P2QRH / BIP-360 Update

The discussion opens with a critique of the decision to implement ECDSA (Elliptic Curve Digital Signature Algorithm) in Bitcoin, suggesting that opting for Schnorr signatures would have been preferable, especially considering the Schnorr patent expired in 2008. The primary concern raised revolves around a recent Bitcoin Improvement Proposal (BIP) that could potentially lead to significant inefficiencies in the future. This BIP is criticized for its potential to greatly increase the sizes of public keys and signatures as well as the computational cost required for verification. Such changes are deemed particularly problematic for a storage-limited blockchain like Bitcoin.

The email shifts focus to the topic of quantum-resistant (QR) cryptography, specifically lattice-based asymmetric-key cryptography. While acknowledging the hype around QR cryptography for its potential to enhance security, the author argues that its application within Bitcoin is premature. They highlight the infancy of QR cryptography in terms of both research and standards, suggesting that the technology is not yet mature enough for integration into Bitcoin's architecture. The point is made that other applications, such as TLS or end-to-end encrypted messaging apps, do not face the same stringent constraints as Bitcoin does regarding storage space and thus may be more suitable environments for experimenting with QR cryptography.

A proposed alternative to address quantum threats involves the adoption of P2TRH (Pay To Taproot Hash), despite some of its drawbacks like the loss of batch verification capabilities. This method, along with advice against address reuse, is presented as a more prudent approach to enhancing Bitcoin's security in the face of potential quantum computing advancements. Address reuse is likened to nonce reuse, with both practices being heavily cautioned against due to their security vulnerabilities.

Lastly, an emergency measure suggested by Matt Corallo is mentioned, which involves disabling key path spends in P2TR (Pay to Taproot) as a contingency against quantum attacks. This segment underscores the ongoing debate and search for solutions within the Bitcoin development community to preemptively counteract quantum threats without compromising the efficiency and practicality of the blockchain.