pubkeys are derived from privkeys by ECC, which can be vulnerable to Shor's algorithm by simply calculating your privkey out of your pubkey. As long as your pubkey is not revealed, there can be no long range attack. P2WSH/P2WPKH only reveal a UTXO address specific pubkey when you spend them (so you have about 10 min for a short range attack).
Discussion
Thanks for the explanation ๐ค
I might have to update my list of essential shit nostr needs nostr:nevent1qvzqqqqqqypzqamkcvk5k8g730e2j6atadp6mxk7z4aaxc7cnwrlkclx79z4tzygqy88wumn8ghj7mn0wvhxcmmv9uq3jamnwvaz7tmswfjk66t4d5h8qunfd4skctnwv46z7qpq5ytyweq7k7589yvvpwv8hnesftdaqe4xl50nmmadjfgldewyjq8qufrfcd
Great list! ๐๐งก
Maybe also consider adding an audit to Tor attack vectors like timing analysis / Sybil attacks, especially if #Nostr is used for direct communication.
https://cointelegraph.com/news/tor-germany-timing-attack-privacy
Maybe in general "we need more security audits" should be a point in the list
Or is there something more specific I'm missing for a Tor section of the list?