Bitcoin Developers Pursue Quantum Defenses, Potentially at a Cost to Coin Owners

The promise of Bitcoin has always been that no entity can access or control your coins without your private key. However, this fundamental principle is now being challenged by Bitcoin developers themselves as they attempt to bolster defenses against potential quantum computer threats. A recent update to the Bitcoin Improvement Proposal (BIP)-361 outlines a plan that could lead to the forced migration of coins to quantum-resistant addresses, with those who do not comply facing the possibility of having their coins frozen by the network. This move is part of a broader effort to protect the Bitcoin blockchain from the risks posed by sufficiently powerful quantum machines, which could potentially compromise the security of the blockchain and allow for the theft of coins. The proposal, put forth by Jameson Loop and other cryptographers, aims to address the vulnerability of Bitcoin wallets to quantum attacks by transitioning to quantum-resistant addresses. Every Bitcoin wallet is secured using the Elliptic Curve Digital Signature algorithm (ECDSA), a form of cryptography that generates a private key and a public key. The public key is visible on the blockchain whenever a transaction is made, and a powerful enough quantum computer could use this information to reverse-engineer the private key, thereby gaining access to the associated funds. According to a Google study, approximately 6.7 million BTC were in vulnerable addresses as of March. The BIP-361 proposal builds upon a previous proposal, BIP-360, which introduced a new transaction type called pay-to-Merkle-root (P2MR) as part of a soft fork designed to enhance security. The migration process outlined in BIP-361 is structured into three phases. Phase A would prevent new bitcoin from being sent to old, quantum-vulnerable addresses, although spending from these addresses would still be possible. Phase B would render old-style signatures invalid, effectively freezing coins in quantum-vulnerable wallets. Phase C, which is still in the research phase, proposes a potential rescue mechanism using zero-knowledge proofs, allowing holders of frozen wallets to prove ownership without revealing their private keys, potentially recovering their coins. This proposal has sparked significant backlash within the Bitcoin community, with many arguing that the idea of freezing coins contradicts one of Bitcoin's core principles: the sovereign, permissionless control over one's funds. Critics view the proposal as overly authoritarian and coercive, arguing that any upgrades should be voluntary. In response, developers have framed the proposal as a defensive measure necessary to protect the Bitcoin ecosystem from the potential destruction caused by quantum attacks.