bitcoin-dev

Proposing a P2QRH BIP towards a quantum resistant soft fork

Proposing a P2QRH BIP towards a quantum resistant soft fork

Original Postby Hunter Beast

Posted on: August 6, 2024 17:37 UTC

The discussion begins with an acknowledgment of the exponential increase in power that quantum computing brings, particularly highlighting the capabilities of a cryptographically relevant quantum computer (CRQC) and its potential for doubling computational power with each added qubit.

IBM's research into CRQCs, including the Quantum System Two that can support up to 16,000 qubits, showcases the significant advancements in quantum computing. This leads to considerations around the necessity of high error correction levels for quantum computations, suggesting that while classical computers can verify the results, running quantum programs multiple times may mitigate the need for extensive error corrections.

Attention is then drawn to the ongoing efforts in developing post-quantum cryptographic schemes within the Bitcoin Improvement Proposal (BIP) framework, emphasizing the need to evaluate these schemes based on their generation/validation time and the size of public keys and signatures. The selection of FALCON over other algorithms like Dilithium, SPHINCS+, and SQISign is discussed due to its balance between signature size and security level, although it necessitates a higher witness discount to maintain transaction throughput within the Bitcoin network.

The conversation shifts to the practical implications of quantum attacks on Bitcoin and the strategies to mitigate such threats. One approach involves artificially inflating the witness stack size to increase the cost for a quantum attacker, leveraging Bitcoin's scripting capabilities. Another strategy mentioned is the submission of transactions through trusted mining pools to prevent public exposure of the key before the transaction is confirmed, thereby reducing the chances of a quantum attack.

Furthermore, the dialogue touches upon the importance of considering the physical architecture and error correction techniques suitable for defending against quantum attacks, indicating the complexity of accurately assessing the threat posed by quantum computing to Bitcoin.

In addressing the development of quantum-resistant measures for Bitcoin, there's a focus on adopting FALCON signatures due to their smaller size compared to Schnorr signatures and the possibility of further witness discount adjustments to accommodate larger transactions. The discussion also contemplates the use of HASH160 for cryptographic commitments within the proposed quantum-resistant BIP, while acknowledging the differing readiness levels of various post-quantum algorithms.

Finally, the conversation acknowledges the challenges and uncertainties surrounding the timeline and practicality of quantum attacks on Bitcoin, advocating for a proactive stance in researching and implementing quantum-resistant technologies. This includes exploring game-theoretic models to understand the dynamics between quantum attackers and Bitcoin's defense mechanisms, as well as staying informed about the progress in quantum computing, as exemplified by IBM's roadmap and developments in the field.