Pre-emptive commit/reveal for quantum-safe migration (poison-pill)

The discussion revolves around a critical analysis of a proposed transaction identification vulnerability and offers solutions to enhance security against quantum attacks on the Bitcoin network. The primary concern highlighted is the vulnerability that arises from committing only to the transaction identifier (txid) without including witness data. This omission could potentially allow an attacker to pre-commit to unsigned transactions by enumerating the Unspent Transaction Output (UTXO) set without needing access to the private keys. To counter this, the commitment must encompass the complete transaction, including its witness data, utilizing the wTXID or an equivalent measure. This approach is vital for ensuring the security integrity of the system.

Further examination delves into the operational aspects of maintaining these commitments, especially in light of the dynamic nature of wallets receiving new UTXOs. It's suggested that users could mitigate the administrative burden by batching their commitments on a periodic basis, such as monthly, instead of after every transaction. This strategy is deemed crucial for securing existing UTXOs with already exposed public keys, like those from old Pay to Public Key (P2PK) addresses or reused addresses. For future transactions, a transition to quantum-safe addresses is recommended once they become available to the public.

An innovative aspect of the proposal is the introduction of OpenTimestamps aggregation to address scalability challenges and offer plausible deniability regarding the number of protected UTXOs. A unique time delay mechanism is proposed not as a means to prevent commitment forgery post-public key exposure but to establish a priority system based on the age of commitments when disputes over the ownership of a UTXO arise. The process involves a 144-block window initiated by a weak announcement, during which holders of strong commitments can reveal them. The oldest valid commitment then takes precedence, creating a deterrent effect against attackers who might crack a key and attempt to spend a UTXO. This "poison pill" strategy introduces a layer of uncertainty for attackers targeting large "lost" UTXOs, thereby reducing the potential for network disruption. The time delay facilitates a "commitment priority contest," safeguarding the interests of users who have proactively secured their assets while allowing them flexibility in managing their funds.