Author: Luke Dashjr 2021-03-16 03:44:25
Published on: 2021-03-16T03:44:25+00:00
The discussion among Bitcoin developers revolved around the potential quantum threat to Bitcoin and Taproot's security. While some argued that the loss of hash-based addresses would make it difficult to protect Bitcoin against quantum attacks, others suggested that it would be easy to add a hash on top in an additional soft fork. The argument was made that an attacker with access to a quantum computer could steal an entire block of supply quickly, unlike mining rigs which require significant upfront real-world costs in the form of electricity for a slow process. It was also noted that naked pubkeys would give attackers more time to attack as they don't have to wait for a spend to occur. On the other hand, Taproot keys, when used according to the recommendation in BIP-0341, are already hashes of their internal keys, so Taproot outputs have better quantum resistance than legacy outputs. Furthermore, adding another hash would be strictly redundant since it not only stops the attacker from obtaining the original key but also prevents creating a new private key that can spend the output. The developers discussed the energy required to mount a "fast" attack, which may eventually approach the energy required by mining, making it easier for someone who possesses the ability to mount such an attack to 51% the network rather than a quantum attack.
Updated on: 2023-06-14T19:34:50.311212+00:00