Haus
I am Big Balls!
- 18,570
- 76,689
Essentially crypto is here to do to banks what online retailers did to brick and mortar ones....
- 2
Bitcoins/Litecoins/Virtual Currencies
- Thread starter Tripamang
- Start date
Essentially crypto is here to do to banks what online retailers did to brick and mortar ones....
Sheriff Cad
scientia potentia est
- 30,827
- 72,763
I think banks have a lot more political power than brick and mortar retailers, and their fighting back will be a lot more effective.
- 1
Flobee
Ahn'Qiraj Raider
- 3,127
- 3,644
FUD over quantum is midcurve stuff honestly. Adopting a "quantum safe" algorithm would be relatively simple to do. If the chain was blindsided by it and got hacked, it would be fairly simple and likely not even all that controversial to select a chainstate before the obvious hack and revert. Would do irreparable damage to trust in Bitcoin for sure, but its not particularly difficult from a technical standpoint.
Now discussions about -which- quantum safe algorithm to choose and when to implement that is hotly debated, and actively so if you're listening to the right people. Quantum simply isn't a short term threat so the discussions about solutions get overshadowed by FUDsters. You won't see consensus on something like this until its apparent that its needed. Pressure on this front via FUD is probably good long term, but I don't see it as a looming threat realistically.
Now prematurely adopting the wrong algorithm... specifically one that has a undisclosed vulnerability? Thats deadly. Not something to be rushed and those pushing for urgency here may have ulterior motives worth considering.
- 1
Arden
Vyemm Raider
- 3,094
- 2,397
Don't disagree.
The quantum issue itself is a little different than most FUD btc has lived through though, in that the danger here is very real and the consequences of failing to address it would be catastrophically serious.
Like you said though, there is a relatively easy solution (from a technical perspective) and little reason to believe it won't be implemented in time.
Interestingly this is another example of how one bitcoin's biggest strengths, it's decentralized nature, is acting as a weakness- at least when it comes to short term price action.
If Bitcoin had a CEO who could call a press conference and reassure investors that they are well aware of the issue and are already taking steps to fix it, it would alleviate 90% of the concerns.
But if Bitcoin had a CEO then it wouldn't be Bitcoin.
- 1
Seananigans
Honorary Shit-PhD
- 15,470
- 39,303
So what exactly is the quantum worry with BTC? Simply that wallets could be broken into and everyone’s BTC stolen?
If so, how is that any different than everyone’s digital USD, which is 99.9999% of all USD?
If so, how is that any different than everyone’s digital USD, which is 99.9999% of all USD?
Furry
Email Loading Please Wait
- 27,293
- 40,127
It’s an imaginary problem that’s basically a boogie man to some people. Quantum computers don’t and won’t exist in any functional form in our lifetimes.
Seananigans
Honorary Shit-PhD
- 15,470
- 39,303
Yes I know it’s a retarded theoretical worry, I’m just curious what exact shape the retarded worry is taking.
Flobee
Ahn'Qiraj Raider
- 3,127
- 3,644
Yes, breaking into wallets with pubkeys exposed on chain is the primary concern, which is yet another good reason not to reuse addresses.
The difference between this and USD is that the bank has full control over their ledger and can reverse any fraudulent transactions. Doing the same for BTC requires a chain split and consensus.
- 1
Big Phoenix
Pronouns: zie/zhem/zer
- 49,413
- 108,726
Flobee
Ahn'Qiraj Raider
- 3,127
- 3,644
Certainly beats a system where one group of people have to work for money and another group of people to get create it from nothing. Fraud just has to be combatted in different ways than asking big brother to fix it for you.
- 2
Sheriff Cad
scientia potentia est
- 30,827
- 72,763
Its a little different because BTC wallets are public, in essence everyone knows your account number and can submit transactions to your "account." But if the transactions aren't encrypted properly with your private key, they won't be accepted by the blockchain.
Bank accounts have literal barriers to entry (passwords, 2fa), BTC has encryption barriers. Quantum computing will theoretically upend typical encryption today, so it could make the current way BTC works untenable.
- 1
Arden
Vyemm Raider
- 3,094
- 2,397
Did a quantum deep dive a few months ago. Here's a pretty succinct (as succinct as a complicated topic can be) explanation:
Really important distinction: BTC addresses aren’t public keys. They’re hashes of public keys. Your public key only gets revealed when you spend from an address. So just buying and holding BTC in a fresh address isn’t vulnerable to Shor’s at all. The theoretical quantum risk only starts after an address has been used once, which is why address reuse is bad and why Satoshi’s early coins (already exposed) get so much attention
I saw the quantum FUD and got concerned, so I did some research on this. This issue isn't so much "quantum computing" broadly, it's Shor's Algorithm, a quantum algorithm that can factor large numbers and compute discrete logarithms exponentially faster than classical computers.
In theory, a sufficiently powerful quantum computer running Shor’s algorithm could derive a private key from its public key but only if:
1. The public key has been revealed (e.g., by sending a transaction), and
2. The attacker has a quantum computer with millions of error-corrected qubits- which does not exist today.
The thing is, even with quantum computing, Shor's algorithm is purely theoretical. There's no guarantee that, even with quantum computing achieved, it would work anytime soon (or at all).
At the moment, quantum computers can't do anything close. To break Bitcoin signatures using Shor’s algorithm, a quantum computer would need roughly 10–30 million physical qubits. The most advanced machines today have ~1000 qubits.
The most optimistic (realistic) projections put us 4-5 years out before we get a quantum computer that can run Shor's and *possibly* hack the specific BTC addresses that have revealed their public keys. More likely estimates are 10+ years and (again) it's still only theoretical.
Importantly, as others have mentioned, this is a solvable problem. Bitcoin can upgrade before quantum becomes a threat.
The bottom line is that quantum computers do not threaten Bitcoin today. And by the time they might (decades, if ever), Bitcoin will almost certainly have quantum-resistant signatures, upgraded wallets, and migration paths for old coins.
Anyone who has followed the crypto space for a while knows that shorts and whales waiting to buy LIVE for FUD like this. People dumb enough not to research it panic and sell and these guys profit.
Very few blockchains are natively post-quantum. Most chains (BTC, ETH, SOL, NEAR, AVAX, APT, SUI, DOT) use ECDSA or ED25519 and are fully breakable by Shor’s algorithm. Some of the chains that are natively Shor resistant are QRL, Praxxis, and (believe it or not) Algorand.
In theory, a sufficiently powerful quantum computer running Shor’s algorithm could derive a private key from its public key but only if:
1. The public key has been revealed (e.g., by sending a transaction), and
2. The attacker has a quantum computer with millions of error-corrected qubits- which does not exist today.
The thing is, even with quantum computing, Shor's algorithm is purely theoretical. There's no guarantee that, even with quantum computing achieved, it would work anytime soon (or at all).
At the moment, quantum computers can't do anything close. To break Bitcoin signatures using Shor’s algorithm, a quantum computer would need roughly 10–30 million physical qubits. The most advanced machines today have ~1000 qubits.
The most optimistic (realistic) projections put us 4-5 years out before we get a quantum computer that can run Shor's and *possibly* hack the specific BTC addresses that have revealed their public keys. More likely estimates are 10+ years and (again) it's still only theoretical.
Importantly, as others have mentioned, this is a solvable problem. Bitcoin can upgrade before quantum becomes a threat.
The bottom line is that quantum computers do not threaten Bitcoin today. And by the time they might (decades, if ever), Bitcoin will almost certainly have quantum-resistant signatures, upgraded wallets, and migration paths for old coins.
Anyone who has followed the crypto space for a while knows that shorts and whales waiting to buy LIVE for FUD like this. People dumb enough not to research it panic and sell and these guys profit.
Very few blockchains are natively post-quantum. Most chains (BTC, ETH, SOL, NEAR, AVAX, APT, SUI, DOT) use ECDSA or ED25519 and are fully breakable by Shor’s algorithm. Some of the chains that are natively Shor resistant are QRL, Praxxis, and (believe it or not) Algorand.
Really important distinction: BTC addresses aren’t public keys. They’re hashes of public keys. Your public key only gets revealed when you spend from an address. So just buying and holding BTC in a fresh address isn’t vulnerable to Shor’s at all. The theoretical quantum risk only starts after an address has been used once, which is why address reuse is bad and why Satoshi’s early coins (already exposed) get so much attention
- 2
Flobee
Ahn'Qiraj Raider
- 3,127
- 3,644
Thanks for laying that out. I meant to bring up that caveat, but didn't have time to properly source to make sure I explained it right. The morale here is with Bitcoin you ALWAYS receive to a fresh address and when you spend you do so in a way that sends the sats you're spending to the address needed for the purchase, and the rest to a fresh address generated from your wallet. Most Bitcoin only wallets will do this automatically, but you have to be careful with "crypto" wallets as they are often much less sophisticated and will make you vulnerable to this.
Also, when withdrawaling from an exchange, use a fresh address each time and ideally you don't want a massive amount in a single address. You also don't want $1 of sats on an address by itself (this is known as dusting) as that has its own issues. A decent rule of thumb is at least 200k sats (~$150 currently) per UTXO at the very minimum. Fat UTXOs are better than tiny ones. Additional caveat that if you're using Lightning or a "Hot Wallet" this works a bit differently so don't @me about how Bitcoin must suck with these constraints, these are specifically for Layer 1 cold wallet addresses, frameworks for proper use will shift with context and over time a lot of this stuff gets baked into software UX and the user doesn't even see it.
BTC security and privacy can get pretty in depth but the above is enough to keep you safe in most circumstances.
Last edited:
- 1
