imagine ECDSA is demonstrated to be broken by quantum computing tomorrow

now everyone’s scrambling to move funds into a smart wallet with quantum-resistant signature verification ASAP

what’s the best implementation of this currently out there? does one even exist?

curious if @vitalik.eth has thought about this

Sha256 and similar hash functions are considered quantum safe.

STARKs use hash functions heavily and so are also considered quantum safe.

So in a pinch you could hard fork an upgrade where everyone switches to a new key, and a zk proof of knowledge is used for the new private key instead of normal signatures.

Working on building zkTLS infra/products. A ruthless empiricist and meme connoisseur.

/opacity
/eulerlagrange