Quantum Resistance: Taking Proof Of Keys Day To The Next Level
When Satoshi Nakamoto mined the genesis block 13 years ago today, giving rise to the Bitcoin blockchain, he sparked a cryptographic revolution — you could store your wealth behind personal private keys.
Recognized every January 3, Proof Of Keys Day is an opportunity to reflect on that breakthrough by ensuring that you hold your private keys. In recent years, Bitcoiners have celebrated this day by taking their bitcoin off of exchanges.
At Casa, we help Bitcoiners take self custody of their keys, and we’ve found that some education is required to use this power effectively. This year, we’re taking Proof Of Keys Day a step further by calling out a threat on the horizon and explaining why we should act now to keep our keys as robust as ever. That threat is quantum computing.
What Is Quantum Computing?
You may have noticed that computers are a lot smaller than they used to be. This is the result of countless scientific breakthroughs, ranging from nanophysics to the chemistry of semiconductor materials. In quantum mechanics, we’re studying the world at the most granular level possible to unlock the potential of base materials and complex applications.
Quantum computing is where the fields of quantum mechanics and computer science meet. As our atomic and subatomic understandings grow, we apply this knowledge to create more powerful and efficient computers.
We are living in the Information Age. Those who wield the best technology will reap massive rewards in the years to come. It’s hard to envision the potential of quantum computing because we don’t know what we don’t know. Building a quantum computer is like trying your hand at alchemy or cold fusion — if you somehow manage to succeed, the payoff could be limitless.
What constitutes quantum computing is hard to describe comprehensively, but for the sake of argument, consider it a transcendental improvement to processing power, far bigger than 10 times or 100 times improvement. Quantum processing power is measured in qubits. It’s thought that certain types of Bitcoin addresses could become susceptible to attack at several thousand qubits, and the latest advanced model is around 125 qubits. So, while quantum computing isn’t a phenomenon we expect in the immediate future, it’s within a couple of orders of magnitude, which may not be very long in technological terms.
Peace Through Superior Firepower
Cryptography allows us to obscure information into a format that is practically impossible to guess or compute, and cryptography is what makes Bitcoin highly defensible. The software clients and wallets can change — the cryptography must remain intact.
Each Bitcoin address is generated with a private key, a number so cosmically huge that it’s difficult to comprehend. It’s like a lock with nearly infinite combinations. A malicious actor could try to guess your private key, but they would most likely die of old age trying.
Processing power is important from a game-theoretical perspective because computers continue to advance every year, as predicted with Moore’s law. Bitcoin only survives as long as the potential for a computational attack against public keys remains out of reach.
To date, no one has been able to accomplish such a feat, but this is not guaranteed to always be the case. Cryptographic algorithms do tend to get weakened and eventually cracked as our understanding of math and computing evolves.
Satoshi’s First Line Of Defense
Satoshi anticipated continued technological advancement to some extent. They included one safeguard to keep actors from overtaking the Bitcoin network with processing power alone: the difficulty adjustment. The algorithm self-regulates every 2,016 blocks, increasing or decreasing mining difficulty to keep the relative time for Bitcoin blocks at roughly every 10 minutes.
This dynamic feature was a must-have in Bitcoin’s early days when the network was at its most vulnerable and wild hash rate changes posed an existential threat. For the most part, the difficulty adjustment has encouraged those who briefly gain a computational advantage to use their power for good and mine bitcoin, rather than attack the network.
There is, however, the theoretical possibility of a massive computational breakthrough that imbues a corporation or nation state with a lopsided advantage over the network. To get an idea of the scale we’re talking about, consider how the development of the nuclear bomb tipped the scales of World War II. If an actor were to ever obtain such an advantage, they are heavily incentivized to deploy it right away, rather than watch it fade slowly over time.
Upgrades Will Be Necessary
If a quantum computing attack occurred, some network components would be more vulnerable than others. For instance, there’s often discussion about whether Satoshi’s coins — an amount estimated to be as high as 1.1 million bitcoin — will ever move. But the more alarming scenario could be if Satoshi’s coins were stolen.
Early Bitcoin addresses are weaker from a cryptographic standpoint. These addresses use a pay-to-public-key (P2PK) set up, meaning the actual public key can be found on the blockchain. A powerful enough quantum computer could potentially reverse engineer a private key from a public key and spend from the associated address. This means Satoshi’s coins could become “mineable” if the coins stay put for all eternity and quantum computing arrives.
Most addresses in recent years use a pay-to-public-key hash function, which provides another layer of cryptographic protection, but the scenario mentioned above illustrates how problematic the right kind of supercomputer can be. Attackers look for the weakest link as a point of entry.
Computation is competition. While the quantum computing threat is not something we expect to be worth worrying about for many years, it is better to be proactive rather than wait for it to come for us. Security is the science of staying ahead. The very act of wealth preservation is comprised of staving off the many attempts to steal it.
One immediate strategy for personal quantum resistance is to never reuse addresses. Once you spend from an address, you expose the address’ public key on-chain. By withholding your public keys, you make it harder for a quantum computer to eventually target you with reverse engineering. This is a tactic that you can use today.
Going forward, we Bitcoiners should engage in continual discussion on how to upgrade our cryptographic infrastructure to prepare for the rise of quantum computing because — let’s face it — we know it’s coming. The recently activated Taproot upgrade, which eschews the participation of multiple signatures behind a single one, is a good example of what can be accomplished if we put our minds together. We can harness the innovation of quantum computing for the good of Bitcoin.
Proof Of Keys Day is more than a one-day affair — it’s a way of life. As Bitcoiners, it’s up to prove our keys time and time again in the face of evolving threats. Cypherpunks write code and they never stop writing.
This is a guest post by Jameson Lopp. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.