QRAMP addition: Alternative to legacy freeze: “quarantine-mode” legacy spends via two-phase destination commitment

Giulio raises concerns about the vulnerability of unspent UTXOs (Unspent Transaction Outputs) in the proposed protocol, highlighting a significant risk beyond the initially addressed destination-substitution hijack problem. In the transaction phase of the protocol, which necessitates the production of a classical ECDSA (Elliptic Curve Digital Signature Algorithm) signature, the spender's public key is revealed. This exposure puts the corresponding private key at risk against quantum attackers who, rather than attempting to hijack transactions in real-time during mining or while they reside in the mempool, could potentially recover private keys from already-revealed public keys offline. Such attackers could then sweep all remaining unspent UTXOs associated with those keys at their leisure.

This mode of attack, according to Giulio, is likely to become technologically feasible before the scenario where live transactions are hijacked, posing a severe threat to the security of blockchain transactions. Despite these concerns, Giulio acknowledges that assuming a quantum-resistant commitment scheme along with the necessary protocol mechanics—which remain to be defined and evaluated—the construction could indeed serve its intended, though narrower, purpose.