Bitcoin will be vulnerable to Quantum Computers in about 2 years

[Outhue]

It's sad to see newbies on this forum talking shit about Bitcoin, I bet OP is here to spread FUD, people like you don't have any Bitcoin in their wallet 'if they opened any', why don't you just worry about how you will get your hands on a quantum computer and start using that to jail break people's bitcoin wallet? I want to see how far this can go for you. For now it's 100% FUD, if you don't have anything sensible to say please just stop.

[Hispo]

Huh, even if there was some bad stuff going on, Satoshi himself did not imply the Core developers could hard fork the Blockchain into a quantum resistant protocol from what it could be considered to be the last "honest block"?

The only problem would be the transacions done after the first attack and there could be some loss of funds if the honest block has much age. Such scenario could impact negatively the ecosystem for some time.

[noormcs5]

If the bitcoin developers see a risk in bitcoin by quantum computers they will do something about it, you really think people will just seat and watch how bitcoin dies? that will not happen.

And even if it happens there is always the option of a hard fork to recover the lost coins on the attack. So, I don't thinks quantum computers will destroy bitcoin, when those computers get enough power to attack bitcoin then BTC will be strong enough to avoid it.

The OP thinks that the world richest people who are investing in bitcoin are ignorant of the fact that quantum computers will be treat to bitcoin. This is not the case. Everyone knows that quantum computer will not be able to decode the bitcoin keys.

Think in a layman way that since the interest in bitcoin is not getting less and world money is getting into bitcoin shows that quantum computers may not be a threat to bitcoin.

I would suggest OP not to spread the fud especially on this forum.

[jossiel]

IIRC, I've read the same thoughts when I was still new in the market like for someone who's new to it, will definitely discouraged from that statement about quantum computers.

Well then the panic has been said and effective to me during that time. Someone who's not experienced yet in the market might fall for it.

But when you study just the history of bitcoin, are you still going to believe with it? And are those quantum computers will just have to focus on bitcoin and as they say crack it down and won't do something else that are more important?

[AverageGlabella]

I am done with this stupid argument and claims that quantum computers will be the end of btc. Quantum computers are not near the qubit requirements to challenge the algorithm that btc uses and probably will not be there for many years. When that happens we can have a amnesic blockchain or find another solution that will prevent quantum computers from attacking public keys. It will require a hard fork but everyone who cares about btc will want this to happen. People will lose their coins especially if they are inactive for years. Satoshi coins will be lost but they would be lost if we did not make the change anyway. Reusing addresses will probably not exist in the future or will not be enabled by default and will only be enabled by people choosing to reuse a address. Wallet software will be rewritten to cycle addresses and to allow transaction to the same addresses in a wallet without it exposing the public key. There are a lot of solutions some of them still being refined that can protect us against quantum computers when they eventually get good enough to threaten btc.

the 2 years that op says is bullshit and I think op does not understand the difference between quantum computers not all quantum computers are the same. Quantum computers are designed for a certain task and the task of breaking encryption will probably be one that will be developed because it is useful to the military but it will be a race to who gets it 1st and it will not be useful after everyone knows it exists because they can protect against it when it is a real threat. btc will not be the 1st target and I do not think it will be a target. We are low priority and a quantum computer that can break the algorithm can break many other algorithms that military and governments use so it will be a big deal. But the op is full of bullshit because the governments will be the 1st to protect against this and there has been no major developments in years. This is FUD and should be ignored but there is some truth that quantum computers will probably be a threat sometime in the future but a long time from now.

[s2]

I think it's inevitable that at some point in time something will break ECDSA.. I mean there's a pretty good incentive to find a solution to it so is a matter of when and not if.  QC or not.  The issue is how does cryptocurrency (and every other crypto related sector) survive.  It's pretty easy in my mind, it's no different than that bug where billions of bitcoin were printed once upon a time... it's a hard fork where new code fixes the issue.

So here's how I'd see it playing out.

Assumption 1.
Most likely it's the public keys in the chain that get compromised first as that's a lot easier than P2PKH style transactions where you need to derived a private key and script that matches the hash.

Assumption 2.
It takes a period of time to do P -> k solution (i.e. > 10mins).

With those assumptions we would likely get early indications of a compromise.  Early satoshi coins move, large accounts compromised to move the market, etc..
An update to the chain could be put out that offers a new signature system. 
If the attack is convincing that either a QC or fundamental crack has happened, a certain block number (even in the past) could be used as the reset point.

Everyone who wants to adopts the new hardfork.  Yes we have the BTC/BCH rubbish again but this is part of the bitcoin evolution process.  Strongest mining is 'the bitcoin' chain, so only through decentralised concensus is that reached.

Next anyone who wants to spend from an OLD tx has to also provide some PoW on their provided signature.  This means a simple GPU running for say a day does enough PoW to state they are the owner of the signature.  This would prevent even a compromise or QC attack from spending everyone's coins since they'd still need to do PoW for every tx they try to steal.

I'm sure there are even better ways to approach this but my approach is not to worry as we can always rollback and be inventive even on the worst possible attack imaginable.

[serjent05]

IIRC, I've read the same thoughts when I was still new in the market like for someone who's new to it, will definitely discouraged from that statement about quantum computers.

Well then the panic has been said and effective to me during that time. Someone who's not experienced yet in the market might fall for it.

But when you study just the history of bitcoin, are you still going to believe with it? And are those quantum computers will just have to focus on bitcoin and as they say crack it down and won't do something else that are more important?

Quantum computer issue is created to FUD the Bitcoin market.  To put a hindrance on Bitcoin adoption by spreading false and exaggerated information of quantum computers.  The way they say how Quantum Computer breaks Bitcoin security is like Bitcoin development will be idle and wait for these QC to crack its security algorithm.  Developers will adjust the security algorithm of Bitcoin when they feel that QC is catching up. 

So I never think that quantum computing is a threat to Bitcoin security even if Bitcoin security development has stalled for half a decade.

[nullama]

This seems to be a bit FUD

The researchers estimate that a quantum computer with 1.9 billion qubits would be necessary to crack a Bitcoin's encryption within 10 minutes. To manage the feat within an hour, a machine with 317 million qubits would be required. However, if you had a full day to try and crack the security, a system packing just 13 million qubits would be capable of the task.

Right now, the most potent quantum computer, developed by IBM, boasts 127 qubits.

[PhoenixZephyrus]

Well post quantum cryptography is going to evolve too. Developers aren't going to be stagnant and lets be honest, quantum computing still has a ways to go before it gets anywhere close to posing a threat to the bitcoin algorithm, or any encryption system for that matter. People expect about a decade or so. But the existing quantum technology is by far very experimental currently, and not that much of a threat to any encryption algorithm, so we are safe for now. And I expect quantum-resistant methods to be out before quantum computing can actually break these algorithms.

In fact, there are many articles COINTELEGRAPH article on quantum threats detailing approaches that are already in progress that want to mitigate the quantum threat - many aided by big corporations with a lot of funding. This is just how cryptography has always worked, someone tries to break the encryption system while others keep designing countermeasures.

[Ozero]

Well post quantum cryptography is going to evolve too. Developers aren't going to be stagnant and lets be honest, quantum computing still has a ways to go before it gets anywhere close to posing a threat to the bitcoin algorithm, or any encryption system for that matter. People expect about a decade or so. But the existing quantum technology is by far very experimental currently, and not that much of a threat to any encryption algorithm, so we are safe for now. And I expect quantum-resistant methods to be out before quantum computing can actually break these algorithms.

Even if this is true, and quantum computers will not be able to threaten cryptocurrency for a long time, anyway, information about this should not be immediately labeled as FUD. It is better to prevent the negative impact on the cryptocurrency from quantum computers than to watch the market collapse for years later. Theoretically, quantum computers can crack the secret keys of cryptocurrency, the only question is their power, and they are constantly and quite successfully working on this. But I don't see any real work to counter such negative capabilities of quantum computers. Just brush it off because it can't be, it's clearly not an option.

[jvanname]

It looks like people here have bought into the hype. Don't buy into the hype. We need fewer people to talk about overhyped things like GPT, quantum computation, and artificial intelligence because these people have a lot of things to learn. Buying into the hype is very annoying. Since you have bought into the hype, you have probably been oblivious to other technologies related to quantum computation. Do you know about reversible computation? Reversible computation is the computing technology of the future, but the media has not hyped reversible computation. There is absolutely no reason for this other than anti-intellectualism. I therefore refuse to take anyone who talks about AI alignment or quantum computation seriously unless they are familiar with reversible computation and realize that reversible computation is at least as practical as quantum computation.

Quantum computation can help with some specific problems, but reversible computation will replace all forms of computation. Since reversible computation is more feasible than quantum computation, reversible computation will affect the cryptocurrency ecosystem before quantum computation does.

If you think that quantum computation will allow us to solve some exptime problems in a reasonable amount of time in just 2 years (well, now 1.5 years), then you have bought into the hype. If you have also not even heard of reversible computing, then you have not been properly informed about the future of computational hardware.

[s2]

Let's pretend that a QC powerful enough now exists to break ECDSA within 10 mins.

Let's put on an "attacker hat" and see how it plays out...  

It's very unlikely an institution would do this due to it being illegal and the fine/lawsuits would ruin a company.  Therefore a single staff member is most likely to use a company's QC to attack the network... a bit like how people used to use company computers to mine with and later get caught.

The weaker, older "pay to public key" transactions would become the first victims.  Whilst this could include Satoshi's first minted coins, it's unlikely they would attack those early coins since any movement of long stored 50BTC tx's will always alert people.  Instead they'd focus on the most recent P2PK tx's and work backwards in time.

* Grab a P2PK tx and obtain the private key.
* Write down with pen and paper.
* Wipe or obscure the operation from QC history.

Manually construct the tx to another address, go to a coffee shop & VPN.. publish tx to a public home run node.
repeat, slowly and accelerate as getting more cocky that they got away with it.

So how is Bitcoin protected after such an attack?

This is the hardest part, we can't hard fork fix this since we wont know what is genuine and what is done by the QC.

Best fix I can think of is addressing the issues...
1. Add a quantum resistant signature system to Bitcoin
2. Require PoW for any transaction submitted to the node.

Ideally step 1 should be done now.   We don't need to use this new signature system but it should be ready to swap to.
Step 2... at a point when QC is believed to have compromised bitcoin, we require PoW of CPU power before accepting a transaction.  The transaction must pay to a QC resistant tx.
The PoW should be significant but not too much.  E.g. 1 hour's worth of PoW of the hash(nonce + signed TX).
The result of the PoW could be put in an OP_RETURN call or even a new OP code.

This way it becomes expensive for an attacker to steal too many coins and valid owners can use their laptops or mobile phones to issue transactions.

Hard to see how this would be rolled out in practice but P2WPKH happened so if there is a demand it could well be done.

[monedauno]

Yes, if you are planning to use a quantum computer for real life mining then you are in risk. 
 
If you want to get rich it takes a long time to do so, it also depends on the user and the price you intend to buy. For the long term you are in a bear market and this is a high risk so you may be in the red and it will likely happen.

[KiaKia]

This make me remember a quantum blockchain project that's already trading om exchnages, I have been monitoring the project for a while and when I asked the team if they can provide any evidence that they are in possession of any quantum computer they ignore my message and when I reply saying that I will keep asking this question over and over they block me off their telegram group.

Quantum computers? It's so far in future, probably will never be possible, trust me, we can't even provide lower power-consuming chips for our daily computers from Intel and AMD you are talking about quantum computers. 

Do not fool yourselves, there is a reason why the fastest CPU still can't mine a Bitcoin today and that's because of software support and also high mining difficulty, I will wait for 2025 to see if there will be any quantum computer been released. We shall see..