Quantum Computers - Will old wallets still be safe?

[Faizan Zen]

I don't understand much about quantum computers which are likely to be the future of technology, but from the bits and pieces I've read, there's a possibility that quantum computers could hack the private keys of bitcoin addresses in the early days using P2PK technology

I'm sure Bitcoin developers will find ways to improve wallet security, but what about early wallets that are inactive or no longer in use? Like Satoshi's wallet? Will there be a "treasure hunt" where people hack early Bitcoin addresses?

I fear that this "treasure hunt" era will become a legalized illegal activity. There was no legal basis or proof of ownership for the early wallet addresses, even though everyone claimed they were Satoshi's wallets.

Moreover, in the future, bitcoin mining will not produce many bitcoins or bitcoin reserves will be completely mined, will "treasure hunters" become a new trend?

Or is there another way to increase security on a sleeping wallet?

[Charles-Tim]

Or is there another way to increase security on a sleeping wallet?

No other way for now than to move all the coins to a new bitcoin addresses and the addresses should not be reused to received another transaction after spending from the address because the public key of the address will also be exposed and be susceptible to quantum threat.

The proposal for now is BIP360 which I do not think it makes bitcoin addresses that their public keys have been exposed to be protected. Someone can correct me if I am wrong.

[Faizan Zen]

Or is there another way to increase security on a sleeping wallet?

No other way for now than to move all the coins to a new bitcoin addresses and the addresses should not be reused to received another transaction after spending from the address because the public key of the address will also be exposed and be susceptible to quantum threat.

I think so. So, there's likely to be an era "bitcoin treasure hunts." It's quite scary to imagine people racing to hack ownerless addresses. This is an illegal activity that can't be prevented or even considered legal

But on the positive side, it is possible that all 21 million bitcoins can be found, as lost bitcoins can be overcome by hacking, although the original owners may will not get them back because it is first come is the owner

[ABCbits]

but from the bits and pieces I've read, there's a possibility that quantum computers could hack the private keys of bitcoin addresses in the early days using P2PK technology

Actually it apply to P2PK and address where it's public key is exposed.

I'm sure Bitcoin developers will find ways to improve wallet security, but what about early wallets that are inactive or no longer in use? Like Satoshi's wallet?

The common argument about inactive UTXO is either do nothing or freeze all UTXO that deemed to be unsecure.

Or is there another way to increase security on a sleeping wallet?

Check this thread, https://bitcointalk.org/index.php?topic=5576318.0.

[Donneski]

I don't understand much about quantum computers which are likely to be the future of technology, but from the bits and pieces I've read, there's a possibility that quantum computers could hack the private keys of bitcoin addresses in the early days using P2PK technology

That'll only happen if the public key is exposed. That’s mostly P2PK and reused addresses not all old wallets.

I'm sure Bitcoin developers will find ways to improve wallet security, but what about early wallets that are inactive or no longer in use? Like Satoshi's wallet?

If they’re exposed and untouched then yes, they could be at risk. If not, they’re still fine for now.

Will there be a "treasure hunt" where people hack early Bitcoin addresses?

If quantum gets there people will definitely try but then, it'll become more of a protocol issue than just bad actors.

I fear that this "treasure hunt" era will become a legalized illegal activity.

It's actually hard to say what will happen. Just know that it'll depend on consensus rules not laws alone.

Or is there another way to increase security on a sleeping wallet?

The only way to improve security is to move the coins. If the wallet is inactive, nothing can be done.

[BlackHatCoiner]

but what about early wallets that are inactive or no longer in use? Like Satoshi's wallet? Will there be a "treasure hunt" where people hack early Bitcoin addresses?

Most certainly. And as bitcoin grows in value, the incentive will become more greater and greater.

I fear that this "treasure hunt" era will become a legalized illegal activity. There was no legal basis or proof of ownership for the early wallet addresses, even though everyone claimed they were Satoshi's wallets.

There's no way to tell if you're the "righteous" owner of a bitcoin address. If both people have the same private key, it's impossible to tell to whom it belonged at first, unless the stolen private key was derived from a seed phrase, which the attacker does not know. But, again, the thief can mix the bitcoin on-chain and get away with it pretty trivially, for any law to have any effect.

[(BTC)]

from the bits and pieces I've read

Missed opportunity to write qubits and pieces.  

Moreover, in the future, bitcoin mining will not produce many bitcoins or bitcoin reserves will be completely mined, will "treasure hunters" become a new trend?

If my understanding of bitcoin history is correct, I don't think the rise of an emerging technology, like quantum computing in this case, is the first time it has created a little anxiety for bitcoin holders. The whole "treasure hunters" era you are describing is happening not only in the very present day, but in the past as well.

For example, in the early years I'm pretty sure people were concerned about bitcoin's fundamental cryptography, specifically the Elliptic Curve Digital Signature Algorithm, and how it might not be secure long-term. These concerns were kinda more philosophical in nature, whereas the quantum threat is more theoretical. I only say theoretical, not to mean impossible, but more so to mean not really feasible/practical in the world we currently live in. Math and current number of qubits (which are error prone, loud, and don't last a long time) tell a story that it could be a reality one day. Then you get into the conversation of "logical qubits", which are the ones that are relevant in terms of breaking cryptography/encryption, don't exist yet. If they do exist today, there would probably be only a couple of them in a highly experimental state.

Android RNG vulnerabilites scared a lot of people too, but that made sense since actual bitcoin was stolen for some. The ASIC miners also created a scare for bitcoin because people thought they could potentially cause a centralization of hashing power and possible 51% attacks. The whole thing about public key exposure and reusing an address also created fear for bitcoin, but solutions like good practices in not reusing the same address twice and utilizing hierarchical deterministic wallets put most folks at ease. When SHA-1 was demonstrated to be insufficient and weak, people started to immediately question SHA-256.

Honestly, someone should make a fear and greed index-type of display that estimates the current public's view of bitcoin's security and hardness. This shit just goes up and down and up and down for one reason or another. It never seems to end, lol. What will be the new scare after quantum computing threats are pacified? My guess will probably be government overreach and corruption. World leaders and powerful people who run private companies seem to have no issue with partaking in the human trafficking of minors. You think they are above forcing known individuals who possess lots of bitcoin to hand over their private keys?

Edit - Forgot to mention satoshi implementing mining difficulty into bitcoin in terms of answering your statement's regarding bitcoin being "completely mined". It's one of his most genius aspects of bitcoin, because it shows his awareness of exponential technological development/progression.

[tdk2]

that'll only happen if the public key is exposed. That’s mostly P2PK and reused addresses not all old wallets.

dumb question:

is there an easy way to check (e.g. in a block explorer) if a specific address' public key is indeed exposed?
Adress type should be easy enough, but how to check if a non-P2PK-address has been re-used, maybe many, many years ago...

[ABCbits]

that'll only happen if the public key is exposed. That’s mostly P2PK and reused addresses not all old wallets.

dumb question:

is there an easy way to check (e.g. in a block explorer) if a specific address' public key is indeed exposed?
Adress type should be easy enough, but how to check if a non-P2PK-address has been re-used, maybe many, many years ago...

If the associated address already create a TX that spend it's UTXO, that means it's public key is exposed. Of course there are few edge cases, such as
1. The public key also exposed when someone create and share signed message with his Bitcoin address.
2. There are address where it's spending condition doesn't use signed signature, although usually it's for certain type of puzzle/challenge.

[MarryWithBTC]

I'm sure Bitcoin developers will find ways to improve wallet security, but what about early wallets that are inactive or no longer in use? Like Satoshi's wallet? Will there be a "treasure hunt" where people hack early Bitcoin addresses?

I fear that this "treasure hunt" era will become a legalized illegal activity. There was no legal basis or proof of ownership for the early wallet addresses, even though everyone claimed they were Satoshi's wallets.

I am just getting to know or hear about this "treasure hunt". The risk of the quantum computers should be a security event and not just individuals randomly hacking into old wallets. I also think that if the risk is not mitigated, it would not be legalized. Trying to claim bitcoin that doesn't belong to you or that is tagged ownerless shouldn't be legal.

Moreover, in the future, bitcoin mining will not produce many bitcoins or bitcoin reserves will be completely mined, will "treasure hunters" become a new trend?

Or is there another way to increase security on a sleeping wallet?

I don't think that the so treasure hunting will replace mining which is a part of the bitcoin protocol. Miners will be there as the so called treasure hunters will not secure the network.

[kTimesG]

The risk of the quantum computers should be a security event and not just individuals randomly hacking into old wallets. I also think that if the risk is not mitigated, it would not be legalized. Trying to claim bitcoin that doesn't belong to you or that is tagged ownerless shouldn't be legal.

I think you fail to understand what "owning Bitcoin" means. The only thing a legal entity can do is to ask "how can you explain your ownings", not to ban you from coming up with some big integer that was thought to never be guessed. That's not illegal.

[d5000]

Or is there another way to increase security on a sleeping wallet?

The main idea currently circulating is the Hourglass proposal. It consists in the idea that you could restrict spending from P2PK and similar addresses where the public key is exposed "by design". It would only be allowed to spend a certain amount (e.g. 1 BTC or 0.1 BTC) at once and all the other coins would have to be returned to the P2PK address.

That would not restrict "treasure hunts" completely but it would reduce the incentives, because you couldn't get a 50-BTC "treasure" in a single transaction anymore. And it would give the rightful owners time to act themselves.

However, the rightful owners would also be affected: they couldn't "secure" their fortune with a single transaction to a non-vulnerable address anymore. But maybe the incentive reduction is enough to prevent people from stealing these coins, because for a forseeable time quantum computers capable of running Shor's algorithm will be very expensive and only available to few people.

In theory Hourglass can be used to restrict the number of coins being spent from a P2PK address to very low amounts like a few satoshis (which is of course exaggerated but would still be better than to block these coins entirely - maybe a good "middle ground" would be something like 0.001 BTC per day/144 blocks). So it can be made extremely unattractive to try to get these coins.

ABCbits has already linked to my thread about that topic if you want to dive deeper.

[MarryWithBTC]

The risk of the quantum computers should be a security event and not just individuals randomly hacking into old wallets. I also think that if the risk is not mitigated, it would not be legalized. Trying to claim bitcoin that doesn't belong to you or that is tagged ownerless shouldn't be legal.

I think you fail to understand what "owning Bitcoin" means. The only thing a legal entity can do is to ask "how can you explain your ownings", not to ban you from coming up with some big integer that was thought to never be guessed. That's not illegal.

I think I understand better now. In this case and as it regards bitcoin network, it is only the cryptography and your ability to provide a valid signature that makes one a rightful owner. But beyond cryptography, in the legal eyes, such an act of deriving private keys from exposed public keys could be regarded as a theft. Although it will be dependent on legal jurisdictions.

[kTimesG]

But beyond cryptography, in the legal eyes, such an act of deriving private keys from exposed public keys could be regarded as a theft. Although it will be dependent on legal jurisdictions.

Theft, yes, finding the key: that means all cryptographers should be arrested already. Good luck explaining legal bindings to North Korea cyber attackers, or Chinese state-sponsored blackhat orgs with access to cutting-edge tech and basically infinite resources.

When OG pubkeys will start getting liquidated the only thing that will matter is whether the cryptography expectations for that was already priced in (and made obsolete far long ago). Otherwise, nature will take its course, which means BTC will drop to 0 before you get the chance to panic sell.

[NotFuzzyWarm]

Theft, yes, finding the key: that means all cryptographers should be arrested already. Good luck explaining legal bindings to North Korea cyber attackers, or Chinese state-sponsored blackhat orgs with access to cutting-edge tech and basically infinite resources.

Snip...

By itself, researching key cracking is NOT illegal. It is a needed process for finding flaws.

What someone does with finding a weakness is an entirely different matter. The ethical thing to do is properly report it so a patch can be found and NOT immediately exploit it & go public. Unfortunately, black hats would do otherwise...

[She shining]

I think I understand better now. In this case and as it regards bitcoin network, it is only the cryptography and your ability to provide a valid signature that makes one a rightful owner. But beyond cryptography, in the legal eyes, such an act of deriving private keys from exposed public keys could be regarded as a theft. Although it will be dependent on legal jurisdictions.

Who owns the key is the rrue owner. The network does. Not care how. These basic security are on you not the network. The network is immutable, protecting old address is highly unlikely. Move to a P2PKH and stop reusing addresses.

[MarryWithBTC]

Theft, yes, finding the key: that means all cryptographers should be arrested already. Good luck explaining legal bindings to North Korea cyber attackers, or Chinese state-sponsored blackhat orgs with access to cutting-edge tech and basically infinite resources.

Snip...

By itself, researching key cracking is NOT illegal. It is a needed process for finding flaws.

What someone does with finding a weakness is an entirely different matter. The ethical thing to do is properly report it so a patch can be found and NOT immediately exploit it & go public. Unfortunately, black hats would do otherwise...

@kTimesG, i really understand you and what you are insinuating is actually what is obtainable in cryptography. In fact, attempting to break a system is essential in improving security.

Then, @NotFuzzyWarm seems to understand my point. Discovering vulnerabilities contributes to security, but exploiting it should have an ethical concern.

I just wish this quantum waves later becomes a myth or bitcoin network adapts before the estimated time.