A brand new proposal circulating amongst Bitcoin builders is forcing the community to confront a long-standing theoretical threat: the influence of quantum computing on its cryptographic foundations.
Bitcoin Enchancment Proposal 361 (BIP-361), launched by a gaggle of researchers together with Jameson Lopp, outlines a structured plan emigrate the community away from legacy signature schemes and towards quantum-resistant options. If adopted, the proposal would impose a phased deadline that might in the end render unmigrated cash completely unspendable.
The proposal goals to cut back Bitcoin’s publicity to a future state of affairs by which sufficiently superior quantum computer systems can break the elliptic curve cryptography that underpins its present system.
“Even if Bitcoin is not a primary initial target of a cryptographically relevant quantum computer, widespread knowledge that such a computer exists and is capable of breaking Bitcoin’s cryptography will damage faith in the network,” the BIP authors wrote.
As we speak, Bitcoin depends on ECDSA and Schnorr signatures to safe transactions. Each stay strong in opposition to classical computing however are theoretically weak to Shor’s algorithm, which might permit an attacker to derive non-public keys from uncovered public keys. This threat is just not evenly distributed throughout the community. Older deal with sorts, notably pay-to-public-key outputs and reused addresses, reveal public keys onchain and are thought-about essentially the most weak.
Estimates cited by the proposal counsel that greater than one-third of all bitcoin in circulation falls into this class, together with early holdings attributed to Satoshi Nakamoto. In a quantum assault state of affairs, these funds may very well be compromised, doubtlessly destabilizing the community and redistributing wealth to technologically superior actors.
The proposal’s transition phases
BIP-361 introduces a three-phase transition designed to preempt that end result. Section A, anticipated roughly three years after activation, would prohibit new transactions from sending funds to legacy deal with sorts. Whereas customers might nonetheless transfer funds out of weak addresses, the restriction would push wallets and providers towards adopting quantum-resistant codecs.
Section B, starting about two years later, would escalate the transition by invalidating all legacy signatures on the consensus degree. At that time, any bitcoin that has not been migrated would develop into successfully frozen, unable to be spent beneath community guidelines.
A proposed Section C, nonetheless beneath analysis, would provide a restricted restoration mechanism. This might depend on zero-knowledge proofs tied to seed phrases, permitting customers to exhibit possession of frozen funds with out exposing non-public keys. The feasibility and timeline of this section stay unsure.
The proposal frames the pressured migration as a defensive measure relatively than a punitive one. By freezing cash that fail to improve, the authors argue the community can remove a serious assault floor earlier than quantum capabilities emerge.
Additionally they notice that completely inaccessible cash would scale back efficient provide, a dynamic lengthy mentioned inside Bitcoin’s financial mannequin.
No activation timeline has been set, and BIP-361 stays in draft kind.
