Had a great chat with nostr:npub1r8l06leee9kjlam0slmky7h8j9zme9ca32erypgqtyu6t2gnhshs3jx5dk along with my co-author Clara in talking about Quantum Computing and what it means for Bitcoin.
(Now I see why a good mic is essential…)
Discussion
Great and thought provoking podcast. Thank you very much.
I am still a bit uncertain on exposure to quantum, however. In the following scenario, can you tell us which coins are exposed to quantum attack?
Bob buys a cold card. After setting it up and writing down the private key, Bob receives 10,000 sats to the first address it produces. Bob then sends 6,000 sats to Sally. Ignoring fees, 4,000 sats remain held by Bob.
Bob then receives a second transaction from Sally of 100,000 sats to the second address produced by the cold card. Bob does not send or spend any portion of this second transaction.
What sats on the cold card are vulnerable to quantum attack?
A) 4,000 sats
B) 100,000 sats
C) 104,000 sats
D) No sats
Look forward to any thoughts and explanation.
,
Hey Toby,
Great question. The tldr is that none of the funds are vulnerable in this circumstance:
D) No sats!
When Bob sends 6K of the original10K, the remaining ~4K is actually transferred to a new (change) address. It's no longer in the original 1st receival address, but is instead in the 1st change address!
And the second transaction of 100K is received to the 2nd receival address, which is separate from all of the above.
The real problem is when there are multiple receives to the same address, and at least one spend.
So your example, if the 100K was instead received to the original (1st) receival address (where the 10K was first received), then 100K would be vulnerable as the keys were exposed on the spend of 6K.
Hope this clarifies?
Thank you! Yes, very helpful. 🙏🙏
Quick follow up, if you dont mind: what if, in the first transaction, Bob sent all of the 10k sats back to Sally ... I presume then that the public key is public, and the private key could be derived (potentially) by quantum computing? If so, I'm unsure if the 100,000 would be vulnerable as well, since it is a separate address?
Hope this makes sense. Enjoy the day.