New Bitcoin Proposal BIP-361 Seeks to Lock Quantum-Susceptible Cryptocurrency Holdings
A new Bitcoin Improvement Proposal, BIP-361, outlines a gradual transition to quantum-safe technology, including a five-year timeline to freeze coins held in vulnerable legacy addresses.
A group of six Bitcoin security experts, led by cypherpunk Jameson Lopp, has put forward a controversial plan to freeze cryptocurrency holdings that are vulnerable to quantum computing attacks on the Bitcoin blockchain, which would include the approximately $74 billion worth of Bitcoin attributed to the network's pseudonymous creator Satoshi Nakamoto, as a safeguard against theft when quantum computing technology becomes sufficiently advanced.
This initiative represents the second component of a three-part framework detailed in BIP-361, titled "Post Quantum Migration and Legacy Signature Sunset," which appeared as a draft document on GitHub this Tuesday.
The proposal tackles a significant vulnerability facing Bitcoin — the possible exploitation of quantum computing technology to compromise approximately 1.7 million BTC secured in early pay-to-public-key (P2PK) addresses, which includes Satoshi's holdings, as these addresses lack quantum-resistant protections.
Should these coins fall into malicious hands, they could substantially damage the network's overall value proposition.
Three phases to quantum security
BIP-361 expands upon BIP-360, which was published in February and introduced a soft fork mechanism for implementing a novel output format known as pay-to-Merkle-root (P2MR). This format functions in a manner comparable to Bitcoin's current Taproot (P2TR) address system, but eliminates the quantum-susceptible key path component.
Although BIP-360 offers protection for newly created coins moving forward, it fails to resolve the issue affecting approximately 34% of the total Bitcoin supply that continues to remain at risk unless these holdings are moved to updated address formats.
According to BIP-361, three years following the proposal's activation, phase A would prohibit the transfer of any new BTC to legacy address formats, thereby ensuring all network participants utilize quantum-resistant address structures.
During the subsequent phase (B), legacy signature types would be rendered invalid, and any Bitcoin remaining in susceptible addresses would become essentially frozen five years following the activation date.
Phase C introduces a potential recovery system utilizing zero-knowledge proof technology, enabling individuals who failed to meet the migration deadline but retain possession of their seed phrase to reclaim their frozen assets.
The proposal's authors characterized this mechanism as a "private incentive to upgrade" given that lost or immobilized coins marginally increase the value of all remaining coins, while coins recovered through quantum computing capabilities would diminish the value of everyone else's holdings.
"This is not an offensive attack, rather, it is defensive: our thesis is that the Bitcoin ecosystem wishes to defend itself and its interests against those who would prefer to do nothing and allow a malicious actor to destroy both value and trust."
Bitcoin community pushes back
Nevertheless, the proposal carries the consequence of making certain existing unspent transaction outputs (UTXOs) permanently unspendable by their rightful owners should they not complete the upgrade process, a prospect that some community members view as a substantial philosophical divergence from Bitcoin's fundamental principles.
Mark Erhardt, a Bitcoin protocol developer and researcher who posted BIP-361 on the social media platform X on Tuesday, encountered significant community opposition and criticism, including statements such as "this quantum proposal is highly authoritarian and confiscatory … there is no good rationale for forcing the upgrade and rendering old spends invalid."
The proposal faced outright rejection from Bitcoin Magazine editor Brian Trollz, received criticism from TFTC founder Marty Bent who described it as "laughable," while Phil Geiger, who serves as head of business development at Metaplanet, offered the sarcastic observation, "We have to steal people's money to prevent their money from being stolen."
Cointelegraph reached out to Lopp for comments, but did not get an immediate response.