We are also using SHA-256 and RIPEMD-160 hashes to protect our balances. So even ECDSA is broken our balances can be safe and then ECDSA replaced.
Pray tell how you will replace ECDSA when the coins are already assigned to keys for it? (and when everyone and their sister constantly reuses addresses). A compromise of CT would mean that it was feasible to find discrete logs in this group, with that, anyone who learned your public key could recover your private key. There are scenarios where the hashing, absent any address reuse, helps (e.g. say the discrete log finding takes weeks)--
but it's important to not exaggerate the gains.But indeed it isn't the ~quite~ same.
It's perfectly possible to construct schemes for private values which are unconditionally sound; meaning that there is no cryptographic assumption behind their inflation resistance, and a cryptographic break would only result in a loss of privacy. I had previously thought that it was necessarily the case that any such scheme would have to be less efficient; but I have since realized my original reasoning for that was incorrect; though I do not (yet) know of a way to construct an unconditionally sound scheme which is anywhere near as efficient as CT; but finding one is on my TODO list (though it falls below other improvements for CT privacy and network security that I'm working on).
I do not know :-), but maybe in case that ECDSA is broken we can split transacion into 2 part.
1. broadcast transaction without public key (I do not know how to prevent from spaming)
2. and then confirm transaction by broadcasting public key few blocks later.