Related Articles
One StarkWare researcher has published what he says is the first way to make bitcoin transactions quantum-safe on the live network today without any changes to the Bitcoin protocol. But the scheme, though, costs up to $200 per transaction and is meant as an emergency measure rather than a permanent solution.
In a paper published this week, StarkWare researcher Avihu Levy introduced Quantum Safe Bitcoin (or QSB) — ‘the scheme designed to enable quantum-resistant transactions without the need for changes in the Bitcoin protocol’ that replaces signature security assumptions with hash-based proofs within its design.
While the hash-based design survives the type of quantum attack that would break today’s cryptography, it shifts burden from consensus to computation; this is a heavy off-chain GPU work required for each transaction.
A cheque is written as a handwritten signature of traditional digital signatures, which means you authorized ‘transaction with the secret key that others can cross check with – public key’.
ECDSA signatures are these digital signature in Bitcoin, and they are known as the “digital coding (ecda) signature”. A sufficiently powerful future quantum computer could, in theory, extract the secret key from a public key and potentially compromise funds by using ‘the secrets of today’s computers’.
Quora’s response to this flaw is by rewriting the system around another form of cryptography, which involves hash-based proofs (more like a tamper-proof fingerprint), where instead of using signature alone, he creates specialized mathematical digest of data. For powerful computers, it is said this is’very hard to forge/reverse’.
Using Bitcoin’s existing consensus rules for legacy transactions, QSB operates entirely within the framework of what is currently used by BTSB to make its own decisions. It requires no soft fork (software upgrade), no miner signaling, and no activation time. The difference is a sharp contrast to BIP-360, the quantum-resistance proposal that was integrated into Bitcoin’s official improvement proposal repository in February but does not implement bitcoin Core and has been subject to years of delay for governance.
The proposal based on an earlier concept called Binohash, which added another layer of computational work to secure bitcoin transactions. The problem is that it relies on a cryptography type that quantum computers are likely to break. Practically, that means the protection goes away in a quantum context. The system would be ineffective without a core security check, and an attacker could bypass the system’s core safety check entirely.
Extra cost
The hash-based solution, however, means extremely expensive transactions.
If you look at billions of candidates for a legitimate transaction, and process Levy estimates would cost $75 to $200 with commodity cloud GPU. At this point, the blockchain is about 33 cents to send a bitcoin transaction.
Similarly, there are practical challenges to the system as well as . Bitcoin’s normal blockchain, such as regular payments, would not be used to process QSB transactions. Rather, users would have to send them directly to miners who would process them.
Similarly, they do not use thinner layers such as the Lightning Network and are much harder to make than their faster counterparts. To make a transaction, it would require outsourcing heavy computation to external hardware rather than just signing and sending from Wallet.
It is a “last resort measure,” Levy says, and does not replace the scheme for protocol-level upgrades. Those that seek to introduce quantum-resistant signature schemes (such as BIP-360), which are the more effective long term solution, remain much more flexible but could take years to activate.
However, it is unclear whether BIP-360 will activate its activation timeline. But the odds of this year’s price for polymarket bettors are low, and Bitcoin has little reason to worry about its governance history – Taproot took around seven and a half years from concept to deployment. But then, mature quantum computers that can break the encryption that protects the network are not coming tomorrow either because of their arrival at the door.
QSB instead ‘Assuming something different, it is the way to survive a quantum break with today’s rules (if users are willing to pay for that) by using today ‘the rules’.
Thanks for reading Quantum-safe bitcoin now possible without a soft fork but costs $200 a pop new research shows
