Another bone to pick with wording and oversimplification from the 4/1 daily briefing:
"P2PKH (standard addresses) are only vulnerable if you reuse addresses, because the public key is revealed when you spend."
Segwit addresses, legacy/nested/native/native multisig are only ever vulnerable to quantum attack, assuming a CRQC existed, which it doesn't, during the short time it takes from when a transaction is signed and broadcast and when it is included in a block. That's going to be ~10 minutes. From that point forward the funds are safe at rest forever, assuming the receive address wasn't reused from a previous send address.
This is the part that I think gets glossed over that people don't understand. The term "reused address" isn't clarified. You can send funds over and over and over to the same address and that receiving address is in no way vulnerable to quantum attack, except during the delay between broadcast and confirmation as discussed. The "reuse" part of the warning is specific to reuse of a SENDING address. Once a transaction is sent from an address the public key, or the witness script for multisig, are revealed and permanent on the blockchain. If you were to send funds back to that send address THEN those specific funds (UTXO) would be vulnerable at rest. The reusing of a send address as a receive address would have to be done manually because every modern wallet on the planet uses fresh addresses for send/receive/change. Basically you would have to be deliberately stupid to create a situation were a PORTION of your funds were susceptible to an attack that doesn't exist.
"Address reuse" is a nebulous term and gets confused and conflated with privacy concerns that are separate from the quantum risk.
Another bone to pick with wording and oversimplification from the 4/1 daily briefing:
"P2PKH (standard addresses) are only vulnerable if you reuse addresses, because the public key is revealed when you spend."
Segwit addresses, legacy/nested/native/native multisig are only ever vulnerable to quantum attack, assuming a CRQC existed, which it doesn't, during the short time it takes from when a transaction is signed and broadcast and when it is included in a block. That's going to be ~10 minutes. From that point forward the funds are safe at rest forever, assuming the receive address wasn't reused from a previous send address.
This is the part that I think gets glossed over that people don't understand. The term "reused address" isn't clarified. You can send funds over and over and over to the same address and that receiving address is in no way vulnerable to quantum attack, except during the delay between broadcast and confirmation as discussed. The "reuse" part of the warning is specific to reuse of a SENDING address. Once a transaction is sent from an address the public key, or the witness script for multisig, are revealed and permanent on the blockchain. If you were to send funds back to that send address THEN those specific funds (UTXO) would be vulnerable at rest. The reusing of a send address as a receive address would have to be done manually because every modern wallet on the planet uses fresh addresses for send/receive/change. Basically you would have to be deliberately stupid to create a situation were a PORTION of your funds were susceptible to an attack that doesn't exist.
"Address reuse" is a nebulous term and gets confused and conflated with privacy concerns that are separate from the quantum risk.