Do we also have a plan how we will switch the old addresses to the secure addresses? Transfer the coins?
Let's assume these guys
Pollard's kangaroo ECDLP solver have a very very fast computer and can calculate ECC private keys in the 2^256 range and demonstrate it and reassure us. How would we proceed?
I assume we proceed the same way any other soon-to-be-obsolete cryptography algorithm is usually replaced.
- It starts with hardware starting to catch up and algorithms becoming faster while both still be a some years away from actually breaking anything.
- The next step is finding a replacement algorithm and implementing it.
- Then I suppose it depends on the new algorithm. For example if we still use the same secp256k1 curve then it could possibly be done using a soft fork where we only replace ECDSA while nobody would have to move their coins. But if the curve is also changed then we need a transition period with a hard fork when people have to move their coins to outputs created using the new algorithm.