Ninjastic
PostEdited versionsQuotes to this post
Next scheduled rescrape ... never
Version 1
Last scraped
Scraped on 18/07/2025, 16:35:51 UTC
Quote from: d5000 on July 17, 2025, 04:36:19 AM
Quote from: Satofan44 on July 17, 2025, 12:20:12 AM
The proposal has one good argument that I have not considered before. If you have a working quantum computer that can compromise addresses that have been reused, the best course of action is to not do anything and continue to farm private keys. A silent attack.
I think the incentives do not align perfectly with that strategy if there are multiple possible attackers. First, another quantum hacker could try to hack the same keys but with the alternative strategy to empty the addresses as early as possible. The "silent" hacker's effort would be then in vain. Of course he could monitor the mempool, but his double spend attacks will have a success rate of less then 1, so there will be always effort wasted.

Second, if the "silent" hacker manages really to hack a large number of keys it is very obvious that there was an attack and the price would probably tank, leaving the hacker with less ROI. In contrast, if an attacker targets old P2PK coins then it's possible that a few of these attacks will have no impact in the price because nobody knows there was an attack. And if someone claims coins were stolen, there's always the possibility they were stolen with other techniques, obtaining private keys, exploiting bad RNG etc.
It is correct, this is not going to happen if there are multiple possible attackers. However, if you are the first one and nobody is able to do this then this is the right thing to do. The first few addresses that are compromised this way will send a panic wave and stir up stuff to the point of attack discovery. Since a quantum computer can only attack addresses which are reused, a pattern will emerge quickly.


Quote from: d5000 on July 17, 2025, 04:36:19 AM
Anyway, having re-used cold storage addresses should be a no-go even in 2025 already. An interesting measure would be to convince all wallet programmers to implement massive warnings for address re-usage, mentioning the possible quantum threat. Possibly this would bring the number of vulnerable coins down to Satoshi's and some other (probably lost) old miners' coins.
It is correct, this is not goingThis would help. Without intending to happen if there, some wallets that are multiple possible attackerslimited in user features actually end up doing this. However, ifIn some of them you arecan only generate the first onenext unused BTC address and nobodyit is ablevery difficult or even impossible to do this then this is the right thing to do. The first fewsee previous addresses that are compromised this way will send a panic wave and stir up stuff to the point of attack discovery. Since a quantum computer can only attack addresses which are reused, a pattern will emerge quickly.
Original archived Re: Quantum Computing and Satoshi's Bitcoins
Scraped on 18/07/2025, 16:31:14 UTC
Quote from: d5000 on July 17, 2025, 04:36:19 AM
Quote from: Satofan44 on July 17, 2025, 12:20:12 AM
The proposal has one good argument that I have not considered before. If you have a working quantum computer that can compromise addresses that have been reused, the best course of action is to not do anything and continue to farm private keys. A silent attack.
I think the incentives do not align perfectly with that strategy if there are multiple possible attackers. First, another quantum hacker could try to hack the same keys but with the alternative strategy to empty the addresses as early as possible. The "silent" hacker's effort would be then in vain. Of course he could monitor the mempool, but his double spend attacks will have a success rate of less then 1, so there will be always effort wasted.

Second, if the "silent" hacker manages really to hack a large number of keys it is very obvious that there was an attack and the price would probably tank, leaving the hacker with less ROI. In contrast, if an attacker targets old P2PK coins then it's possible that a few of these attacks will have no impact in the price because nobody knows there was an attack. And if someone claims coins were stolen, there's always the possibility they were stolen with other techniques, obtaining private keys, exploiting bad RNG etc.

Anyway, having re-used cold storage addresses should be a no-go even in 2025 already. An interesting measure would be to convince all wallet programmers to implement massive warnings for address re-usage, mentioning the possible quantum threat. Possibly this would bring the number of vulnerable coins down to Satoshi's and some other (probably lost) old miners' coins.
It is correct, this is not going to happen if there are multiple possible attackers. However, if you are the first one and nobody is able to do this then this is the right thing to do. The first few addresses that are compromised this way will send a panic wave and stir up stuff to the point of attack discovery. Since a quantum computer can only attack addresses which are reused, a pattern will emerge quickly.