0age pfp
0age
@0age
imagine ECDSA is demonstrated to be broken by quantum computing tomorrow now everyone’s scrambling to move funds into a smart wallet with quantum-resistant signature verification ASAP what’s the best implementation of this currently out there? does one even exist?
11 replies
44 recasts
173 reactions
Dan Romero pfp
Dan Romero
@dwr.eth
curious if @vitalik.eth has thought about this
4 replies
31 recasts
98 reactions
EulerLagrange.eth pfp
EulerLagrange.eth
@eulerlagrange.eth
Sha256 and similar hash functions are considered quantum safe. STARKs use hash functions heavily and so are also considered quantum safe. So in a pinch you could hard fork an upgrade where everyone switches to a new key, and a zk proof of knowledge is used for the new private key instead of normal signatures.
3 replies
0 recast
10 reactions
0age pfp
0age
@0age
i'm thinking no time for hard fork, like literally being blindsided and seeing coins start moving out of big accounts granted, everything likely goes to zero in this scenario but my point is what could one individual do to protect themselves from falling victim before social coordination can step in
3 replies
0 recast
2 reactions
Dean Pierce 👨‍💻🌎🌍 pfp
Dean Pierce 👨‍💻🌎🌍
@deanpierce.eth
I don't think there's anything ready off the shelf, but maybe build something that requires a kyber signature, and verified with a snark in /risc-zero so you don't need to verify the pq signature itself in the EVM. https://github.com/Argyle-Software/kyber
1 reply
0 recast
3 reactions
Dean Pierce 👨‍💻🌎🌍 pfp
Dean Pierce 👨‍💻🌎🌍
@deanpierce.eth
Actually Falcon probably makes more sense 😅 https://blog.cloudflare.com/another-look-at-pq-signatures/ https://github.com/aszepieniec/falcon-rust
1 reply
0 recast
2 reactions
Dean Pierce 👨‍💻🌎🌍 pfp
Dean Pierce 👨‍💻🌎🌍
@deanpierce.eth
An EIP to add a Falcon pre-compile has been discussed, but until that exists, the risc zero approach lets you do it for the cost of a snark verification, which I believe risc zero provides for most major chains. https://ethereum-magicians.org/t/eip-7592-falcon-signature-verification-pre-compile/18053
1 reply
0 recast
0 reaction
EulerLagrange.eth pfp
EulerLagrange.eth
@eulerlagrange.eth
Admittedly I’m not up to date on the nist post quantum signature methods. I remember within a couple years a scheme was proposed that was broken soon after. Not saying that is the case for Falcon, but usually you can’t prove something is secure directly. You build it from some key assumptions, and then time will tell if the assumptions hold. 1000 byte lattice based public key? I need to read up on the short integer solution stuff with rings
1 reply
0 recast
2 reactions
EulerLagrange.eth pfp
EulerLagrange.eth
@eulerlagrange.eth
Also in my defense he said no time for upgrades 😉
1 reply
0 recast
2 reactions
Dean Pierce 👨‍💻🌎🌍 pfp
Dean Pierce 👨‍💻🌎🌍
@deanpierce.eth
Yeah, I guess the idea here would be like a panic room contract that you quickly throw all your assets into, and you can only move them out if you can demonstrate some zk proof of something, like a pq signature or whatever. Hide out there until the dust settles, and you'll probably still have your funds at the end.
2 replies
0 recast
1 reaction
EulerLagrange.eth pfp
EulerLagrange.eth
@eulerlagrange.eth
I’m skeptical it’ll be a sudden event that we won’t have time to prepare. Though I’ve realized in this thread we should probably get the necessary forks ready. Have them refined so we don’t have to rush updates to mainnet
1 reply
0 recast
2 reactions
Dean Pierce 👨‍💻🌎🌍 pfp
Dean Pierce 👨‍💻🌎🌍
@deanpierce.eth
Yeah, will almost certainly be a long drawn out thing where the first quantum breaks end up taking a few years for a single key, are ridiculously over-funded and well publicized. Even if North Korea starts popping keys there's near zero chance of it scaling in any meaningful way. I imagine less technical whales will get hit first where it's actually feasible that they just had shitty key management, and people will start suspecting something's up but it won't actually be confirmed for many years. Would be interesting if attackers got a bunch of whale keys, and front ran targets as they tried to move to a secure vault, but made it look like a fat finger or something such that a fork would be politically difficult.
0 reply
0 recast
0 reaction