Content pfp
Content
@
0 reply
0 recast
0 reaction
Thomas pfp
Thomas
@aviationdoctor.eth
Genuine question in light of Google's Willow announcement. We knew for years that both Bitcoin and Ethereum would eventually need to move from their current ECDSA to a post-quantum cryptographic algorithm. My understanding is that such a move will require (i) the implementation of a new algorithm in the codebase, obviously, but also (ii) user action to migrate their tokens to the newly-generated, quantum-resistant addresses. If my understanding is correct, does it mean that inactive wallets (deceased owner, lost passphrase, etc.) will inevitably become vulnerable at some point, or will they be prohibited from transacting past a certain date after the switch? If it's the latter, it breaks the promise of permanence of blockchains. If the former, it means that at some point, vast amounts of tokens from dead wallets will be retrieved and will flood the market once again. Chief among them, of course, are Satoshi's own wallets. This race to crack and dump old wallets would be catastrophic to public trust IMO
9 replies
10 recasts
85 reactions
Cassie Heart pfp
Cassie Heart
@cassie
For Ethereum, they're in the most danger — reuse of keys is the norm with the account model. For Bitcoin, a public key is not revealed until a transaction moves funds. Satoshi's coins for the most part aren't movable because the public key is unknown. That being said, willow is not a threat, we're still far away from a post quantum world.
3 replies
1 recast
32 reactions
Thomas pfp
Thomas
@aviationdoctor.eth
Thanks, Cassie. I hope someone close to the Ethereum R&D can weigh in. I think there are fewer inactive wallets with large ETH balances than with BTC, so the point I raised is arguably less of a problem regardless of how the migration eventually goes once we ditch secp256k1
3 replies
0 recast
3 reactions
Cassie Heart pfp
Cassie Heart
@cassie
If the eth account never signed a transaction then it's equally safe from the attack because the pubkey isn't exposed
0 reply
0 recast
4 reactions
polymutex pfp
polymutex
@polymutex.eth
Vitalik has written about what to do if this happens. tl;dr: Do a hard fork in which EOA transactions must now include a ZK proof that you know the BIP-32 seed phrase and derivation path from which the EOA pubkey is derived. https://ethresear.ch/t/how-to-hard-fork-to-save-most-users-funds-in-a-quantum-emergency/18901
1 reply
0 recast
1 reaction
J. Valeska 🦊🎩🫂 pfp
J. Valeska 🦊🎩🫂
@jvaleska.eth
I think vitalik has been talking about it some weeks ago and we are safer than we think, the migration would not be very hard if I remember it right
0 reply
0 recast
2 reactions