Is quantum resistant upgrade to #bitcoin security being worked on and would that mean generating new seedphrases from the scratch? I believe the changes would have to go deeper than just keys.
#asknostr
Discussion
I don't know the answer, but it's certainly something that needs looking at!
If quantum computing is ready to crack current bitcoin security there will be signs : whole world will fall apart first hahaha...
Quantum resistant improvements wouldn't affect your private keys at all. It would only introduce new address formats. Same seed words, same key generation methods for new wallets, just new address formats.
That said, I do think there is a new standard way to create, backup and secure your private keys that may or may not come in the form of seed words and it will be the new recommended way to secure your bitcoin and be quite disruptive for those who want to stay current.
All upgrades in bitcoin are backwards compatible. No change will force users to change their backups or move their bitcoin to new addresses, but those who don't may find themselves in less secure or less easy to recover situations in the future.
It wouldn't be secure to use your current seeds because an attacker with access to an xpub could derive all child keys.
I do think you need new seeds
Let's be clear:
1. The introduction of quantum resistant Bitcoin addresses does not require you to change your seeds.
2. If quantum computing does break some cryptography, then people may need to start creating and moving funds to new wallets.
The key word _may_ is because there are multiple layers of protection here.
Quantum computing is not magic, it has limitations and we don't yet know any theoretical way to break the different protections in Bitcoin.
Between a private key and a taproot address there is:
- RIPEMD-160 (A hashing function)
- SHA256 (Another hashing function)
- Secp256k1 (an Elliptic Curve Cryptography ECC function)
Possibly other functions too that are non reversible.
There is hashing: I've heard that sufficiently powerful quantum computers could potentially find collisions and "break" the hashing used in Bitcoin.
However, this does not mean you can REVERSE a hash. You might find the word "hello£+*" is a collision for your bitcoin address, that doesn't mean that "hello£+*" is your public key... Being able to find hash collisions doesn't mean being able to find collisions that are also valid public keys. Not only that, but if quantum broke one of the hashes (e.g. SHA256) doesn't mean it will break the other.
Now if these were broken completely, then an attacker could find your addresses public key, but not the private key behind that. You also always reveal the public key each time you spend anyway. This is one of the reasons why you should never reuse addresses.
Then we have the ECC algorithm. Again, I don't believe there is a theoretical way to break our specific algorithm, but there are theoretical ways to break many ECC algorithms so I think most people are talking about this when they say Bitcoin is not quantum resistant.
It is also mixed in between the hashes anyway so breaking just this doesn't allow a quantum computer to go from your public key to your master private key.
MAYBE it could reveal a specific address's private key, but not your other addresses.
Bitcoin is pretty quantum resistant and it's used of hashing is one of the main reasons. But if we had to overhaul everything because all of the functions were found to be completely broken and then we built a powerful enough quantum computer, then yes: you'd need to create a new wallet and move all your funds.
Thx a lot for this input!