A brand new proposal circulating amongst Bitcoin builders is forcing the community to confront a long-standing theoretical threat: the impression of quantum computing on its cryptographic foundations.
Bitcoin Enchancment Proposal 361 (BIP-361), introduced by a gaggle of researchers together with Jameson Lopp, outlines a structured plan emigrate the community away from legacy signature schemes and towards quantum-resistant alternatives. If adopted, the proposal would impose a phased deadline that would finally render unmigrated cash completely unspendable.
The proposal goals to cut back Bitcoin’s publicity to a future state of affairs wherein sufficiently superior quantum computer systems can break the elliptic curve cryptography that underpins its present system.
“Even when Bitcoin will not be a major preliminary goal of a cryptographically related quantum laptop, widespread data that such a pc exists and is able to breaking Bitcoin’s cryptography will harm religion within the community,” the BIP authors wrote.
Immediately, Bitcoin depends on ECDSA and Schnorr signatures to safe transactions. Each stay strong in opposition to classical computing however are theoretically susceptible to Shor’s algorithm, which might enable an attacker to derive non-public keys from uncovered public keys. This threat will not be evenly distributed throughout the community. Older handle sorts, notably pay-to-public-key outputs and reused addresses, reveal public keys onchain and are thought-about probably the most susceptible.
Estimates cited by the proposal counsel that greater than one-third of all bitcoin in circulation falls into this class, together with early holdings attributed to Satoshi Nakamoto. In a quantum assault state of affairs, these funds might be compromised, doubtlessly destabilizing the community and redistributing wealth to technologically superior actors.
The proposal’s transition phases
BIP-361 introduces a three-phase transition designed to preempt that consequence. Section A, anticipated roughly three years after activation, would prohibit new transactions from sending funds to legacy handle sorts. Whereas customers might nonetheless transfer funds out of susceptible addresses, the restriction would push wallets and providers towards adopting quantum-resistant codecs.
Section B, starting about two years later, would escalate the transition by invalidating all legacy signatures on the consensus stage. At that time, any bitcoin that has not been migrated would change into successfully frozen, unable to be spent beneath community guidelines.
A proposed Section C, nonetheless beneath analysis, would supply a restricted restoration mechanism. This might depend on zero-knowledge proofs tied to seed phrases, permitting customers to reveal possession of frozen funds with out exposing non-public keys. The feasibility and timeline of this section stay unsure.
The proposal frames the compelled migration as a defensive measure reasonably than a punitive one. By freezing cash that fail to improve, the authors argue the community can remove a significant assault floor earlier than quantum capabilities emerge.
In addition they notice that completely inaccessible cash would scale back efficient provide, a dynamic lengthy mentioned inside Bitcoin’s financial mannequin.
No activation timeline has been set, and BIP-361 stays in draft type.
