Thoughts on a network policy for quantum-vulnerable UTXOs (long-exposure quantum attacks)

There are two primary categories of vulnerability: address type vulnerability and address re-use vulnerability, each necessitating a distinct approach.

Address type vulnerabilities, such as those found in Pay to Public Key (P2PK) and Pay to Taproot (P2TR) addresses, prompt suggestions like freezing transactions from these types after Q-day or implementing a rate-limit on spends through proposals like the "Hourglass." The rationale behind freezing transactions lies in the assumption that there would be a sufficient warning period for the adoption of post-quantum (PQ) address types, making any transaction from legacy types after Q-day potentially compromised. On the other hand, a rate-limit aims to prevent market destabilization due to a sudden dump of compromised coins while possibly allowing white hat operators to recover and return funds to their rightful owners with proof of ownership.

For address re-use vulnerabilities, opinions diverge. One perspective is to leave these UTXOs as they are, allowing them to be spent, under the premise that this vulnerability is akin to user error, similar to insecure seed generation. Most funds in such addresses, having been used once, are likely accessible and expected to be moved to secure addresses by their owners before Q-day. Alternatively, enforcing a "cold sleep" on these UTXOs could prevent immediate, massive theft by freezing the assets until a consensus-approved recovery method, such as a zero-knowledge proof of seed phrase ownership, is developed. This approach seeks to balance the prevention of catastrophic theft with the maximization of recovery chances for those unable to move their funds in time.

The timing for activating these protective measures is critical. Implementing a freeze or rate-limit too early could unfairly penalize users yet to migrate their assets without compromising them to quantum attacks. Conversely, activating these measures too late would fail to prevent initial massive theft events, posing a significant challenge in reaching network consensus on the optimal timing.

This discussion invites further community input on the framework and considerations for other scenarios or policy trade-offs, emphasizing the importance of a balanced and timely response to the quantum threat.