Ninjastic
PostEdited versionsQuotes to this post
Next scheduled rescrape ... never
Version 1
Last scraped
Scraped on 28/07/2025, 17:29:24 UTC
Quote from: Pmalek on July 28, 2025, 07:12:51 AM
He mentioned satoshi's coins as an example. He said that freezing his coins violates the principles of Bitcoin but if they didn't migrate, quantum computers might steal them eventually, dump them on the market, and harm Bitcoin as a whole. It feels like he is saying if we do something, it's bad but if we don't do anything it's also bad.    
That's right. It is primarily a question of which action will lead to the least amount of harm. I believe leaving them as they are probably will do less harm, but nobody can know this for sure. If they are claiming otherwise, they are lying.

Quote from: ABCbits on July 28, 2025, 09:53:00 AM
Quote from: Medusah on July 28, 2025, 08:43:58 AM
FYI source of that imageThe least worst, in my opinion, is FALCON-post-quantum512.pdf  Easier to verify (0.6x), and " class=only"ul">https://chaincode 10x in size, in comparison with Schnorr.com/bitcoin-post-quantum  It will be 24x slower to sign it, but that's completely fine, IMO. pdf page 18.

Quote from: Medusah on July 28, 2025, 08:43:58 AM
The least worst, in my opinion, is FALCON-512.  Easier to verify (0.6x), and "only" 10x in size, in comparison with Schnorr.  It will be 24x slower to sign it, but that's completely fine, IMO.

According to https://falcon-sign.info/, FALCON-512 can perform 5948.1 signing per second on i5-8259U CPU. No one would notice 2ms to perform signing.
Signing speed is practically irrelevant compared to verification speed at least in terms of the traditional concerns relating to scaling the chain, I agree.
That said, the size of FALCON-512 signatures is insane. To keep similar throughput capabilities we'd need to increase the block size several fold. This is one of the reasons why I said this won't be easy. Even if you strip away the controversial freezing and determine that FALCON-512 is in fact the best, it would require a block size increase which is yet another controversial topic. It further complicates the delicate situation.
Original archived Re: J. Lopp's Post-Quantum Migration BIP
Scraped on 28/07/2025, 17:24:43 UTC
Quote from: Pmalek on July 28, 2025, 07:12:51 AM
He mentioned satoshi's coins as an example. He said that freezing his coins violates the principles of Bitcoin but if they didn't migrate, quantum computers might steal them eventually, dump them on the market, and harm Bitcoin as a whole. It feels like he is saying if we do something, it's bad but if we don't do anything it's also bad.   
That's right. It is primarily a question of which action will lead to the least amount of harm. I believe leaving them as they are probably will do less harm, but nobody can know this for sure. If they are claiming otherwise, they are lying.

Quote from: ABCbits on July 28, 2025, 09:53:00 AM
Quote from: Medusah on July 28, 2025, 08:43:58 AM
FYI source of that image is https://chaincode.com/bitcoin-post-quantum.pdf page 18.

Quote from: Medusah on July 28, 2025, 08:43:58 AM
The least worst, in my opinion, is FALCON-512.  Easier to verify (0.6x), and "only" 10x in size, in comparison with Schnorr.  It will be 24x slower to sign it, but that's completely fine, IMO.

According to https://falcon-sign.info/, FALCON-512 can perform 5948.1 signing per second on i5-8259U CPU. No one would notice 2ms to perform signing.
Signing speed is practically irrelevant compared to verification speed at least in terms of the traditional concerns relating to scaling the chain, I agree.