Bitcoin Forum

We may need to switch to Lantern signatures soon:
https://www.naturalnews.com/2019-09-21-google-achieves-quantum-supremacy-all-cryptocurrency.html

I think it's misleading to claim that Google achieved quantum supremacy as IBM is also doing some quantum computers experiment of their own.

As far as bitcoin goes, it even they achieved to crack AES-256 bit encryption, I'm sure there will be a consensus to go to the next cryptographic hash function to protect bitcoin.

Wooo scary, we hope bitcoin will upgrade...

Meanwhile you should invest in emoji domains, as they are still in infancy stage and secure and unbreakable and rare only 2000 in existence

https://twitter.com/BullshitQuantum

Meh, I'm not impressed, experts say that it's not as a big of a deal as clueless people make it to be. The reaction from media looks exactly like a typical over-exaggerated sensation with news headlines having bolder and bolder statements. Give it a few days or weeks before jumping into conclusions that Bitcoin needs a protocol change - I'm sure after that time everyone will already forget about it.

It seems like IBM has also achieved a similar milestone. Read the news below,

https://www.cnet.com/news/ibm-new-53-qubit-quantum-computer-is-its-biggest-yet/

Bitcoin is protected by 256 bit encrypted architecture so I don't see any rrason to worry right at this moment. Even if 256 qubit is achieved by 2022, not necessarily bitcoin will be their target!

BTW, what is Lantern signature? I am clueless about it and also didn't get any details through Google! Can you please explain?

If this tech will leave google the whole crypto indutsry will be in trouble

Every everything industry will be in trouble once something viable arrives, it's probably not this. Encryption underpins all the important stuff that happens in day to day life. I'm sure someone will figure summat out. Won't be me though. I'll not worry about it and get on with my manscaping.

Yes but you people fail to understand this won't be an on/off thing. Indeed certain core dev told me they are ready to push a little update to make Bitcoin more resistant, but as most things they do, they take their time. Perhaps these news will encourage them to give it more priority. I don't think its urgent either, but we should not sleep on it.

After all, when those computers start becoming useful to crack encryption publicly, privately the likes of the NSA would have been already done it. so you shouldn't wait until IBM or Google, both American companies that could be served gag orders to remain quiet at any moment (if they haven't done so already)  announce things to take action.

Cracking current encryption is still away, but not as far as you think. If you can take measures now, you should.

Remember, by the time they announce anything, it is too late. Be ready before that.

I expect that at first, only those large institutions would own them due to their massive size, so naturally you'd "trust them" (Ie. the NSA). But with time, they will shrink and their cost will be lower. That old game of the 90ies with PGP will probably repeat. National security reasons you can't export blah blah China has it already, and Russia gets it from them, and eventually it starts permeating to the public.

Hmm i wonder if quantum communication will ever become a reality, its still looks like sci-fi, it would allow instant communications over vast distances, crucial for things like Mars colonies or beyond... It has to do with quantum entanglement. It could also lead us to under 1ms latency...

What on Earth could little old me do? If I pop into the bank and shriek that I'm not leaving until I receive quantum resistance they'll have me carted away. The entire matter is completely and totally out of my hands beyond retreating to a primitive existence in the woods.

The free market society works a little different. You keep your eyes open, and see which one is taking measures, then take your money there if you still want to keep using those services. Else you could go bankless :)

You could also start some informative campaign, so more and more people ask their banks what they are doing to improve the security. I'm sure you won't be alone pressing them to migrate to better algorithms and not wait until its to late and a "hacking scandal" puts them in trouble.

Here (Bitcoin) we should expect action, then we can safely safeguard funds here (instead of risking using a flawed online banking).

After quantum computing becomes so common everyone gets their own quantum co-processor or such, the obvious solution will be to use quantum crypto. That might be half a century away... But some of the current crypto algos are quantum resistant, and those should be implemented and used ASAP.

Its not about some silly panic craze, but also not remaining asleep as if nothing is happening. This is probably going to involve all crypto users, not just coins.

Sorry, it's Lamport signatures:
https://bitcoinmagazine.com/articles/bitcoin-is-not-quantum-safe-and-how-we-can-fix-1375242150

The one thing you can currently do is consolidate all outputs into unused P2PKH addresses. Any bitcoins held in spent addresses are theoretically vulnerable.

A Lamport signature scheme -- the primary candidate for a successor to ECDSA -- would operate the same way, with one-time signatures. Once a private key has been used, it's considered unsafe.

"You should move coins to unspent addresses"

So, if you have some coins in a wallet that you received into an address and then if you spend some of those coins, the remaining coins should be moved into a new address that has no previous coins?

No. You should move your Bitcoins to a new address that has no spent transactions. It's fine if you move it to X address that has thousands of incoming transactions without any unspent transaction because the key is not public yet. It will also increase your privacy as long as you can mask your transaction with Coinjoin or mixer like Chipmixer. CMIIW.

Read more here: https://en.bitcoin.it/wiki/Quantum_computing_and_Bitcoin

I've understand just how much faster the processors are today, than they were when I first used a computer about 25 years ago. The biggest chasm is in price for storage. And yes, although I actually feel the 486 I used was faster in responding than the 7th gen intel I'm using today, I understand also that it's not just about pure speed and today already, even before this half century proposition for quantum computing, we could already experience resistant algos... so yeah, even if this quantum scenario unfolds, it'll be plenty of time to step ahead.

Definitely not just about being panicked, but prudently weighing and responding to risk. 100 risks, and all in different likelihoods. We'll cross that bridge when it comes into view.

Actually it probably won't affect many individuals - I see it being a problem for exchanges though.

If people are using bitcoin wallets as they were created to be used then their coins will be stored at an address and not a public key. Addresses are public key hashes and are hashed with ripemd160(sha256(pub key)) so the issues of private keys being compromised are only issues where the public key has been published (if an address is signed or a transaction has been sent). Unless something's changed since this was last discussed, it's believed that SHA256 is still at a difficulty of 2^256 even with quantum machines).


I had to try to get an old dell desktop machine working a while ago. It had a 16GB hard drive (which probably for the time wasn't small) but it is quite amazing how far we've come in terms of digital storage - after looking at old video games, it takes about a second to download what you could store on 7+ floppies from 25 years ago.

Just came across a related thread about quantum computing - https://bitcointalk.org/index.php?topic=5157696.0 and I think it is very informative and assuring at least for now! This developments kind of reminds me of Yhprum's law which states that
but at least there is nothing to worry about for the moment because it poses no threat to BTC and other cryptocurrency for the meantime. Imho.

They don't care if it's misleading, for them promotion is only that natters. And many people will fall for that.
But at this moment I don't think this will affect Bitcoin wallets, at least not from private owners but for exchanges this might be a different story.

That's an interesting issue actually because a lot of miners would be unprofitible if the algorithm needed to change and there was a way to bruteforce hashes but there'd then not be very much power on the new chain side. Although programmatically the chain would have to split to accept new versions of blocks so I guess that would stop the quantum hashers from mining the currency but it is still a bit of a problem that a lot of the hypothetical miners at that time will have spent huge amounts on hardware and not be able to roi.

That'll also have a huge impact on the price of the currency if the network looks to be less secure or stable, especially if people start splitting the chain with the new algorithms...

I agree with you, for purses most likely is not affected, but in exchange most likely yes

Well, our reps had a chance to talk with people from IBM's quantum computing department  - they claimed that this technology is just starting, and he does not see quantum computers being able to threat current encryption of BTC in next several years.
When asked what about more or less 15 years time perspective - they smiled suspiciously.

Therefore, we still have several years of relative safety which can be spent on some sort of quantum encryption.

If it ever does become quantum vulnerable it'll be worth a big fat zero, not a few grand still. You won't be able to trust any transaction and your balance could be lifted at any moment. Your bank account will also be open to all along with almost every current security system.

An unencrypted world would quickly become a bit stone age.

Banks can freeze accounts, rewind, correct it.
But Bitcoin can't.

Therefore a quantum computer earlier than 'quantum resistant Bitcoin network' should never happen.

And then the quantum owner does it again and again. The whole global economy would rapidly become a smoking ruin. Bitcoin would be the least of anyone's concern.

We still don't know what their capabilities are so it might be premature to be concerned, or a suicidal oversight not to be.

It's possible we may not even know whether a viable one exists until the powers that be have had them for quite some time.

so scary that old accounts wake up just to reply to this thread.

Quantum-resistant cryptography already exists, so banks and other centralized institutions are in a much better position to recover.

With Bitcoin, we have much bigger problems. Simply switching to quantum-resistant signatures doesn't solve the issue because we can't force people to move their bitcoins to safe addresses. Something like 1/3 of the circulating supply is at risk -- quite possibly more -- due to key reuse, xpub sharing, pay-to-pubkey mining, etc. If a QC attacked Bitcoin in the wild, it would irreparably destroy faith in the currency based on that alone. I don't believe the same is true for banks.

This is the third topic I have seen about the new quantum computer that Google has released and I'm surprised that there is so much scare mongering among a Bitcoin forum. I'm going to reiterate what I have said in previous threads that this quantum computer is not designed to be a threat to Bitcoin in anyway and is only efficient at very specific tasks so the concerns over mining are redundant as the quantum computer that Google and IBM are developing are not designed to mine Bitcoin and would not be any significant improve over dedicated mining machines.

People would be stupid not to move if the encryption was under threat and we could actually force them by requiring them to change addresses if all wallet software developers accepted this change. It would benefit the Bitcoin community and would be the only time I would suggest a forced move to prevent further loss of coins but if people don't move and lose their coins then that would  be entirely their fault for refusing something which is so blatantly obvious.

There are without question millions of inaccessible coins. I'm sure the owners would absolutely love to move them but they don't have the ability to any more. The only people who might be able to in future will be those pesky quantum people.

It's a very pertinent point that I hadn't thought through properly. There's a lot of low hanging fruit that's effectively helpless and dead and then instantly wakes up available to anyone with the right gear in this scenario. People might expect white hats to claim them first but even then that's still not a good look for a supposedly impregnable and immutable system.

Forcing people to do things goes against the Bitcoin ethos. That's the crux of the problem.

We could give people several years to move their bitcoins to quantum-resistant addresses before destroying them. Even that seems incredibly controversial based on these user reactions (https://bitcointalk.org/index.php?topic=1469099.0).

Forget block size -- this is the real political issue of our day.