From: Javier Mateos <javierpmateos@gmail•com>
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] Against Allowing Quantum Recovery of Bitcoin
Date: Sun, 30 Mar 2025 15:23:17 -0700 (PDT) [thread overview]
Message-ID: <fe4acdff-67ba-4fc6-8844-92d3bd7ca402n@googlegroups.com> (raw)
In-Reply-To: <1c7817fa-6451-4256-b8ce-ddca45abbf52@mattcorallo.com>
[-- Attachment #1.1: Type: text/plain, Size: 3499 bytes --]
Hi everyone!
Seeing the discussions about transitioning to quantum-resistant signatures,
I notice three main concerns:
-
What should be done with vulnerable funds? Freeze them or leave them
exposed?
-
How can the transition be made without affecting Bitcoin’s stability or
dividing the community?
-
How can we avoid market chaos if the transition is disorderly?
Personally, I believe the key is a gradual, well-planned transition based
on incentives rather than abrupt changes that create uncertainty.
I can think of a three-phase approach:
🔹 First, allow users to add optional PQC keys to their Taproot addresses
starting now.
🔹 Then, before the quantum threat becomes real, introduce a soft fork that
disables vulnerable signatures, but with a long migration period (at least
four years).
🔹 Finally, when the threat is imminent, gradually phase out old signatures
instead of forcing a sudden change.
For this to work, adoption should be incentivized—for example, with lower
fees for secure transactions and wallet tools that facilitate a smooth
transition. Additionally, real-time monitoring of vulnerable addresses
would help mitigate risks.
Another key point is to avoid panic. Instead of a sudden "D-Day" where
everything changes at once, the deactivation of old UTXOs should be
gradual, with clear communication so no one feels forced or disadvantaged.
In summary, this is not about imposing rules or confiscating anything, but
about providing options for an orderly transition that doesn’t compromise
Bitcoin’s philosophy.
-Javier Mateos
El viernes, 28 de marzo de 2025 a las 21:02:43 UTC-3, Matt Corallo escribió:
>
>
> On 3/25/25 4:16 AM, Sjors Provoost wrote:
> > Matt Corallo wrote:
> >
> >>> In that scenario you'd need to use a NUMS point for the key path. Or
> maybe that's unsafe, in which case we'd need a new Taproot version without
> key path support (or BIP360). That's also not a difficult soft fork, but
> now again you have something that only a small set of users will want to
> use.
> >>>>
> >>>>
> >> A NUMS point does not suffice unless we explicitly soft-fork out
> spending from that NUMS point (which is, of course, doable).
> >
> > This could be a solution to the sequencing conundrum that I tried to
> explain.
> >
> > Along with the first PCQ scheme for tapscript (script path), we could
> have a soft that disables one or more NUMS points. The latter has zero
> effect under the current cryptographic assumptions, so it's not
> confiscatory.
> >
> > That way people can start using the scheme without having to worry about
> whether the community decides to freeze key path spending in time. They'll
> still worry about the market value of their coins, but not about whether
> they're going to be the first victim (or the umpteenth victim while
> everyone is in denial and blames them for poor key management).
>
>
> Mmm, yea, fair enough, that seems perfectly reasonable to include.
>
> Matt
>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups•com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/fe4acdff-67ba-4fc6-8844-92d3bd7ca402n%40googlegroups.com.
[-- Attachment #1.2: Type: text/html, Size: 4050 bytes --]
next prev parent reply other threads:[~2025-03-31 20:41 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-16 14:15 Jameson Lopp
2025-03-16 18:03 ` Chris Riley
2025-03-16 19:44 ` Nagaev Boris
2025-03-16 21:25 ` Jameson Lopp
2025-03-16 22:56 ` IdeA
2025-03-17 13:28 ` Jameson Lopp
2025-03-17 12:00 ` Matt Corallo
2025-03-18 12:48 ` Sjors Provoost
2025-03-25 1:06 ` Matt Corallo
2025-03-25 8:16 ` Sjors Provoost
2025-03-28 20:00 ` Matt Corallo
2025-03-30 22:23 ` Javier Mateos [this message]
2025-03-22 19:02 AstroTown
2025-03-24 11:19 ` Agustin Cruz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fe4acdff-67ba-4fc6-8844-92d3bd7ca402n@googlegroups.com \
--to=javierpmateos@gmail$(echo .)com \
--cc=bitcoindev@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox