-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
39 changed files
with
938 additions
and
192 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,7 +2,10 @@ | |
| <feed xmlns="http://www.w3.org/2005/Atom"> | ||
| <id>2</id> | ||
| <title>Combined summary - Trivial QC signatures with clean upgrade path</title> | ||
| <updated>2024-12-17T02:42:18.292978+00:00</updated> | ||
| <updated>2024-12-18T02:35:22.056646+00:00</updated> | ||
| <author> | ||
| <name>conduition 2024-12-17 05:31:00+00:00</name> | ||
| </author> | ||
| <author> | ||
| <name>Tadge Dryja 2024-12-16 22:20:00+00:00</name> | ||
| </author> | ||
|
|
@@ -24,6 +27,7 @@ | |
| <author> | ||
| <name>Matt Corallo 2024-12-15 21:42:00+00:00</name> | ||
| </author> | ||
| <link href="bitcoin-dev/Dec_2024/m17b51feb89a85ea944705900739874eb85027d69_Trivial-QC-signatures-with-clean-upgrade-path.xml" rel="alternate"/> | ||
| <link href="bitcoin-dev/Dec_2024/m4d5314c4692131d216b6d092573dbd74779127db_Trivial-QC-signatures-with-clean-upgrade-path.xml" rel="alternate"/> | ||
| <link href="bitcoin-dev/Dec_2024/maf2e70422643415fbcee141dd40bd9e95327ab24_Trivial-QC-signatures-with-clean-upgrade-path.xml" rel="alternate"/> | ||
| <link href="bitcoin-dev/Dec_2024/mc09bb86d5768d280244426776942837effcafce7_Trivial-QC-signatures-with-clean-upgrade-path.xml" rel="alternate"/> | ||
|
|
@@ -35,15 +39,19 @@ | |
| <entry> | ||
| <id>2</id> | ||
| <title>Combined summary - Trivial QC signatures with clean upgrade path</title> | ||
| <updated>2024-12-17T02:42:18.293046+00:00</updated> | ||
| <updated>2024-12-18T02:35:22.056715+00:00</updated> | ||
| <link href="https://gnusha.org/pi/bitcoindev/[email protected]/T/#m8c9407a48d3358be40fb94ab512c3e72b95e17cc" rel="alternate"/> | ||
| <summary>The discourse among Bitcoin developers regarding the integration of post-quantum cryptography (PQC) mechanisms into Bitcoin's protocol emphasizes a proactive but cautious approach to enhancing the network's resilience against potential quantum computing threats. There is an acknowledgment of the theoretical possibility that quantum computers could, in the future, compromise current cryptographic standards, including those underpinning Bitcoin. However, this eventuality is tempered by the understanding that such technological advancements might either not materialize within the anticipated timeframe or provide sufficient advance warning for countermeasures due to their significant resource requirements. | ||
| <summary>The discourse among Bitcoin developers and enthusiasts centers around the pressing need to address potential quantum computing (QC) threats to Bitcoin's cryptographic foundations. Matt Corallo's contributions underline the urgency of devising mechanisms to protect Bitcoin against such futuristic challenges by proposing a post-quantum (PQ) fallback key. This approach hinges on the delicate balance between preemptive action and the risk of premature commitment to specific cryptographic upgrades that may turn out to be unnecessary if QC advancements lag behind expectations. Corallo advocates for a consensus-level proof of quantum computer (PoQC) as a strategic measure to mitigate the impact of quantum-enabled forks, suggesting a forward-looking stance that aims to secure the network against QC breaches without triggering undue disruptions in the interim. | ||
|
|
||
| In parallel, dialogues involving Tadge Dryja and Anthony Towns delve into the pragmatic aspects of integrating post-quantum cryptography (PQC) within Bitcoin wallets. This preventive strategy emphasizes the wisdom of early adoption to shield funds from quantum vulnerabilities, leveraging the speculated timeframe before QC becomes a palpable threat. The conversation acknowledges the speculative nature of future QC capabilities while advocating for flexibility in PQC implementation, highlighting the nuanced debate over the readiness and resilience of Bitcoin's security measures in the face of quantum advancements. | ||
|
|
||
| Further discussions explore the technical and operational complexities of adopting "OP_SPHINCS" signatures, focusing on their implications for transaction efficiency due to their sizable footprint. This scenario prompts considerations for alternative cryptographic solutions or adjustments to Bitcoin's block size to accommodate the heftier signatures. The dialogue also raises concerns about the risks associated with early adoption, including insider threats and the potential for large-scale disruption to unspent transaction outputs (UTXOs), emphasizing a cautious approach toward any pre-emptive integration of quantum-resistant cryptographic methods. | ||
|
|
||
| Developers are considering hash-based signatures, particularly SPHINCS and SPHINCS+, as the most reliable candidates for ensuring Bitcoin's security in a post-quantum computing era. This preference stems from the limitations and uncertainties surrounding other post-quantum cryptographic assumptions, such as lattices and supersingular elliptic curve isogeny, which may be vulnerable to obsolescence through future cryptographic discoveries. The dialogue underscores the impracticality of delaying action until the addition of new opcodes, like OP_CAT, given their entanglement with complex and unresolved issues, including miner extractable value (MEV) concerns and broader questions about Bitcoin's developmental trajectory. | ||
| Another dimension of the discourse touches on the strategic development decisions pertaining to Bitcoin's script opcodes and the integration of quantum-resistant algorithms. The emphasis here is on avoiding delays caused by protracted debates over opcode additions, alongside highlighting the importance of wallet developers initiating the integration of dedicated opcodes to facilitate smoother transitions toward quantum resistance. This perspective underscores the proactive measures needed within the Bitcoin community to navigate the operational challenges posed by quantum computing, stressing the vital role of forward-thinking strategies in maintaining the network's security and functionality. | ||
|
|
||
| A notable proposal within these discussions involves leveraging the taproot upgrade to establish a secure mechanism against quantum attacks without necessitating immediate changes from wallet developers or users. By introducing a new opcode for verifying post-quantum signatures that are not one-time use, alongside the soft-fork deactivation of key-path taproot spends in favor of quantum-secure alternatives, the network could theoretically safeguard itself against quantum decryption capabilities. However, this solution also raises critical considerations around the potential confiscation of non-upgraded funds following the advent of quantum computing technology. To address these risks, suggestions include either an explicit opt-in requirement for the new scheme or permitting key-path spends for wallets that verify their script-path as a Nothing-Up-My-Sleeve (NUMS) point, each with its own set of trade-offs related to on-chain visibility and the adaptability of existing wallet infrastructures. | ||
| Matt Corallo further elaborates on the potential activation of OP_CAT in Bitcoin as a flexible solution for experimenting with PQ signature algorithms, illustrating a pathway for incremental advancements towards quantum resistance. This approach accommodates the exploration of various PQ solutions in pursuit of a long-term standard, marking a critical step in preparing Bitcoin for the quantum era. However, the discussion also acknowledges the limitations of current PQ proposals, particularly regarding Pay-to-Taproot (P2TR) addresses, and suggests modifications to ensure comprehensive post-quantum security across different transaction types. | ||
|
|
||
| Further examination extends to the implications of quantum computing on Bitcoin's proof-of-work (PoW) framework, proposing adjustments to the PoW hash function as a means to mitigate the impact of quantum-enhanced mining capabilities. These reflections, while speculative, highlight the broader challenges and strategic considerations faced by the Bitcoin community in preserving the network's integrity and security in the face of advancing quantum technologies.</summary> | ||
| <published>2024-12-16T22:20:00+00:00</published> | ||
| Lastly, the overview touches upon an update concerning the post-quantum cryptography script path in Bitcoin, which aims to bolster the network's defenses against QC without necessitating immediate soft fork commitments. This initiative highlights the ongoing efforts within the Bitcoin developer community to adapt to emerging technological threats while ensuring the robustness and longevity of the cryptocurrency ecosystem amidst the uncertainties surrounding quantum computing developments.</summary> | ||
| <published>2024-12-17T05:31:00+00:00</published> | ||
| </entry> | ||
| </feed> | ||
24 changes: 24 additions & 0 deletions
24
...7b51feb89a85ea944705900739874eb85027d69_Trivial-QC-signatures-with-clean-upgrade-path.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| <?xml version='1.0' encoding='UTF-8'?> | ||
| <feed xmlns="http://www.w3.org/2005/Atom"> | ||
| <id>1</id> | ||
| <title>Trivial QC signatures with clean upgrade path</title> | ||
| <updated>2024-12-18T02:35:02.184641+00:00</updated> | ||
| <author> | ||
| <name>conduition 2024-12-17 05:31:00+00:00</name> | ||
| </author> | ||
| <generator uri="https://lkiesow.github.io/python-feedgen" version="0.9.0">python-feedgen</generator> | ||
| <entry> | ||
| <id>1</id> | ||
| <title>Trivial QC signatures with clean upgrade path</title> | ||
| <updated>2024-12-18T02:35:02.184674+00:00</updated> | ||
| <link href="https://gnusha.org/pi/bitcoindev/[email protected]/T/#m17b51feb89a85ea944705900739874eb85027d69" rel="alternate"/> | ||
| <summary>In a recent exchange on the Bitcoin Development Mailing List, contributors discussed several innovative ideas to enhance Bitcoin's security in anticipation of potential quantum computing threats. One proposal highlighted was an alternative to the DASK idea, suggesting the integration of Winternitz one-time signature algorithms (WOTS) for a more gradual transition into post-quantum (PQ) cryptography. This approach offers flexibility, as it allows for the certification of public keys from future signature algorithms, potentially not yet developed. The simplicity and minimal space requirements of WOTS signatures make them appealing for immediate standardization and easy implementation within wallets. Utilizing WOTS as a first layer of certification before committing to a more complex second-layer signing algorithm like SPHINCS is suggested to give researchers and developers ample time to adapt. | ||
|
|
||
| The discussion also touched upon the concept of Proof of Quantum Capability (PoQC), which relies on the existence of a cooperative quantum computer (QC) to trigger a soft-fork for PQ upgrades. However, this method was critiqued for its impracticality and risk, as malicious QCs might avoid actions that would lead to such upgrades. This conversation led to the consensus that while PoQC could serve as an additional mechanism to signal the necessity for a PQ upgrade, the community should also be prepared for manual activation to ensure readiness against quantum threats. | ||
|
|
||
| Moreover, the challenge of maintaining BIP32 compatibility in a post-quantum world was examined. It was noted that any upgrade path would likely necessitate the end of traditional BIP32 extended public keys (xpubs) due to their vulnerability to quantum attacks. Proposals for new standards or modifications to BIP32 were suggested, including a 'wrapper' for xpubs incorporating the OP_SUCCESS script's tap leaf hash or altering the chain code within xpubs to include this hash. These ideas aim at preserving some level of backward compatibility while securing Bitcoin transactions against future quantum computing capabilities. | ||
|
|
||
| Overall, these discussions underscore the proactive measures being considered by the Bitcoin development community to safeguard the network against emerging quantum computing technologies. By exploring various cryptographic and strategic solutions, contributors are laying the groundwork for a secure transition to post-quantum cryptography, ensuring the longevity and resilience of Bitcoin.</summary> | ||
| <published>2024-12-17T05:31:00+00:00</published> | ||
| </entry> | ||
| </feed> |
24 changes: 24 additions & 0 deletions
24
...ec_2024/mc0ee57c9af3867490c1cc9fbe0b4187b6b441863_TRUC-and-P2A-for-CTV-fee-management.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| <?xml version='1.0' encoding='UTF-8'?> | ||
| <feed xmlns="http://www.w3.org/2005/Atom"> | ||
| <id>0</id> | ||
| <title>TRUC and P2A for CTV fee management</title> | ||
| <updated>2024-12-18T02:35:33.655016+00:00</updated> | ||
| <author> | ||
| <name>stutxo 2024-12-18 00:25:00+00:00</name> | ||
| </author> | ||
| <generator uri="https://lkiesow.github.io/python-feedgen" version="0.9.0">python-feedgen</generator> | ||
| <entry> | ||
| <id>0</id> | ||
| <title>TRUC and P2A for CTV fee management</title> | ||
| <updated>2024-12-18T02:35:33.655042+00:00</updated> | ||
| <link href="https://gnusha.org/pi/bitcoindev/[email protected]/T/#u#mc0ee57c9af3867490c1cc9fbe0b4187b6b441863" rel="alternate"/> | ||
| <summary>In exploring the nuances of OP_CTV (operational code for "securethebag"), a particular focus has been placed on the challenges presented by transaction fees. The issue at hand is that the precommitment to a specific tree of outputs and inputs, as necessitated by OP_CTV, eliminates the possibility of using Replace-By-Fee (RBF) to adjust fee rates for unvaulting transactions dynamically. This limitation is notably discussed in the context of long-term coin vaulting, where the unpredictability of the fee market could pose significant issues. | ||
|
|
||
| Jamesob's work on a simple CTV vault highlights the sensitivity of the unvault process to fluctuations in the fee market, underscoring the intrinsic constraints of OP_CTV in adapting to these changes post-commitment. Rustyrussell's commentary on nostr further elaborates on these concerns, suggesting optimized sponsors as a potential solution to the fee addition dilemma without encouraging miner centralization. | ||
|
|
||
| With the introduction of v3 transactions in Bitcoin 28.0, new strategies have been enabled that promise to address these fee-related challenges. Specifically, the ability to bump fees using Child Pays For Parent (CPFP) on an anchor output, provided there's an output for 240 sats paying to a P2A address, offers a workaround to the fee adjustment issue inherent in OP_CTV transactions. Demonstrative examples of this method include a CTV spend transaction with zero fees and a subsequent P2A CPFP transaction to adjust fees, both conducted on Signet. | ||
|
|
||
| These developments suggest a pathway towards mitigating the fee market sensitivity of OP_CTV transactions through innovative use of Bitcoin's evolving transaction framework. However, questions remain regarding the broader applicability and potential downsides of this approach within the context of most CTV script spends, inviting further exploration and discussion among developers and practitioners in the field.</summary> | ||
| <published>2024-12-18T00:25:00+00:00</published> | ||
| </entry> | ||
| </feed> |
Oops, something went wrong.