imagine ECDSA is demonstrated to be broken by quantum computing tomorrow

now everyone’s scrambling to move funds into a smart wallet with quantum-resistant signature verification ASAP

what’s the best implementation of this currently out there? does one even exist?

curious if @vitalik.eth has thought about this

Sha256 and similar hash functions are considered quantum safe.

STARKs use hash functions heavily and so are also considered quantum safe.

So in a pinch you could hard fork an upgrade where everyone switches to a new key, and a zk proof of knowledge is used for the new private key instead of normal signatures.

Working on building zkTLS infra/products. A ruthless empiricist and meme connoisseur.

http://opacity.network

zk signatures are not small - many applications rely on small signatures. It is going to be a pretty rough upgrade with a lot of systems needing a do-over

crypto + scientific compute at https://onai.com

Site: https://shriphani.com 

Art: https://instagram.com/life_of_ess

It wouldn’t be painless no doubts 

I think the AA bundler system could be repurposed to wrap many ZKPs into one to make it more bearable.