pull down to refresh

Quantum Risk to Bitcoin (Part 2)
950 sats \ 1 comment \ @bitcoin_devs 5 Jun bitcoin

šŸ§  Long-Range vs Short-Range Quantum Attacks on Bitcoin

Quantum computers will change the security assumptions of Bitcoin. But how exactly?
Letā€™s break it down.šŸ‘‡
Bitcoin relies on ECC to protect your private keys.
But quantum computers break ECC.
Quantum computers open two attack windows:
  • Short-range: pubkey is revealed before confirmation
  • Long-range: pubkey was exposed long ago and still sits on-chain

šŸ” 1- Short-Range Attacks (a.k.a. Transaction Hijacking)

Letā€™s start with a P2PKH transaction.
It looks secureā€¦ until you broadcast it.

šŸ‘€ When Does the Public Key Appear?

In P2PKH, your public key stays hidden until you spend.
The moment you sign a transaction, your pubkey becomes visible.

A Window for Attack

From that moment, thereā€™s a race:
Can a quantum attacker compute your private key before your transaction gets mined?

ā³ Mempool = Danger Zone

Hereā€™s how it plays out:
  1. You sign and broadcast your tx
  2. It enters the mempool
  3. Miner hasnā€™t mined it yet
    ā†’ Thatā€™s the attack window

Next step: they broadcast a conflicting transaction that spends the same coins.

Miner Chooses the Higher Fee

šŸ•µļø 10. Transaction Hijacking

Also known as a front-running attack.
Itā€™s specific to the time window between broadcast and mining.

šŸ§± 2- Long-Range Attacks

These are scarier.
They target coins that already have public keys exposed ā€” like old P2PK outputs.
These UTXOs are permanently vulnerable.
A quantum attacker can sweep them at any time.
Once a public key is on-chain, the attacker doesnā€™t need perfect timing.
They can break it at any moment in the future.
Examples of script types vulnerable to long-range attacks:
  • P2PK
  • P2MS
  • P2TR (script-path)
    All reveal the pubkey before spend.

šŸ“Š P2PK Holds 8.68% of All BTC

Thatā€™s ~1.72 million BTC sitting in publicly-exposed outputs.
Mostly Satoshi-era coins.
(Source Chaincode last report on "Bitcoin and Quantum Computing")
Even P2PKH isn't totally safe.
If a user reuses the address, their public key becomes exposed and vulnerable to future long-range attacks.

šŸ”œ Whatā€™s Next?

In upcoming posts, weā€™ll cover:
  • Bitcoin Mining and Groverā€™s Algorithm
  • The ā€œBurn vs Stealā€ Dilemma
  • Post-Quantum Proposals: Lamport, OP_CAT, P2QRH...
Stay tuned.
šŸ‘‰ Make sure to follow @Bitcoin_Devs
so you donā€™t miss whatā€™s coming next!
write
preview
related posts
22 sats \ 0 replies \ @freetx 5 Jun
The current state of QC is some researchers with a desk full of fist sized vacuum tubes soldered together by hand telling you that the day is coming when they will be 4nm in size with billions of them on a postage stamp sized wafer.
Perhaps they are in fact right, but we are so far off from that there is no immediate need to do anything.
Quit falling for google/ibm marketing claims, its not intended for you....its aimed at fleecing wall street.
There was even a paper published last year that said that successful use of Shor may require a far lower QC noise floor than previously thought.
reply