I apologize if this has been asked here already and I missed it (it seems obvious) - are there recent examples of cryptographic algorithms being broken in a sudden, catastrophic fashion? I see it much more likely that a "weakness" is published first, thus giving everyone some time to migrate to a new signature algo and send their coins to the new system.
I don't think this has
ever happened to any reputable modern algorithm (someone please correct me if I'm wrong). All now-broken cryptographic algorithms that I know of were widely known to be broken long before an actual attack was successfully demonstrated.
How hard would it be technically to enable spending of "old" ECDSA coins into the network based on a different signing algorithm?
Of course it's possible to send "old algorithm" coins to an "new algorithm" address. It's already happening: compressed public keys technically function as a new algorithm, even though it's all ECDSA.