Neha Narula, a researcher at the MIT Media Lab who specializes in cryptocurrencies, published a roadmap to protect Bitcoin from quantum computers on April 20 of this year. Its central argument is that available solutions must be taken immediately, without waiting for answers to all future problems.
Narula’s proposal comes during a high-profile discussion within the community. last year Several initiatives have been announced: From Adam Back’s proposal to integrate the SLH-DSA signature scheme into Taproot addresses to researcher Avihu Levy’s proposal to secure transactions without the need for soft forks. It also includes more positive proposals, such as those of Jameson Ropp. Since he was unable to migrate Satoshi Nakamoto’s coins, he proposes a migration where the coins are frozen.
In the midst of this generation’s proposals, Narula asserts that what matters is not how much work is done, but what remains and what must be done. if you move fast enough. Based on this criterion, researchers propose to implement a new type of secure post-quantum output in Bitcoin, although the most complex problems remain unsolved.
Narula Suggest three concrete steps:
- Design and activate soft forks that introduce new types of output.
- Adjust wallets and application developers to support it.
- Tell your users why they need to transfer their coins.
What would be at stake if no one emigrated?
The technical solution proposed by Narula as the main candidate is P2MR (BIP 360), which eliminates the exposure of cryptographic keys. Combined with a new post-quantum signature opcode Support for multiple encryption schemes.
According to researchers, this combination could allow users to move their coins into a format that is resistant to quantum computers. And unless that threat is imminent, continue using your current company to transfer funds.
The developer also points out that this problem is not isolated to individual users, as a high percentage of coins exposed can destabilize the entire network when a threat arrives. The researchers do not estimate how many coins will remain unmigrated if this mechanism is implemented, but they assure that the adoption of the new format is certain. Can be measured in real time on the chain.
Narula admitted that he does not have a clear position on Satoshicoin, whose public key is already visible on-chain and accounts for more than 2.9% of the total circulation. According to his approach, You don’t have to make that decision now to move forward with what’s available..
The debate oscillates between the technical and the political.
From a technical perspective, Narula acknowledges that implementing post-quantum signatures will mean a cost in transaction size, impacting both the cost per transaction and the demand for block space. Therefore, I think the most promising scheme is OP_CHECKSHRINCS. This is another technological solution designed to protect Bitcoin from future quantum threats, and it generates signatures that are approximately five times larger than current ones.
Considering this possibility, researchers Suggests that Bitcoin block size needs to be increased And we estimate that an increase of 2x to 8x is acceptable from a diversification perspective.
The researchers also state the main objections to her proposal. Some believe that P2MR is difficult to implement correctly due to the large number of wallets. If few users migrate, It is wise to focus efforts on more drastic measures For when a threat is imminent.
The researchers respond to these objections as follows: None of these arguments justify not moving forward.: The sooner post-quantum output is available, the more time users will have to migrate.
Narula acknowledges that there are unanswered questions and difficult decisions ahead, including the fate of currencies that will never be migrated. But his position is that waiting until everything is known before acting is itself a risk. Researchers have reiterated that the first step is providing users with safe options, but the rest doesn’t have to be solved.
(Tag translation) Bitcoin (BTC)
