Against Allowing Quantum Recovery of Bitcoin

The discussion revolves around the integration of Post-quantum cryptography (PQC) within Bitcoin's framework, particularly focusing on the concept of a PQC tap leaf scheme as a potential soft fork. The proposal outlines that certain outputs, including no pk(), bare multisig, pkh(), and others specified in appendix B of BIP380, should not be spendable to enhance security against quantum attacks. This measure, while increasing security, introduces significant complexities regarding wallet management and backup processes, potentially leading to minimal adoption due to its complexity and the inability to gauge its actual use since these addresses would likely not be used for transactions.

The activation of a PQC tapleaf as part of a soft fork is critiqued for not being a comprehensive solution to the threat posed by quantum computing. In scenarios where quantum attackers could exploit existing key paths, the proposed solution might fall short, necessitating a shift to using a NUMS point for the key path or even developing a new version of Taproot without key path support. These alternatives, although technically feasible, could lead to solutions that only appeal to a niche set of users interested in very long-term storage due to the increased costs and operational complexities in a pre-quantum environment.

The commentary underscores the practical challenges in adopting such sophisticated cryptographic measures. Despite their theoretical benefits in enhancing security against quantum threats, the real-world implications on usability, cost, and adoption cannot be ignored. The skepticism extends to the likelihood of such soft forks being activated, given their limited utility and the additional burdens they place on users and developers. The communication concludes with a reflection on the need for a balanced approach that considers both the advancements in quantum computing and the pragmatic aspects of implementation and adoption within the cryptocurrency landscape.