Researcher reveals method to achieve quantum resistance in Bitcoin without changing core protocol
The approach would require users to spend approximately $75-$150 in GPU computing resources per transaction, which may restrict widespread adoption.
A researcher focused on Bitcoin has developed an innovative approach that could provide immediate quantum resistance for Bitcoin transactions while avoiding the necessity of implementing a soft fork.
Through a proposal made public on Thursday, Avihu Levy, who serves as chief product officer at StarkWare, introduced a transaction scheme called Quantum Safe Bitcoin (QSB) that he indicated would maintain security "even against an adversary with a large-scale quantum computer running Shor's algorithm."
Levy went on to explain that the scheme doesn't necessitate any modifications to the Bitcoin protocol and functions completely within the current legacy script constraints. The drawback, however, is that it comes with significant costs and probably isn't suitable for regular, everyday transactions, he noted.
Within the Bitcoin community, opinions have been divided regarding the best approach to address the quantum threat. QSB offers an interim solution while stakeholders work toward finalizing a long-term strategy.
The central characteristic of the scheme involves substituting the proof-of-work signature-size puzzle with what's known as a hash-to-sig puzzle.
Rather than depending on elliptic curve mathematics that quantum computers have the capability to compromise, the person spending must locate an input whose hash output coincidentally appears as a valid ECDSA (elliptic curve digital signature algorithm) signature, which demands brute-force computational work that not even a quantum computer can bypass.
Quantum Safe Bitcoin not practical for everyday use
The proposal does come with significant caveats, though. It requires the sender to invest between $75 and $150 per transaction in GPU computational resources and involves greater complexity than a standard Bitcoin transaction, meaning it would only be logical for protecting high-value BTC transactions.
"This is huge," stated Eli Ben-Sasson, CEO of StarkWare, asserting that it effectively renders Bitcoin quantum-safe today.
Nevertheless, Daniel Batten, a Bitcoin ESG specialist, characterized it as "an overstatement" due to the fact that exposed public keys and dormant wallets are "not addressed in the paper."
Batten was making reference to approximately 1.7 million BTC that remains locked in early P2PK addresses which could potentially be compromised by a quantum computer.
The existence of these vulnerable coins has sparked intense debate regarding how to handle the dormant assets, with the community divided among those who favor leaving Bitcoin unchanged to maintain its fundamental principles, those advocating for freezing or burning the vulnerable coins completely, and those supporting a protocol upgrade to enable quantum-safe signatures.
Protocol changes are the preferred solution
The researchers recognized that this represents a last-resort measure given that transactions are non-standard, the costs cannot scale to accommodate all users, and use cases such as the Lightning Network are not included in the solution.
They reached the conclusion that changes at the protocol level continue to be the preferred long-term pathway.
"While this article describes a solution that works today for quantum-safe Bitcoin transactions, it should be treated as a last-resort measure."
Google released a paper in March that created unease within the Bitcoin community by suggesting that a quantum computer might potentially break Bitcoin's cryptographic protections using significantly fewer resources than had been previously estimated.
In the meantime, Olaoluwa Osuntokun, chief technology officer at Lightning Labs, unveiled on Wednesday a quantum "escape hatch" prototype that allows users to demonstrate Bitcoin wallet ownership using the original seed phrase without disclosing it, which may function as an alternative method for Bitcoin authorization.