Your Bitcoin is safe from quantum computers because we can soft fork to new signature schemes, so all you'd need to do is move your coins to a new address.
But it is theoretically possible that lost coins can be stolen/retrieved (depending how you see it) if they aren't moved in time
As far as I understand it
If they are truly lost would this not be considered a finders fee or right to salvage in cyberspace?
Interesting point π€
A question for the philosophers
My belief is if you have the keys, you are the rightful owner, even if you hacked them or derived them with a quantum computer - since this is how Bitcoin fundamentally works
the only way to recognize the property of a utxo is signin and broadcastin, so destroing the property itsel. You "own" for an istant, when block with your tx is confirmed is propagating.
That Bitcoin gets homesteaded
Hereβs an interesting talk from Jameson Lopp about it:
What's the time frame
moving utxos can be fucking costly.
can ruin your coinjoin efforts.
be careful
exactly, in a long enough timeframe is very likely satoshi coins will move
Can you imagine the fee spike during an event like this... ?
Wait. What if somebody grabbed satisfies coins? We'd have to lock his mining addresses to prevent a quantum degenerate from being the richest person ever.
That would require a hard fork and would be a censored network - likely go to zero
A solution could be to give people a window of time (say, 5 years) in which to move their coins from old addresses to new, quantum resistant addresses. Then miners would stop including transactions from non quantum addresses in their mined blocks. (a soft fork can do that). It is censorship in some way, but with a long time frame for people to adapt to it.
during this time, wallets could start warning users that they are using outdated addresses, and they should migrate ASAP.
Any miner running an older version of Bitcoin that mines those coins being spent would lead to a chain split (one chain they are spent, the other they are locked) - aka hard fork. Such a change is not backwards compatible.
Chain split != hard fork
Clients would follow the chain with the most PoW
I think something that is often overlooked is that all (?) post-quantum signature schemes require LOTS more space. It would drastically reduce the amount of TXs a block can fit
