Nostr Web Client

A similar reason for why the secp256k1 elliptic curve was chosen over the secp256r1 curve for DSA signatures.

Although, that does not mean that any of those are immune to future discoveries of vulnerabilities or backdoors or being broken.

And if/when that day comes, then the community will have to accept a hard fork. Fingerprinting all the accepted block history, and using new hashing or signing algorithms for future blocks.

Could Satoshi have added a small cryptographic spec to each transaction to detail the hashing and signing algo, allowing them to be changed w/out a fork? Or would that come with its own risks of the blockchain's security being subverted if it is made too easy to update such things.

Alex Waltz 1y ago

Well one reason might be the "r", because you can't really know the NUMS are really NUMS, i think.

If bitcoin needs a new hashing algorithm its most prolly fucked, and the chaos a change would cause it think it would die.

Reply to this note

Please Login to reply.

Discussion

CryptoDrew 1y ago

Also, there have been suggestions that the NSA has a backdoor for the secp256r1 curve.

As for bitcoin being fucked if it ever were to ever need a new hashing algo, I'm not sure. I would imagine that several forks would come out of it as a result, and one or more would likely have a fair amount of success. Only time will tell.