Author: Martin Schwarz 2021-03-23 09:36:32
Published on: 2021-03-23T09:36:32+00:00
In a bitcoin-dev email thread, Erik Aronesty, CTO of Atkama, argued that the argument that hashed public addresses provide quantum resistance is flawed when considered in the context of Bitcoin. He shared an article by Andrew Chow that makes a strong case against the quantum utility of hashed public keys. Aronesty also mentioned that it should be kept in mind that there is a case against quantum computing itself and planning for quantum computing should be limited to "a provable and written ability to upgrade if it becomes clear that it's necessary." Martin expressed interest in a more official and functional plan for Bitcoin to use zero-knowledge proofs to transition to quantum resistance.Luke Dashjr explained on the same thread that Taproot loses an important safety protection against quantum. Pre-Taproot, it was possible for the network to "pause" while a full quantum-safe fix is developed and then resume transacting. With Taproot as-is, it could become an unrecoverable situation if QC goes online prior to having a full quantum-safe solution. Dashjr also added that we do not actually gain anything from Taproot and that the features proposed to make use of the raw keys being public prior to spending can be implemented with hashed keys as well. Despite this, Dashjr does not believe it's a reason to NACK Taproot and thinks it would be fairly trivial to add a hash on top in an additional softfork and fix this. In addition to the points made by Mark Friedenbach, Dashjr adds two more responses to Pieter's "you can't claim much security if 37% of the supply is at risk" argument. Dashjr recommends anyone using Bitcoin to read Mark's article and his thoughts on the topic, decide if this is a concern to them, and make their own posts accordingly.
Updated on: 2023-06-14T19:35:07.755357+00:00