (QC) becoming a reality, which could compromise millions of keys. However, they believe that the real risk comes from secret advances in QC, and there are many ideas to mitigate the risk of effective QC attacks. One way to control this risk is to pay a public bounty to anyone who provably and publicly discloses the secret advance. Bitcoin already has a system for this, where anyone who can prove a collision attack against Bitcoin's primary hash function, SHA256, can claim the bitcoins sent to a specific address. Developers propose creating an output script with a Nothing Up My Sleeve (NUMS) point that would provide a trustless bounty to anyone proving the capability to steal any P2PK-style output with secp256k1's 128-bit security. They suggest creating NUMS-based ECDSA- or taproot-compatible scripts with lower difficulty that could be used to measure the progress of QC-based EC key cracking. This would allow people and businesses to send a few BTC to those addresses to create a QC early warning system that would alert them when they need to shift to working on post-QC protocols for the future.
Updated on: 2023-06-14T19:32:15.545907+00:00