Antidote47k (OP)
Newbie

Activity: 23
Merit: 9
|
 |
June 26, 2026, 10:06:50 PM |
|
Most conversations about Bitcoin and quantum computing focus on the exact same thing: When will a quantum computer break our current signature scheme? But a recent working paper on Delving Bitcoin shifts the lens entirely. It argues that the cryptography is actually the straightforward part—the real mess lies in the economics of the migration itself. Think about it: even if Bitcoin adopts flawless, quantum-resistant signatures tomorrow, the code change alone doesn't secure the network. Millions of independent users have to manually move their coins to addresses secured by the new scheme. In a completely decentralized system, you can’t just force a synchronized update. Instead, you get a chaotic mix of timelines. You’ll have early adopters upgrading immediately, laggards waiting until the last minute, and massive custodians or exchanges managing complex migrations. Then there are the inactive wallets and millions of genuinely lost coins that can't move, leaving a massive honeypot of vulnerable targets on the old chain. That’s the real coordination nightmare. The success of a post-quantum transition doesn't just rely on math; it relies on game theory. How do you design incentives that convince enough of the network to migrate in time, without compromising Bitcoin's core principles of immutability and opt-in consensus? The technical threat gets all the headlines, but the economic migration is the real final boss. That's the part that actually deserves our attention Source: https://delvingbitcoin.org/t/quantum-sunset-economics-a-working-paper-analyzing-pact-adoption/2645
|
|
|
|
|
PrivacyG
Legendary

Activity: 1568
Merit: 2753
Fight for Privacy.
|
 |
June 26, 2026, 10:57:53 PM |
|
You know what. We have seen SO many shit coins migrate years or even months apart and I have not seen articles about how bad it is. Everyone was in fact excited to see their favorite shit coin 'gain more value'.
The Bitcoin community is trying to figure out a way around Quantum. This is completely different and whether it is going to be a difficult way around it or not, it has to happen or Bitcoin will at some point die. Shit coins die from people losing interest, Bitcoin would die defeated by Quantum. Compare these two!
It is one of the probably few if not the only threat I would not mind a 'migration' at all. In fact. It is not even a migration as we know it. Migrating from Legacy to SegWit or from current Addresses to post Quantum ones is not a head ache. Migrating to another chain, to 'the newest fork' et cetera is. Bitcoin is avoiding future problems and when we will have the solution against Quantum, we will still be at a decent distance from an actual Quantum threat which means people, exchanges, everyone have time to decide whether to risk or not to. Which is fair in my opinion.
|
|
|
|
stompix
Legendary

Activity: 3668
Merit: 7118
|
Think about it: even if Bitcoin adopts flawless, quantum-resistant signatures tomorrow, the code change alone doesn't secure the network. Millions of independent users have to manually move their coins to addresses secured by the new scheme. In a completely decentralized system, you can’t just force a synchronized update.
I don't see any problem whatsoever! The author is making a zeroburger from a nothingburger! We already had this kind of migration with SegWit addresses, this would be no different. You want to protect your coins, so you move them to a new wallet, that's all, exchanges have been doing this for ages already, just as they offer a hundred options for your coins they can simply add a new type of address for post-quantum BTC. The only actual problem is the migration time, it would require anywhere from 50 to 200 days of chain capacity for all the addresses with somewhat of a balance to migrate to a new one. Then there are the inactive wallets and millions of genuinely lost coins that can't move, leaving a massive honeypot of vulnerable targets on the old chain.
I fail to see how this is a problem!
|
| DΞX.fo | | | | | | ▄▄██████ █████████ ██████████ ██████████ ██████████ █████████ ▀▀██████
▄███████ ▄██████████ ████████████ █████████████ █████████████ | | | | ▄▄█ ▄████▀ ▄███▀█▄ ▄██▀█▄██ █████▀▀█ ████████ ████████ ▀██▄████ ▄████▄▄█ ▄█████▀███ ▄█████▀████▀ █████▀███████ ▀██▀█████████ | | | | | BTC XMR DAI LTC Fees 0.8% |
|
|
|
CryptoYar
Legendary

Activity: 1498
Merit: 1063
|
 |
June 27, 2026, 07:19:53 AM |
|
It is much more sensible presentation of quantum doom than it is in typical media reports. Breaking secret coding is well defined technical challenge that smart people are working on. Moving coordination is more messy due to fact it includes human behaviour on large scale. Lost coins problem is of special interest. There are more than a million Bitcoin that have been locked in Satoshi wallet and will never ever get moved. Those coins laying on unprotected old system in change period is real target for attackers which no good secret coding can resolve.
It is game theory part with this that makes it truly challenging. In decentralized system no one can be forced to move. Only rewards you can give that sensible actors will want to move are rewards strong enough that they will want to move. Real challenge with these rewards is to create them without weakening Bitcoin basic features. The technical threat is discussed since it is more easily explained. But change would be successful or unsuccessful, depending on economic coordination problem.
|
|
|
|
ABCbits
Legendary

Activity: 3654
Merit: 10170
|
 |
June 27, 2026, 08:54:55 AM |
|
But a recent working paper on Delving Bitcoin shifts the lens entirely. It argues that the cryptography is actually the straightforward part—the real mess lies in the economics of the migration itself.
I can't read the paper yet since SSRN block my IP. But choosing and implementation cryptography is far from straightforward. Each cryptography have different trade-off, while some security bug happen due to bugged software implementation. We already had this kind of migration with SegWit addresses, this would be no different.
The only actual problem is the migration time, it would require anywhere from 50 to 200 days of chain capacity for all the addresses with somewhat of a balance to migrate to a new one.
FWIW, i expect chosen QC-resistant cryptography will have bigger size for public key, signature or both. So without also increase maximum block size, estimated days for migration would take more days.
|
|
|
|
stompix
Legendary

Activity: 3668
Merit: 7118
|
 |
June 27, 2026, 10:01:45 AM |
|
~ FWIW, i expect chosen QC-resistant cryptography will have bigger size for public key, signature or both. So without also increase maximum block size, estimated days for migration would take more days.
Well, in theory, we could have a gentleman's agreement and deal with this without fees reaching $100 again, especially since the migration itself won't be that much bigger in size with standard inputs, so we could prepare for this - exchanges consolidating their inputs prior to the deployment, so they don't need to immediately use the funds in QC-resistant addresses - users pausing their spending habits for a while - people with addresses not under imminent threat, with no spent inputs in their address, not rushing to be the first ones to move - and so on But of course, since well, block size is a no-go anyhow and will never be, the most important thing will be to have this available way before any sign of an actual threat!
|
| DΞX.fo | | | | | | ▄▄██████ █████████ ██████████ ██████████ ██████████ █████████ ▀▀██████
▄███████ ▄██████████ ████████████ █████████████ █████████████ | | | | ▄▄█ ▄████▀ ▄███▀█▄ ▄██▀█▄██ █████▀▀█ ████████ ████████ ▀██▄████ ▄████▄▄█ ▄█████▀███ ▄█████▀████▀ █████▀███████ ▀██▀█████████ | | | | | BTC XMR DAI LTC Fees 0.8% |
|
|
|
|
Luzin
|
 |
June 27, 2026, 12:00:49 PM |
|
And this is why the current BIP proposal is still a topic of debate and controversy. Because reaching a consensus together on the best decision against the Quantum threat is really difficult. I’m following its development, but there’s always a weakness behind any anti-quantum invention idea. I hope there will be the best solution soon so users won’t feel worried because this situation is bad news, and it could make investors walk away. IMO
|
|
|
|
Satofan44
Sr. Member
  

Activity: 434
Merit: 1134
Don't hold me responsible for your shortcomings.
|
 |
June 27, 2026, 04:38:59 PM |
|
Instead, you get a chaotic mix of timelines. You’ll have early adopters upgrading immediately, laggards waiting until the last minute, and massive custodians or exchanges managing complex migrations. Then there are the inactive wallets and millions of genuinely lost coins that can't move, leaving a massive honeypot of vulnerable targets on the old chain. That’s the real coordination nightmare. The success of a post-quantum transition doesn't just rely on math; it relies on game theory. How do you design incentives that convince enough of the network to migrate in time, without compromising Bitcoin's core principles of immutability and opt-in consensus? The technical threat gets all the headlines, but the economic migration is the real final boss. That's the part that actually deserves our attention
Fuck off with more fearmongering, this doesn't matter at all. There is no nightmare, there is no chaos, there is nothing at all. People are responsible for their own coins and they have the freedom to decide what they want to do. If they do not update in time and their coins get compromised it is only their own fault and the network couldn't care less at all about it. This is a terrible post by an user who does not even understand the basics of Bitcoin, it seems like an attempt to farm merit by users that may give merit for technical posts. Well, in theory, we could have a gentleman's agreement and deal with this without fees reaching $100 again, especially since the migration itself won't be that much bigger in size with standard inputs, so we could prepare for this - exchanges consolidating their inputs prior to the deployment, so they don't need to immediately use the funds in QC-resistant addresses - users pausing their spending habits for a while - people with addresses not under imminent threat, with no spent inputs in their address, not rushing to be the first ones to move - and so on
While your examples are good, this only helps if the size is only somewhat larger. If you have keys that are 5 or 10 times larger, it does not solve the issue at all. Still, why would anyone care about any of this? It could only become an issue if there is a very time sensitive urgency of migration, in all other cases it does not matter at all. Here is an example with random numbers to illustrate a point: Let's say that we get quantum resistant addresses in 2027, and the first working quantum computer in 2030. There will be a full 3 years worth of time to migrate to this new scheme, there is no urgency and there is no rush. There may be a very big and long queue of migration, but simply wait your turn and it will pass. Any kind of panicking and rushing will lead to errors, overpaying and unnecessary drama and chaos. Also remember, the size of outputs is not the same size of inputs so the real issue of capacity does not start during the migration -- it starts after the migration, once users that using these addresses. Creating outputs that are quantum-resistant is much cheaper than spending them in many post-quantum schemes. So you have the transient time of migration, and later you could have a severely reduced TPS depending on the exact scheme that is adopted. But of course, since well, block size is a no-go anyhow and will never be, the most important thing will be to have this available way before any sign of an actual threat!
This is not true and should not be true. As technology radically improves and develops reducing transaction capacity is just moronic regardless for what virtuous reason you want to do it, and a reduction in capacity is basically going to happen with any scheme that is adopted.
|
|
|
|
ABCbits
Legendary

Activity: 3654
Merit: 10170
|
 |
June 29, 2026, 11:41:40 AM |
|
But of course, since well, block size is a no-go anyhow and will never be, the most important thing will be to have this available way before any sign of an actual threat!
This is not true and should not be true. As technology radically improves and develops reducing transaction capacity is just moronic regardless for what virtuous reason you want to do it, and a reduction in capacity is basically going to happen with any scheme that is adopted. He probably talk about difficulty getting Bitcoin community and miners agree to increase the block size to certain number. I think there are at least 10 BIP about increasing block size with different value and reason.
|
|
|
|
stompix
Legendary

Activity: 3668
Merit: 7118
|
 |
June 30, 2026, 04:14:30 AM |
|
He probably talk about difficulty getting Bitcoin community and miners agree to increase the block size to certain number. I think there are at least 10 BIP about increasing block size with different value and reason.
There will be no block space increase! Not after all the blood spilled on keyboards trying to defend Bitcoin from the attack of "big blockers" and their shitcoin! Do you actually see any of the devs that claimed segwit and LN are the way to come around and say, well, we do need big blocks...sorry for that, we were wrong? Not going to happen! As for the actual space used by new addresses after a complete migration, well, I'm not concerned even a bit, you can see how usage looks now  3/4 of the block is stuff that is minted just because it costs 3 fucking cents to create one, 200tx for a BigMac  Of course, things will be different during the actual move, Binance alone has once used 20 blocks of space to consolidate inputs and god knows if those were all their coins.
|
| DΞX.fo | | | | | | ▄▄██████ █████████ ██████████ ██████████ ██████████ █████████ ▀▀██████
▄███████ ▄██████████ ████████████ █████████████ █████████████ | | | | ▄▄█ ▄████▀ ▄███▀█▄ ▄██▀█▄██ █████▀▀█ ████████ ████████ ▀██▄████ ▄████▄▄█ ▄█████▀███ ▄█████▀████▀ █████▀███████ ▀██▀█████████ | | | | | BTC XMR DAI LTC Fees 0.8% |
|
|
|
tbct_mt2
Legendary

Activity: 3024
Merit: 1045
|
 |
June 30, 2026, 04:39:47 AM |
|
3/4 of the block is stuff that is minted just because it costs 3 fucking cents to create one, 200tx for a BigMac  Of course, things will be different during the actual move, Binance alone has once used 20 blocks of space to consolidate inputs and god knows if those were all their coins. BitMEX exchange in the past caused Bitcoin transaction fee spikes with their transaction broadcasts daily but their leading position in exchange industry lost to Binance a long time, and Binance now takes over that position with their consolidation effects on Bitcoin mempools and fees. The daily BitMEX broadcast at 13:08 UTCThe observation that BitMEX broadcasts transactions every day at around 13:00 UTC is not novel. The transactions are mainly withdrawals initiated by BitMEX users and some internal UTXO consolidations.
|
RAZED | | | 100% | WELCOME BONUS | │ | █████████████████████ █████████████████████████ ████████████▀░░░░▀███████ ██████████▀░░▄▀▀▄░░▀█████ ██████████▄▄██▄▄██▄░▀████ █████▀░░░░░░░▀██░░█░░████ ████░░████▀▀█░░██▀░░▄████ ████░░████▄▄█░░█░░▄██████ ████░░█▀▀████░░██████████ ████░░█▄▄███▀░░██████████ █████▄░░░░░░░▄███████████ █████████████████████████ █████████████████████ | █████████████████████ █████████████████████████ ██████████▀▀░░░░░▀▀██████ ████████▀░░▄▄█░░▀▄░░█████ ██████▀░░▄█████▄░░▀░░████ █████░░▄████▄▀░░█▄▄░░████ ████░░▄███▄▀░░▄▀██▀░░████ ████░░▀▀██░░▄▀███▀░░█████ ████░░▄░░▀█████▀░░▄██████ █████░░▀▄░░█▀▀░░▄████████ ██████▄▄░░░░░▄▄██████████ █████████████████████████ █████████████████████ | | |
NO KYC | | | RAZE THE LIMITS ► PLAY NOW |
|
|
|
|
davis196
|
 |
June 30, 2026, 05:35:35 AM |
|
Instead, you get a chaotic mix of timelines. You’ll have early adopters upgrading immediately, laggards waiting until the last minute, and massive custodians or exchanges managing complex migrations. Then there are the inactive wallets and millions of genuinely lost coins that can't move, leaving a massive honeypot of vulnerable targets on the old chain. I think that the millions of coins sitting in inactive wallets would have to be burnt eventually. Those coins aren't in circulation, they are lost forever, the community can survive without them. I also believe that the Bitcoin developers would figure things out and they will create a roadmap to avoid chaos and confusion among the community. I'm not tech savvy to know what would happen when quantum computing becomes dangerous for BTC/crypto and I don't know how Bitcoin would migrate to quantum resistant solutions. The whole thing remains a hypothesis. Don't you think that a successful quantum attack would make BTC worthless, which would make the quantum attack kinda pointless, since the attackers would get worthless coins?
|
|
|
|
ABCbits
Legendary

Activity: 3654
Merit: 10170
|
 |
June 30, 2026, 07:11:19 AM |
|
He probably talk about difficulty getting Bitcoin community and miners agree to increase the block size to certain number. I think there are at least 10 BIP about increasing block size with different value and reason.
There will be no block space increase! Not after all the blood spilled on keyboards trying to defend Bitcoin from the attack of "big blockers" and their shitcoin! Do you actually see any of the devs that claimed segwit and LN are the way to come around and say, well, we do need big blocks...sorry for that, we were wrong? Not going to happen! It's about a decade since it happened, so i hope people will forget or don't bring it up again. As for LN dev, at least LN paper acknowledge the need of block size increase. If we presume that a decentralized payment network exists and one user will make 3 blockchain transactions per year on average, Bitcoin will be able to support over 35 million users with 1MB blocks in ideal circumstances (assuming 2000 transactions/MB, or 500 bytes/Tx). This is quite limited, and an increase of the block size may be necessary to support everyone in the world using Bitcoin.
Obviously their ideal circumstances will not happen. As for the actual space used by new addresses after a complete migration, well, I'm not concerned even a bit, you can see how usage looks now  3/4 of the block is stuff that is minted just because it costs 3 fucking cents to create one, 200tx for a BigMac  Yeah, all "protocol" that add arbitrary data give more people to hesitate against block size increase. runes/runestone is especially annoying, since there's lots of trade-off if you attempt to block it. Of course, things will be different during the actual move, Binance alone has once used 20 blocks of space to consolidate inputs and god knows if those were all their coins.
Good point. And it would be crazy if people who "own" ordinal/rune/brc-20 also decide to consolidate their input.
|
|
|
|
minic1993
Newbie

Activity: 6
Merit: 0
|
 |
June 30, 2026, 08:20:46 PM |
|
That's a good point. People usually focus on whether quantum computers can break Bitcoin's cryptography, but the migration itself could be the bigger challenge. Even if a quantum-resistant upgrade is available, it still depends on users actually moving their coins. Active users will probably migrate, but dormant wallets, lost coins, and slow-moving institutions make the process much more complicated. In a decentralized network, coordination is often harder than the technical solution itself.
|
|
|
|
|
Alphakilo
Sr. Member
  

Activity: 1120
Merit: 317
⭐ Razed.com ⭐ The Best Crypto Casino
|
 |
June 30, 2026, 10:09:45 PM |
|
Instead, you get a chaotic mix of timelines. You’ll have early adopters upgrading immediately, laggards waiting until the last minute, and massive custodians or exchanges managing complex migrations. Then there are the inactive wallets and millions of genuinely lost coins that can't move, leaving a massive honeypot of vulnerable targets on the old chain. I think that the millions of coins sitting in inactive wallets would have to be burnt eventually. Those coins aren't in circulation, they are lost forever, the community can survive without them. I also believe that the Bitcoin developers would figure things out and they will create a roadmap to avoid chaos and confusion among the community. I'm not tech savvy to know what would happen when quantum computing becomes dangerous for BTC/crypto and I don't know how Bitcoin would migrate to quantum resistant solutions. The whole thing remains a hypothesis. Don't you think that a successful quantum attack would make BTC worthless, which would make the quantum attack kinda pointless, since the attackers would get worthless coins? Am certain Bitcoin developers aren't sleeping on their oars with all this news about quantum computers and although it may pose a challenge more to the investors with coins in a wallet, than to the network itself and developers alike who may already have a solution right now. I find that the effect will be mostly felt in the behavioural psychology of investors and by the economics surrounding Bitcoin system and investors rather than the software itself.
|
| RAZED | | | 100% |
WELCOME BONUS | │ | █████████████████████ █████████████████████████ ████████████▀░░░░▀███████ ██████████▀░░▄▀▀▄░░▀█████ ██████████▄▄██▄▄██▄░▀████ █████▀░░░░░░░▀██░░█░░████ ████░░████▀▀█░░██▀░░▄████ ████░░████▄▄█░░█░░▄██████ ████░░█▀▀████░░██████████ ████░░█▄▄███▀░░██████████ █████▄░░░░░░░▄███████████ █████████████████████████ █████████████████████ | █████████████████████ █████████████████████████ ██████████▀▀░░░░░▀▀██████ ████████▀░░▄▄█░░▀▄░░█████ ██████▀░░▄█████▄░░▀░░████ █████░░▄████▄▀░░█▄▄░░████ ████░░▄███▄▀░░▄▀██▀░░████ ████░░▀▀██░░▄▀███▀░░█████ ████░░▄░░▀█████▀░░▄██████ █████░░▀▄░░█▀▀░░▄████████ ██████▄▄░░░░░▄▄██████████ █████████████████████████ █████████████████████ | | | NO KYC | | │ | ███████████████████████ RAZE THE LIMITS ►PLAY NOW
███████████████████████ |
|
|
|
AmoreJaz
Legendary

Activity: 3878
Merit: 1106
Leading Crypto Sports Betting & Casino Platform
|
 |
June 30, 2026, 10:45:04 PM |
|
That's a good point. People usually focus on whether quantum computers can break Bitcoin's cryptography, but the migration itself could be the bigger challenge. Even if a quantum-resistant upgrade is available, it still depends on users actually moving their coins. Active users will probably migrate, but dormant wallets, lost coins, and slow-moving institutions make the process much more complicated. In a decentralized network, coordination is often harder than the technical solution itself.
And before we reach that level, I believe btc developers already found a way how to get around such potential threat. I don't think they will just around and do nothing while btc is on the brink of technology collapse, right?
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
MarryWithBTC
Full Member
 

Activity: 294
Merit: 160
Can you pay a bride price with bitcoin?
|
 |
June 30, 2026, 11:35:33 PM |
|
It seems that this quantum fantasies are not ending anytime.
There is a quantum attack problem and then there is a solution (which is total migration).
Then, there are people who are not able to migrate because they just own bitcoin and they are not active.
So, what is our problem with it? If you can't migrate, face the consequences of not migrating and that solves it.
I had even thought that op was going to mention the famous satoshi holding.
|
|
|
|
d5000
Legendary

Activity: 4690
Merit: 10848
Decentralization Maximalist
|
 |
June 30, 2026, 11:44:35 PM |
|
I agree with stompix and Satofan44. But it is even less problematic: Probably for several decades and perhaps centuries nobody will need to migrate if they did not reuse the addresses (at least if Mr. Lopps super-smart BIP doesn't get through, then we're doomed). Until the feared 500,000 qubit computers arrive which allegedly could break a key in less than 10 minutes, non-reused addresses are safe. (I don't expect this before 2050, maybe not even before 2100). The rest of the migration will occur naturally once this really comes close: If you make a payment, your change address will be post-quantum and your money will end up there
|
|
|
|
ABCbits
Legendary

Activity: 3654
Merit: 10170
|
 |
July 01, 2026, 10:27:04 AM |
|
Until the feared 500,000 qubit computers arrive which allegedly could break a key in less than 10 minutes, non-reused addresses are safe. (I don't expect this before 2050, maybe not even before 2100).
And from so many discussion, the total estimated qubits for breaking public key (either in general or less than 10 minutes or general) can be very different on different source. For example, Finally, we calculate the number of physical qubits required to break the 256-bit elliptic curve encryption of keys in the Bitcoin network within the small available time frame in which it would actually pose a threat to do so. It would require 317 × 10^6 physical qubits to break the encryption within one hour using
The rest of the migration will occur naturally once this really comes close: If you make a payment, your change address will be post-quantum and your money will end up there It's great approach, since user doesn't need to do anything else (beside updating their wallet application). But it requires wallet developer to automatically generate and use newer address format by default on existing wallet that created by it's user. I doubt there are that many wallet out there does that.
|
|
|
|
Satofan44
Sr. Member
  

Activity: 434
Merit: 1134
Don't hold me responsible for your shortcomings.
|
 |
July 01, 2026, 12:40:28 PM |
|
But of course, since well, block size is a no-go anyhow and will never be, the most important thing will be to have this available way before any sign of an actual threat!
This is not true and should not be true. As technology radically improves and develops reducing transaction capacity is just moronic regardless for what virtuous reason you want to do it, and a reduction in capacity is basically going to happen with any scheme that is adopted. He probably talk about difficulty getting Bitcoin community and miners agree to increase the block size to certain number. I think there are at least 10 BIP about increasing block size with different value and reason. That would sound better if he was talking about that, but we should not promote ideas of ossification of transaction capacity. The BIPs that you refer to were done during a contentious time and for wrong reasons. As I have said it would be completely idiotic give the improvements in technology, both software and hardware. At the very least we have to try to preserve the current transaction capacity. Furthermore, there is plenty of consensus cleanup to do so we are going to need to be able to agree on a fork -- even if people want to shy away from those. We should not let past actions create precedence in cases where it is wrong, otherwise we will ossify to our death. There will be no block space increase!
Fuck off. Anyone who advocates for this should be seen as a scammer and toxic like luke-jr and be expelled from the Bitcoin mainstream. Wanting to handicap Bitcoin to the existing TPS which will be severely reduced under quantum signatures is not any better than wanting to handicap it with small blocks like luke wanted to. Until the feared 500,000 qubit computers arrive which allegedly could break a key in less than 10 minutes, non-reused addresses are safe. (I don't expect this before 2050, maybe not even before 2100).
And from so many discussion, the total estimated qubits for breaking public key (either in general or less than 10 minutes or general) can be very different on different source. For example, Finally, we calculate the number of physical qubits required to break the 256-bit elliptic curve encryption of keys in the Bitcoin network within the small available time frame in which it would actually pose a threat to do so. It would require 317 × 10^6 physical qubits to break the encryption within one hour using
The rest of the migration will occur naturally once this really comes close: If you make a payment, your change address will be post-quantum and your money will end up there It's great approach, since user doesn't need to do anything else (beside updating their wallet application). But it requires wallet developer to automatically generate and use newer address format by default on existing wallet that created by it's user. I doubt there are that many wallet out there does that. Yeah, estimates will differ and we do not know what is going to happen with this any time soon. This is why we should take our time and adopt only efficient and effective signatures and in a proper way. As I have said, if we calculate that a move to these signatures would reduce the TPS significantly then it must come with a block size increase. There is no other way.
|
|
|
|
|