Cypherpunk Jameson Lopp and five co-authors from the Bitcoin quantum security space have proposed freezing quantum-vulnerable coins on the Bitcoin network, including Satoshiโs $74 billion stash, to prevent them from being stolen once quantum computers become available.
The move is the second part of a three-stage proposal under BIP-361 called the โPost Quantum Migration and Legacy Signature Sunset,โ which was posted as a draft to GitHub on Tuesday.
It addresses a major risk to Bitcoin โ the potential use of quantum computers to steal roughly 1.7 million BTC locked in early P2PK addresses, including Satoshiโs stash, which are not quantum-proof.ย
In the wrong hands, these coins could significantly undermine the value of the network.ย
Three phases to quantum securityย
BIP-361 builds on BIP-360, released in February, which proposed a soft fork for a new output type called pay-to-Merkle-root (P2MR). It works similarly to Bitcoinโs existing Taproot (P2TR) addresses but with the quantum-vulnerable key path removed.ย
While BIP-360 protects new coins going forward, it does not address the roughly 34% of the supply that remains vulnerable unless it is transferred to new addresses.ย
BIP-361 proposes that three years after activation, phase A of the proposal would prevent any new BTC from being sent to old-style addresses, with all users on quantum-resistant address types.
The second phase (B) would invalidate old-style signatures and any Bitcoin still sitting in vulnerable addresses becomes effectively frozen five years after activation.ย
Related: Bitcoin can be made quantum-safe without protocol upgrade: Researcher
Phase C provides a potential rescue mechanism using zero-knowledge proofs, allowing people who missed the deadline but still have their seed phrase to recover frozen funds.
The authors described it as a โprivate incentive to upgradeโ because lost or frozen coins only make everyone elseโs coins worth slightly more, whereas quantum-recovered coins make everyone elseโs worth less.
โThis is not an offensive attack, rather, it is defensive: our thesis is that the Bitcoin ecosystem wishes to defend itself and its interests against those who would prefer to do nothing and allow a malicious actor to destroy both value and trust.โ
Bitcoin community pushes backย
However, the proposal would render some existing UTXOs unspendable by their owners if they fail to upgrade, which some have seen as a significant philosophical departure from Bitcoinโs ethos.ย
Bitcoin protocol developer and researcher Mark Erhardt, who shared BIP-361 on X on Tuesday, was met with community pushback and comments such as โthis quantum proposal is highly authoritarian and confiscatory โฆ there is no good rationale for forcing the upgrade and rendering old spends invalid.โ
Bitcoin Magazine editor Brian Trollz rejected the proposal outright, TFTC founder Marty Bent called it โlaughable,โ and Phil Geiger, head of business development at Metaplanet, quipped, โWe have to steal peopleโs money to prevent their money from being stolen.โย
Cointelegraph reached out to Lopp for comments, but did not get an immediate response.
Magazine: Nobody knows if quantum-secure cryptography will even work
