Quick Summary
On May 1, Dan Robinson, a general partner at Paradigm, introduced a new concept called Provable Address-Control Timestamps (PACTs). This system aims to help dormant Bitcoin holders, including those linked to Satoshi Nakamoto, protect their coins from potential quantum computer attacks. PACTs enable users to privately prove ownership of their Bitcoin keys ahead of any quantum-related protocol changes, without exposing their keys or making public transactions.
Key Points
- PACTs rely on a three-step process involving a secret salt, a BIP-322 ownership proof, and an OpenTimestamps commitment anchored on the Bitcoin blockchain, all performed off-chain.
- The mechanism is designed to work alongside a potential future "quantum sunset" soft fork, allowing holders to reclaim coins using zero-knowledge proofs without revealing private keys.
- Robinson highlights the dilemma faced by early Bitcoin holders: revealing keys during a forced migration would publicly confirm their possession and existence.
- Approximately 1.7 million BTC remain in addresses vulnerable to quantum attacks, including wallets attributed to Satoshi Nakamoto, representing tens of billions of dollars.
- The proposal builds on existing ideas like BIP-361, which suggests freezing coins in legacy addresses if not migrated, but PACTs offer a less intrusive alternative.
- Further development is needed to support multisignature wallets, complex scripts, and hardware wallets within this framework.
Context
Bitcoin’s security model currently relies on cryptographic algorithms that could be compromised by sufficiently powerful quantum computers. This raises concerns about the safety of coins held in addresses with exposed public keys, especially those that have remained dormant for years.
As the quantum threat grows more tangible, the Bitcoin community is debating how to respond. One approach, represented by BIP-361, proposes a "quantum sunset" soft fork that would freeze coins in vulnerable addresses unless owners migrate them. However, this could force dormant holders to publicly reveal their keys and activity, which may not be desirable.
PACTs offer a potential middle ground by enabling holders to silently timestamp proof of ownership well before any quantum-related protocol changes take effect. This could allow a smoother, more private transition if quantum computers become capable of breaking Bitcoin’s current cryptography.
Recent discussions at industry events, such as Paris Blockchain Week, have highlighted differing views on quantum upgrades. Some experts advocate for optional, opt-in quantum-resistant features rather than mandatory wallet freezes, reflecting ongoing uncertainty about the best path forward.
My Take
The PACTs proposal is an intriguing attempt to address a complex and speculative risk. While quantum computers with the capability to break Bitcoin’s cryptography are not yet a reality, planning ahead for such scenarios is prudent given the value at stake.
However, the effectiveness of PACTs depends on broader adoption and standardization within the Bitcoin ecosystem, including support for various wallet types and scripts. Additionally, the timeline and likelihood of a quantum sunset soft fork remain uncertain, which means PACTs may or may not become necessary.
Overall, PACTs represent a thoughtful contribution to the ongoing dialogue about Bitcoin’s long-term security posture. Stakeholders should consider such proposals carefully but remain mindful of the current limitations and open questions surrounding quantum threats.
What to Watch Next
- Development progress on PACTs, especially regarding multisig and hardware wallet compatibility.
- Community and developer discussions about implementing a quantum sunset soft fork or alternative quantum-resistant upgrades.
- Advances in quantum computing that might influence the urgency of Bitcoin’s quantum security measures.
- Responses from key Bitcoin ecosystem players, including wallet providers and protocol developers, to proposals like PACTs and BIP-361.
- Ongoing analysis of dormant Bitcoin wallets exposed to quantum risks and potential strategies for their protection.