|
Title: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: suzanne5223 on November 13, 2025, 11:50:07 AM I believe we all know that one of the events people discussed in the Bitcoin space is the impact of a Quantum attack on wallet entropy, which some individuals have a misconception about, namely that it affects Bitcoin.
In contrast, Bitcoin will function normally in a world with powerful quantum computers with no issue. However, all the exposed public keys holding BTC will be in danger when a quantum computer with the right computing power is created, and we all know that most of the public keys we used on this forum are exposed to the public. When I saw the Tweet posted by Willy yesterday on X (formerly Twitter), about what Bitcoiners should do for the preparation of post quantum I believe this needs to be shared so we can share knowledge, maybe it will help me and some Bitcoiners. The fastest way for Bitcoin's infrastructure to prepare for post-quantum is for BTC wallets to move to HD wallets with transaction policy tweaks. This can be implemented quickly without a protocol update and is very cheap on blockchain space. Explainer: 5-10 yrs is the expected timeline for long range attacks to be viable ("Q-Day"). Moving to HD wallets with transaction policy tweaks will be resistant to Q-Day. Short range attacks come another 4-8 years later, that's when HD wallets become vulnerable. So with very little effort and cost, it buys 9-18 yrs of time to do a post-quantum upgrade to the protocol. (Satoshi's coins and addresses with reuse will still be vulnerable, but whether to burn those coins is a different discussion) An HD wallet is a wallet that controls many derived addresses with a single seed phrase. Whenever you send BTC, you publish the public key onto the blockchain so that address is now quantum vulnerable (quantum computers can crack a private key from a public key). So whenever you send BTC, a good HD wallet should move the remaining coins to a new address inside the series of HD addresses controlled by the wallet, hence the public key holding the coins are never revealed. HD wallets have been around for a while, the update they need is to do the last step. Also to never publish your xpub (a way to derive all of your public keys in an HD wallet). He also provides the idea of hiding the public key behind a hash. DUMMIES GUIDE TO BEING QUANTUM SAFE. In the past it was about protecting your PRIVATE KEY (your seed phrase). In the age of big scary quantum computers (BSQC) that are coming, you need to protect your PUBLIC KEY also. Basically a BSQC can figure out your private key from a public key. The present day taproot addresses (the latest format) are NOT safe, these are addresses starting with "bc1p" and they embed the public key into the address, not good. Prior formats hide the public key behind a hash, so a BSQC can't easily crack it. Do this: 1) create a new segwit wallet. It will start with "bc1q" (NOT "bc1p"), you can use older formats too like ones starting with "1" and "3" 2) send all your BTC into this new address 3) you can continue to stack sats into this new address 4) NEVER send BTC out of it, once you do you're BSQC hackable because your public key is revealed 5) wait for Bitcoin to upgrade to a quantum safe protocol, this may take 7 years, who knows 6) send your BTC into the new quantum safe address when the network is NOT congested, once you send, you reveal the private key for a short time. It's unlikely a BSQC will steal your coins in that short window Some ramifications: All the BTC sitting in ETFs, Treasury companies, and exchange cold storage can be quantum resistant if the custodians take action, even before BTC soft forks into a quantum resistant protocol. Wallet Apps can also take appropriate action (making sure any spend from an address also moves remaining coins to a new non-taproot address). Satoshi's 1M coins using an ancient P2PK address will be stolen (unless a future softfork freezes them). So are lost coins in addresses where there's past spending activity. The general consensus between BTC experts is 2030 onwards as the timeframe when BSQC may come, aka “Q-Day”. What's your take on all his explanations concerning the quantum attack day? Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: bitmover on November 13, 2025, 12:55:51 PM What's your take on all his explanations concerning the quantum attack day? Basically all you have to do is never spend twice from the same address. You can receive multiple times in the same address, but when you spend from it you expose your public key which may lead to a quantum computer attack This is not a risk now, but it may be some day. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: FortuneFollower on November 13, 2025, 12:58:24 PM My view on it - it's too far from being a real threat, and even once it does, there will be measures taken against it ;)
Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: Karl_3000 on November 13, 2025, 12:59:21 PM Quote Do this: 1) create a new segwit wallet. It will start with "bc1q" (NOT "bc1p"), you can use older formats too like ones starting with "1" and "3" 2) send all your BTC into this new address 3) you can continue to stack sats into this new address 4) NEVER send BTC out of it, once you do you're BSQC hackable because your public key is revealed 5) wait for Bitcoin to upgrade to a quantum safe protocol, this may take 7 years, who knows 6) send your BTC into the new quantum safe address when the network is NOT congested, once you send, you reveal the private key for a short time. It's unlikely a BSQC will steal your coins in that short window Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: Luzin on November 13, 2025, 03:00:01 PM This reminds me of El Salvador, which has been dealing with this by storing BTC in several different wallets. They have anticipated Quantum. There are two views on this issue. First, they believe Quantum will arrive soon, but some argue that quantum computers still require quite a long time to materialize. What is certain is that we don't need to be overly afraid. We just need to keep learning and making preparations. I am confident that Bitcoin will also achieve consensus to improve its defense system and keep up with the times.
Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: Don Pedro Dinero on November 13, 2025, 04:32:09 PM bitmover has hit the nail on the head; it is the most effective and cheapest way to protect yourself. This could be a potential risk for those who reuse addresses, such as those of us who charge for signature campaigns. In my case, it's the only time I reuse them, almost out of necessity, because you're not going to ask the manager every week to change your payment address. Also, as FortuneFollower says, there's still time, so when the real danger comes, we'll be ready. Even Trezor has released a product (https://trezor.io/guides/trezor-devices/trezor-safe-7/the-first-quantum-ready-hardware-wallet) that claims to be ‘ready’ for quantum threats but they display a disclaimer:
Quote Trezor Safe 7 already protects its critical internal functions against quantum threats today. It is not quantum-proof because full protection requires that the blockchains also upgrade. I know that many people here do not like Trezor, but just to show that these companies are already preparing for that future. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: Z-tight on November 13, 2025, 06:01:46 PM This reminds me of El Salvador, which has been dealing with this by storing BTC in several different wallets. They have anticipated Quantum. I remember reading a topic about El Salvador moving their BTC's into different wallets in other to protect their funds from the threat of Quantum Computers. Take note that just moving your coins across different wallets does nothing to mitigate the threat of QC, what actually matters is if you reuse the wallets you send your funds to or not.Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: bitmover on November 13, 2025, 06:12:55 PM I know that many people here do not like Trezor, but just to show that these companies are already preparing for that future. I think people dont like ledger. Trezor is an amazing wallet. Great device, completely safe. I already own an old ledger, but if I need a new hardware wallet I would buy a trezor. But everyone should be careful to avoid expending from the same address in the future. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: Mia Chloe on November 13, 2025, 07:37:25 PM I think people dont like ledger. Yeah privacy enthusiasts see it as a scam which is understandable. You don't just out of nowhere encourage people to store their keys on a cloud in the same device that you call a hardware wallet which is literally supposed to act as an alternative escape from the internet where most coin loss threats are. Trezor is an amazing wallet. Great device, completely safe. I already own an old ledger, but if I need a new hardware wallet I would buy a trezor. The whole quantum attack thing is still not a very solid argument in my opinion and a majority of the threats still seem theoretical. I've seen a few "PAID WALLETS" that actually claim to be quantum resistant though. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: dkbit98 on November 13, 2025, 09:58:48 PM This are good suggestions but they are not enough, and I am thinking what is going to happen with all the lost and dormant coins :P
IBM recently announced they are expecting their new processors and software will have breakthroughs speed for fault-tolerant quantum computing by 2029. This is happening in just few years, and I think we are going to have to prepare for another Bitcoin fork soon. What this means for most addresses bitcoinalk members use in forum signature campaigns? - They are all going to be affected and vulnerable, if you ever sent any coins from it. Simple solution: 1) Use Segwit bc1 address 2) Send all coins to fresh new bc1 address you won't spend from. 2) Don’t send BTC to any address you’ve already spent from. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: Karl_3000 on November 13, 2025, 10:37:44 PM Simple solution: You can also use legacy, or nested segwit addresses for it, but what I am not sure about is bc1p address which is taproot address that is said not to be used in the topic in the down quote. 1) Use Segwit bc1 address 2) Send all coins to fresh new bc1 address you won't spend from. 2) Don’t send BTC to any address you’ve already spent from. I've seen a few "PAID WALLETS" that actually claim to be quantum resistant though. Which wallet is that?Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: zabzob on November 14, 2025, 12:31:15 AM I've seen a few "PAID WALLETS" that actually claim to be quantum resistant though. Which wallet is that?The new Qastle wallet is one example. Looks like a gimmick to me tho, I wouldn't pay for something like that. Just another example of companies trying to monetize people's uninformed fears about the quantum threat. A software-wallet version of what Trezor is doing with their overpriced Trezor Safe 7, making empty and misleading claims about it having "quantum-safe architecture and firmware." ::) Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: Aanuoluwatofunmi on November 14, 2025, 03:58:22 AM There is nothing that is best as engaging the use of bitcoin with ultimate privacy, when we maintain this, then we achieve the desire of plan of its creator in us, honestly am not doubting the security to bitcoin network, however, we should also be aware that we need to preserve what we have in other not to be a targe for those waiting for a vulnerability in us for an attack, when they already know what we hold in asset.
Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: ABCbits on November 14, 2025, 09:32:25 AM I've seen a few "PAID WALLETS" that actually claim to be quantum resistant though. Which wallet is that?The new Qastle wallet is one example. Looks like a gimmick to me tho, I wouldn't pay for something like that. Just another example of companies trying to monetize people's uninformed fears about the quantum threat. A software-wallet version of what Trezor is doing with their overpriced Trezor Safe 7, making empty and misleading claims about it having "quantum-safe architecture and firmware." ::) IMO Qastle wallet should be considered as shady wallet. Aside from what you said, their wallet appears to be closed source with monthly pricing. It's also worth to mention that AES-256 (probably most common encryption cryptography) is QC resistant[1]. At least Trezor Safe 7 should have much better transparency since they open their hardware design and software code. [1] https://crypto.stackexchange.com/q/6712 (https://crypto.stackexchange.com/q/6712) Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: dkbit98 on November 14, 2025, 07:14:29 PM The new Qastle wallet is one example. Looks like a gimmick to me tho, I wouldn't pay for something like that. Just another example of companies trying to monetize people's uninformed fears about the quantum threat. I would never use that Qastle crap wallet, and it doesn't matter what wallet claims when base bitcoin blockchain is not quantum resistant.A software-wallet version of what Trezor is doing with their overpriced Trezor Safe 7, making empty and misleading claims about it having "quantum-safe architecture and firmware." ::) Trezor Safe 7 is not overpriced at all, it's offering more than all competition, and best security.They only claimed to be quantum-ready, so there is nothing misleading about that. Instead of making false accusations you should read what quantum-ready means: https://trezor.io/guides/trezor-devices/trezor-fundamentals/what-does-quantum-ready-mean Quote A 'quantum ready' device is a device which will be able to run post-quantum cryptographic updates. The world will need to migrate to post-quantum cryptography, a shift resembling the move from analog to digital, but with a lot more nuance. Given that cryptography underpins so much of modern life, this shift will apply far beyond cryptocurrency, from financial systems to the entire internet. In order to run these updates, a device will need to be quantum-ready on the hardware level, because this can’t be changed after leaving the factory. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: Ucy on November 14, 2025, 07:32:42 PM The question is how much will it cost QC to guess a Bitcoin keys? Don't hold amount of money equal to or greater than the cost in a single address. If an attacker is still interested in hacking regardless of the cost, it most likely not for profit attacker. You can now narrow it down to someone or people at the top who might be targeting an address for security reasons, for vengeance,. etc . But certain addresses are protected from such people due to the innocence of their owners... You don't have to worry about QC attack if you do not deserve to be attacked.
By the way, I think a computer that is capable of guessing Bitcoin keys in short or not-too-long time will be very regulated and their access very restricted. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: suzanne5223 on November 14, 2025, 09:58:13 PM My view on it - it's too far from being a real threat, and even once it does, there will be measures taken against it ;) Yes, it will take some time before the existence of the Quantum computing power that can break wallet entropy, but there's nothing wrong in making preparations now to safeguard ourselves.It is not true, you can send bitcoin out of the address, the change will move to another address which will cause no problem. Just do not resused the address, that is all. I believe you're talking about the Electrum wallet here, which is an HD wallet, and it's safe from what we're talking about here. If you read all the messages I quoted, you'll see that it is already pointed out.Quote Trezor Safe 7 already protects its critical internal functions against quantum threats today. It is not quantum-proof because full protection requires that the blockchains also upgrade. I know that many people here do not like Trezor, but just to show that these companies are already preparing for that future. Having said that, HD wallets are ok for the quantum entropy if the wallet doesn't publish xpub You don't have to worry about QC attack if you do not deserve to be attacked. How can anyone be sure s/he does not deserve to be attacked? Online thieves won't care about who deserves and who doesn't; all they will care about is finding the wallet holding enough BTC.By the way, I think a computer that is capable of guessing Bitcoin keys in short or not-too-long time will be very regulated and their access very restricted. [/quote] To prevent misconception of newbies, which is something we have seen before where proplr thinks it's Bitcoin that's vulnerable to QC attack, please use wallet private key, not Bitcoin keys. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: JiiBs on November 14, 2025, 11:10:11 PM In contrast, Bitcoin will function normally in a world with powerful quantum computers with no issue. However, all the exposed public keys holding BTC will be in danger when a quantum computer with the right computing power is created, and we all know that most of the public keys we used on this forum are exposed to the public. When I saw the Tweet posted by Willy yesterday on X (formerly Twitter), about what Bitcoiners should do for the preparation of post quantum I believe this needs to be shared so we can share knowledge, maybe it will help me and some Bitcoiners. What's your take on all his explanations concerning the quantum attack day? So I’ve been thinking, if the threats as we hope to assume that the Quantum computing age would cause it makes me wonder though, just how many address would not be offline and how does that works. Most of the address we transact with ends up coming online every now and then, the address that are published on the blockchain after every transaction is initiated and proceeded. These details surfaces online and how traceable Bitcoin transactions are… If people become too scared of the safety of Bitcoin in a computing age, it raises the question of why should they indulge. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: adaseb on November 15, 2025, 01:10:55 AM What's your take on all his explanations concerning the quantum attack day? Basically all you have to do is never spend twice from the same address. You can receive multiple times in the same address, but when you spend from it you expose your public key which may lead to a quantum computer attack This is not a risk now, but it may be some day. Yeah people have been saying this for years but go look at many exchange wallets out there, they all reuse the same addresses thousands of times. And I remember reading about this 5 years back and it’s still safe to spend from a reused address. Only coins which can at a disadvantage are those with low entropy like that “32 BTC contest thread” here on bitcoin talk. The creator spent a few of those addresses and they were easy to solve, those that never spent any coins where difficult. However the pattern is predictable with those addresses and most people with real hardware wallets don’t need to worry about it. Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: tread93 on November 15, 2025, 03:54:49 AM This reminds me of El Salvador, which has been dealing with this by storing BTC in several different wallets. They have anticipated Quantum. There are two views on this issue. First, they believe Quantum will arrive soon, but some argue that quantum computers still require quite a long time to materialize. What is certain is that we don't need to be overly afraid. We just need to keep learning and making preparations. I am confident that Bitcoin will also achieve consensus to improve its defense system and keep up with the times. I agree I think that developers on the bitcoin protocol will find a way to fortify against these kinds of targets and attacks and I think there is for sure hope against the "Q" Day! I guess we will just have to keep on keeping on here and be confident that Bitcoin can hold its own now, I mean shoot Bitcoin is practically a Sophomore in High school at this point, right? ! ahhaah Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: PrivacyG on November 15, 2025, 04:13:40 AM This are good suggestions but they are not enough, and I am thinking what is going to happen with all the lost and dormant coins :P They will probably be the first targets. It would be very stupid if the target was not the most vulnerable which are also the most valuable Addresses. If this happens then I presume one of the first targets will be any of the presumably Satoshi owned Addresses. They contain too much value for a Quantum Computer to try and hit a thousand Dollar UTXO.I do not know. I have mixed feelings. On one hand I believe it is the job of their owners to protect them from what danger comes in the future. On the other hand there are situations where it is not the fault of the owners. For example. Some body may have died 10 years ago with a lot of Bitcoin on a Wallet and their family has simply not searched their computer well enough yet. Do they deserve a loss? On the other hand there is no thing else to do. They can either be left alone vulnerable or vulnerable Addresses can be blocked maybe. But then this comes with its own risks. Out of all the possibilities out there I wish Bitcoin NEVER has any 'migration' or Fork that ends up losing peoples Money. What do you think? Title: Re: Fastest mean for Bitcoiners to be prepare for post quantum? Post by: zabzob on November 15, 2025, 06:04:49 AM The new Qastle wallet is one example. Looks like a gimmick to me tho, I wouldn't pay for something like that. Just another example of companies trying to monetize people's uninformed fears about the quantum threat. I would never use that Qastle crap wallet, and it doesn't matter what wallet claims when base bitcoin blockchain is not quantum resistant. 100% agreed. A software-wallet version of what Trezor is doing with their overpriced Trezor Safe 7, making empty and misleading claims about it having "quantum-safe architecture and firmware." ::) Trezor Safe 7 is not overpriced at all, it's offering more than all competition, and best security.Not everyone would agree with that. With so many different options and approaches to security on the market now, it's difficult to claim that any one hardware wallet offers the "best security" and "more than all the competition" for all bitcoiners. Trezor 7 is not air-gapped, so not offering more than all competition, or best security--at least for those who prefer their signing device air-gapped. Or stateless, which Trezor also does not offer. And some prefer a DIY option as an added security feature. And Trezor 7 also lacks an option for physical user-added entropy for seed creation, like dice-rolls. Some would rather have these features than claims of "readiness" for some imagined quantum future. In my opinion, $250 is a lot to spend on a wallet that lacks so many security features. That's why it's a good thing there are now so many options on the market. To each their own. They only claimed to be quantum-ready, so there is nothing misleading about that. Instead of making false accusations you should read what quantum-ready means: Thanks for this info, that does clarify the issue. I'm not making any accusations, just stating my personal opinion. I find Trezor's marketing about quantum readiness, quantum-safe or whatever to be a ploy to charge higher prices. I may be wrong, but that's how I see it. |