Pre-emptive commit/reveal for quantum-safe migration (poison-pill)

Posted by conduition

Jun 9, 2025/16:29 UTC

The conversation revolves around evaluating a proposed solution for managing transaction (TX) data on-chain in the context of Bitcoin development. The original proposal suggests duplicating TX data on-chain, which is met with skepticism due to potential technical complications. An alternative suggestion involves committing only the witness transaction identifier (wTXID) at an initial stage rather than revealing the entire transaction. This approach aims to simplify the process by focusing on initiating a challenge phase to determine the oldest committed spending transaction without necessitating the full transaction data upfront. However, implementing such a system would require nodes to maintain a database for tracking the necessary information to validate new spending rules, adding complexity.

Further analysis contrasts this method with Martin's commit/reveal solution, highlighting several advantages of the latter. Martin's approach eliminates the need for nodes to independently track commitments, reveals, and counter-reveals outside of the Unspent Transaction Output (UTXO) set, offering a more space-efficient solution without the need for a complex "counter reveal" stage. Despite these technical discussions, concerns are raised about the practicality of protecting exposed public keys through the commit/reveal protocol. For effective protection against quantum attacks, a pubkey owner must take several proactive steps, including signing a transaction that spends all UTXOs associated with the exposed pubkey, committing to this transaction via an on-chain announcement, and updating this commitment for any change in UTXOs. This level of active preparation may not be feasible or desirable for all users, particularly those unable to engage with quantum-safe measures or otherwise protect their funds. The critique suggests that without such preemptive actions, addresses with exposed public keys are likely vulnerable, indicating a broader issue beyond the technical specifics of transaction management proposals.

Link to Raw Post
Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback