bitcoin-dev
Trivial QC signatures with clean upgrade path
Posted on: December 17, 2024 05:31 UTC
In a recent exchange on the Bitcoin Development Mailing List, contributors discussed several innovative ideas to enhance Bitcoin's security in anticipation of potential quantum computing threats.
One proposal highlighted was an alternative to the DASK idea, suggesting the integration of Winternitz one-time signature algorithms (WOTS) for a more gradual transition into post-quantum (PQ) cryptography. This approach offers flexibility, as it allows for the certification of public keys from future signature algorithms, potentially not yet developed. The simplicity and minimal space requirements of WOTS signatures make them appealing for immediate standardization and easy implementation within wallets. Utilizing WOTS as a first layer of certification before committing to a more complex second-layer signing algorithm like SPHINCS is suggested to give researchers and developers ample time to adapt.
The discussion also touched upon the concept of Proof of Quantum Capability (PoQC), which relies on the existence of a cooperative quantum computer (QC) to trigger a soft-fork for PQ upgrades. However, this method was critiqued for its impracticality and risk, as malicious QCs might avoid actions that would lead to such upgrades. This conversation led to the consensus that while PoQC could serve as an additional mechanism to signal the necessity for a PQ upgrade, the community should also be prepared for manual activation to ensure readiness against quantum threats.
Moreover, the challenge of maintaining BIP32 compatibility in a post-quantum world was examined. It was noted that any upgrade path would likely necessitate the end of traditional BIP32 extended public keys (xpubs) due to their vulnerability to quantum attacks. Proposals for new standards or modifications to BIP32 were suggested, including a 'wrapper' for xpubs incorporating the OP_SUCCESS script's tap leaf hash or altering the chain code within xpubs to include this hash. These ideas aim at preserving some level of backward compatibility while securing Bitcoin transactions against future quantum computing capabilities.
Overall, these discussions underscore the proactive measures being considered by the Bitcoin development community to safeguard the network against emerging quantum computing technologies. By exploring various cryptographic and strategic solutions, contributors are laying the groundwork for a secure transition to post-quantum cryptography, ensuring the longevity and resilience of Bitcoin.