PQC - What is our Goal, Even?

The discussion highlights a critical perspective on the debate involving Pay-to-Merkle-root (P2MR) versus Pay-to-Taproot-v2 (P2TRv2), particularly focusing on the issue of address reuse and its implications for security. The argument presented suggests that the choice between P2MR and P2TRv2 does not significantly impact the exposure of Elliptic Curve (EC) public keys, which are visible on-chain under both protocols. It is noted that in scenarios where addresses are reused, EC public keys are exposed slightly later in P2MR—at the time of spending—compared to P2TRv2, where they are exposed at the time of receiving. This indicates that the fundamental security concern remains consistent across both protocols when addressing reused addresses, thus making the debate somewhat moot in this specific context.

Moreover, the conversation touches upon a hypothetical scenario wherein a Chain-Rollback Quantum Computer (CRQC) could potentially compromise more than 10% of the active coin supply. This scenario is met with a suggestion that abandoning the entire blockchain might be considered if such a significant theft occurs, reflecting a very pessimistic viewpoint. However, it is emphasized that preventing such extreme outcomes should be a priority, rather than debating the relative merits of P2MR versus P2TRv2 in the context of address reuse.

The primary focus is stressed on the need to mitigate theft and enhance security through appropriate technological upgrades rather than attributing blame for potential security breaches. The possibility of deploying restrictions on EC spending is discussed as a protective measure that can be applied regardless of whether P2MR or P2TRv2 is utilized. This approach aims at safeguarding against vulnerabilities associated with excessive exposure of public keys, thereby reinforcing the argument that the choice of protocol may be secondary to more critical interventions aimed at reducing theft and securing the network.