[Draft BIP] Quantum-Resistant Transition Framework for Bitcoin

The recent advancements in quantum computing, particularly in the context of cryptography and blockchain technology, have been significant. A notable contribution comes from Craig Gidney of Google Quantum AI, who published a paper indicating that RSA-2048 encryption could potentially be broken by a quantum computer equipped with around one million noisy qubits within approximately a week. This revelation is detailed further in both the academic paper (available here) and a more accessible blog post format (Google Security Blog). The findings raise pertinent questions about the quantum resistance of various cryptographic algorithms, including ECDSA, which has previously been considered less resistant to quantum attacks compared to RSA-2048.

While this research underscores a theoretical vulnerability, the practical implications remain speculative due to the current non-existence of quantum computers with the necessary qubit capacity. Nonetheless, these insights have not been widely disputed within the scientific community, suggesting a degree of acknowledgment of their potential validity. The lack of concrete evidence supporting the imminent threat of quantum computers capable of breaking ECDSA encryption does little to alleviate growing concerns within the cybersecurity realm. Given the rapid pace of technological advancement in quantum computing, the prospect of such capabilities emerging warrants caution.

In light of these developments, proactive measures are recommended to safeguard against future quantum threats. Specifically, the transition towards post-quantum cryptographic addresses should ideally be completed by 2030, following the guidance provided in Gidney's paper. Furthermore, the deactivation of inactive pre-quantum Unspent Transaction Outputs (UTXOs) with exposed public keys by 2035 is advised as a precautionary step. However, there exists hesitation regarding the blanket deactivation of all pre-quantum UTXOs, especially those without exposed public keys. Such actions should only be considered if and when quantum computers demonstrate the ability to break public key encryption rapidly. Even then, alternative solutions that permit the secure spending of affected UTXOs, possibly through advanced cryptographic proofs of ownership like Zero-Knowledge Proofs (ZKP), should be explored to mitigate the impact on users.