I was listening to Joe Rogan's interview with Michio Kaku last week, and he commented that quantum computing will be the end of privacy. This of course got me thinking again about bitcoin in a post quantum computing world. So I started looking at the different ways that bitcoin could defend against this future threat. I know some SN members will think that this subject has been discussed too many times, but my fear has kicked up again.
To the future David Chaums out there, what do you see as the future? I know the current algorithms are going to be vulnerable at some point. I read about Lamport signature, Ring-LWE signature, the McEliece cryptosystem, the multivariate polynomial signature scheme, and XMSS signature. Are these viable solutions? Is it too early to worry about this? Should a new set of algorithms be tried now?
Cryptography is way over my head, but I'm sure there are SN users who understand these things.
I wonder whether there is a group of people out there who are actively addressing this issue?
IMHO, Bitcoin's biggest threat is the human stupidity, not QC.
reply
You mention hashes being an extra hurdle, however taproot addresses use raw public keys AFAIK because hashes were deemed unnecessary.
Also, if an upgrade through sending your UTXO into a new format were ever required, the mempool/tx fee situation might become.. interesting. With subsequent affect on purchasing power ("price").
reply
Let’s start worrying about quantum computing when it starts being able to do anything interesting whatsoever
reply
It is a long way from being a threat right now, and there are many hurdles to overcome.
Still, there is a huge upside financially to advancing quantum computing, which is always a big motivator. In the meantime, learning how to strengthen bitcoin's security can only be a good thing.
It might be too late if we wait for "something interesting" to show up.
reply
Yeah, there are a ton of people getting paid to work on Quantum Computing. There seems next to no meaningful progress for decades for the amount of money that is being sunk into it. While the algorithms seem reasonable, the engineering challenges appear insurmountable, to the point that the whole field appears like bullshit technology to me.
reply
You have a different threshold for "interesting"... :)
The thing is quantum will also be first gradually, then suddenly. And when it's suddenly, then it's quite too late to start sending emails to bitcoin-dev.
reply
Exactly
reply
One thing is certain tho, some scammer will fork bitcoin and create yet another shitcoin.
reply
is cryptography a race to the bottom? I heard a professor on the subject say in his introduction to cryptography that every algorithm is eventually broken and the game is to discover a new one before you're in danger.
reply