imagine ECDSA is demonstrated to be broken by quantum computing tomorrow

now everyone’s scrambling to move funds into a smart wallet with quantum-resistant signature verification ASAP

what’s the best implementation of this currently out there? does one even exist?

curious if @vitalik.eth has thought about this

Sha256 and similar hash functions are considered quantum safe.

STARKs use hash functions heavily and so are also considered quantum safe.

So in a pinch you could hard fork an upgrade where everyone switches to a new key, and a zk proof of knowledge is used for the new private key instead of normal signatures.

Working on building zkTLS infra/products. A ruthless empiricist and meme connoisseur.

http://opacity.network

There’s nothing you can do.

Ethereum POS and most wallets are secured by elliptical curves over finite fields. So if someone gets a QC tomorrow that can break it we’re pretty much fucked.

You can compute a private key pretty quickly. There’s no good way to distinguish real owner from attacker.

—-

To protect yourself you can use a smart contract wallet with an auth mechanism that’s quantum safe. Would be alot of gas.

i'm thinking no time for hard fork, like literally being blindsided and seeing coins start moving out of big accounts

granted, everything likely goes to zero in this scenario

but my point is what could one individual do to protect themselves from falling victim before social coordination can step in

crypto + scientific compute at https://onai.com

Site: https://shriphani.com 

Art: https://instagram.com/life_of_ess

It wouldn’t be painless no doubts 

I think the AA bundler system could be repurposed to wrap many ZKPs into one to make it more bearable.

zk signatures are not small - many applications rely on small signatures. It is going to be a pretty rough upgrade with a lot of systems needing a do-over