Bitcoiners propose freezing quantum-vulnerable coins in BIP-361

The authors described it as a “private incentive to upgrade” because lost or frozen coins will make everyone else’s coins worth slightly more.

Cypherpunk Jameson Lopp and five co-authors from the Bitcoin quantum security space have proposed freezing quantum-vulnerable coins on the Bitcoin network, including Satoshi’s $74 billion stash, to prevent them from being stolen once quantum computers become available.

The move is the second part of a three-stage proposal under BIP-361 called the “Post Quantum Migration and Legacy Signature Sunset,” which was posted as a draft to GitHub on Tuesday.

It addresses a major risk to Bitcoin — the potential use of quantum computers to steal roughly 1.7 million BTC locked in early P2PK addresses, including Satoshi’s stash, which are not quantum-proof. 

In the wrong hands, these coins could significantly undermine the value of the network. 

BIP-361 builds on BIP-360, released in February, which proposed a soft fork for a new output type called pay-to-Merkle-root (P2MR). It works similarly to Bitcoin’s existing Taproot (P2TR) addresses but with the quantum-vulnerable key path removed. 

While BIP-360 protects new coins going forward, it does not address the roughly 34% of the supply that remains vulnerable unless it is transferred to new addresses. 

BIP-361 proposes that three years after activation, phase A of the proposal would prevent any new BTC from being sent to old-style addresses, with all users on quantum-resistant address types.

The second phase (B) would invalidate old-style signatures and any Bitcoin still sitting in vulnerable addresses becomes effectively frozen five years after activation. 

Related: Bitcoin can be made quantum-safe without protocol upgrade: Researcher

Phase C provides a potential rescue mechanism using zero-knowledge proofs, allowing people who missed the deadline but still have their seed phrase to recover frozen funds.

The authors described it as a “private incentive to upgrade” because lost or frozen coins only make everyone else’s coins worth slightly more, whereas quantum-recovered coins make everyone else’s worth less.

However, the proposal would render some existing UTXOs unspendable by their owners if they fail to upgrade, which some have seen as a significant philosophical departure from Bitcoin’s ethos. 

Bitcoin protocol developer and researcher Mark Erhardt, who shared BIP-361 on X on Tuesday, was met with community pushback and comments such as “this quantum proposal is highly authoritarian and confiscatory … there is no good rationale for forcing the upgrade and rendering old spends invalid.”

Bitcoin Magazine editor Brian Trollz rejected the proposal outright, TFTC founder Marty Bent called it “laughable,” and Phil Geiger, head of business development at Metaplanet, quipped, “We have to steal people’s money to prevent their money from being stolen.” 

Cointelegraph reached out to Lopp for comments, but did not get an immediate response.

Magazine: Nobody knows if quantum-secure cryptography will even work

Source: CoinTelegraph