There’s a Way to Make Bitcoin Safe From Quantum Without a Fork, Researchers Say

Bitcoin transactions could beryllium made resistant to aboriginal quantum attacks without changing the network’s halfway protocol, according to a connection from StarkWare researcher Avihu Mordechai Levy.

In a recent paper, Levy describes a “Quantum-Safe Bitcoin” transaction strategy designed to stay unafraid adjacent if quantum computers interruption the elliptic-curve cryptography utilized today. The method works wrong Bitcoin’s existing scripting rules and would not necessitate a brushed fork oregon different web upgrade.

“We contiguous QSB, a Quantum Safe Bitcoin transaction strategy that requires nary changes to the Bitcoin protocol and remains unafraid adjacent successful the beingness of Shor's algorithm,” Levy wrote.

The connection replaces elliptic-curve signatures with hash-based cryptography and Lamport signatures, an aboriginal signature strategy considered resistant to quantum attacks.

“Since Lamport signatures are post-quantum secure, and they motion a cryptographically beardown identifier of the transaction, it is not imaginable to modify the transaction without producing a caller Lamport signature—which the attacker cannot forge, adjacent with quantum computing capabilities,” Levy wrote.

At the halfway of the plan is simply a cryptographic puzzle that indispensable beryllium solved earlier a transaction is broadcast. The insubstantial estimates that uncovering a valid solution would necessitate astir 70 trillion attempts.

Unlike Bitcoin mining, the computation happens earlier the transaction reaches the network. Users execute the enactment off-chain and taxable a transaction that already includes impervious that the puzzle was solved.

Levy estimates the puzzle could beryllium solved utilizing commodity hardware specified arsenic GPUs astatine a outgo of a fewer 100 dollars per transaction.

The strategy is designed to run wrong Bitcoin’s scripting limits of 201 opcodes and 10,000 bytes. The insubstantial notes these limits are highly restrictive due to the fact that each opcode counts toward the total, adjacent if it appears successful an unused publication branch.

To acceptable wrong those limits, the strategy combines Lamport signatures with hash-based puzzles successful a layered transaction structure. It besides introduces “transaction pinning,” which requires anyone attempting to modify the transaction to lick the puzzle again.

Levy describes the strategy arsenic a “last-resort” measurement alternatively than a scalable fix. The insubstantial says some the off-chain computational outgo and the on-chain transaction size would not standard to Bitcoin’s people throughput oregon the needs of astir users.

Transaction instauration is besides much analyzable than modular Bitcoin usage, and whitethorn beryllium considered non-standard nether existent relay policies, meaning they could look propagation issues and whitethorn request to beryllium submitted straight to mining pools alternatively than broadcast done the nationalist mempool.

The connection besides carries information trade-offs. While it avoids attacks based connected Shor’s algorithm that endanger elliptic-curve signatures, Grover’s algorithm could inactive supply a quadratic speedup for quantum attackers.

“To the grade that the quantum menace is believed to beryllium real, it remains indispensable to proceed the ongoing effort to probe and instrumentality the champion imaginable solution for Bitcoin–one that is maximally efficient, user-friendly, and answers Bitcoin's needs, done protocol-level changes,” Levy wrote.

Levy’s insubstantial joins respective proposals that person emerged outlining however Bitcoin could modulation to quantum-resistant cryptography, including BIP-360, which introduces a Pay-to-Merkle-Root code format designed to enactment quantum-safe signatures.

While the quantum menace to Bitcoin remains theoretical, companies including Google and Cloudflare are already preparing for it, mounting a 2029 deadline to modulation their systems to post-quantum.