The thing that supposedly sets Bitcoin apart from other cryptocurrencies is that it's deflationary and 'immutable', in that Satoshi is gone forever and any deviation of Bitcoin from his golden idea will result in undermining its essence. If Bitcoin can get quantum-attacked then, from a technical point of view, nothing will be lost. The Bitcoin core devs can issue a word-of-god statement stating that they'll roll back the chain to before the attack, and all is well. Then they'll change the cryptography. But at that point, is it still Bitcoin? Because you've undermined the immutability. If the core devs can just say "this core property of Bitcoin is now something completely different", who's to say that they won't change their minds about the deflationary nature in the future? All credibility will be lost. Now, if you accept that, is perhaps all credibility lost already? ...
> The Bitcoin core devs can issue a word-of-god statement stating that they'll roll back the chain to before the attack, and all is well. Then they'll change the cryptography.
That doesn't work, because once the signature scheme has been broken, nobody can prove that their coins are theirs. No roll back or word-of-god would help.
The only way to make bitcoin quantum-safe, is to introduce a quantum safe signature scheme, to encourage everyone to move their coins and to somehow accept that those who don't are not longer in control of their coins.
Bitcoin has had significant protocol upgrades before, including the highly divisive segwit. IMO immutability is a non-issue, there's plenty of evidence that Satoshi generally agreed that consensus via the longest chain (most PoW) wins.
Thus, upgrading the protocol/code to change the encryption to something quantum-resistant should be no more controversial a change than segwit. The community has already answered the "is it still Bitcoin". Yes it is, protocol and code is free to change given longest-chain consensus.
The problem will be what to do with legacy addresses. Never before have issued coins been forcibly deleted by a BIP. It could turn out that legacy addresses (including Satoshi's) that fail to have their coins moved after a deadline must be considered compromised and burned/destroyed. That has no precedent with bitcoin, although it does with ETH.
Anyone know if there's a way out that doesn't require this? Obviously there's no way to ensure all legacy address coins are moved by the deadline.
I looked into it and the currently leading proposal: Hourglass v2 is pretty clever. Once 'Hourglass' is enabled, the rate at which legacy (P2PK) coins can be spent is (proposed to be) capped at 1btc / block. Thus they will not be burned, but the rate at which they can be stolen/compromised will be limited such that the economic impact is at most about 1/3 the block reward.
This gives holders of those old addresses the maximum amount of time to move their coins to more modern addresses and still the ability to move some coins after the deadline. If legacy keys are compromised in bulk, IE access to sufficiently powerful quantum computing is rapid and widespread, then there will be high competition via the existing txn fee bidding process for that 1btc/block slot. Thus most of the value of the will be captured by the txn fee and go to the miners, effectively boosting the mining reward by ~1/3.
Doesn’t this effectively still destroy all legacy wallets? Once the throttling limit goes into effect, it will be impossible for holders of legacy wallets to transfer their bitcoin without paying ~1 bitcoin per bitcoin they want to move. Doesn’t this amount to the same thing as abolishing all legacy wallets plus increasing the mining reward with extra steps?
Not necessarily, we could reach a point where theoretically it is possible to crack elliptic curve but still prohibitively expensive except for nation states. At that point or near that point, miners would likely agree to engage the throttle.
Presumably the vast majority who had their key would move the coins before the throttling takes effect so in the event of a 'slow takeoff' quantum scenario where quantum computing is expensive or nation states don't want to divulge the capability there could be no demand for the 1btc slot. If a lucky individual forgot about their coins (likely an early 50btc block), it only takes them ~8hrs to transfer at the normal txn fee.
Only those with access to legacy coins can compete for that slot.
The main advantage is it delays the transfer to the mining reward to the last possible moment, IE the trigger for the transfer to the mining reward likely only happens if there is sufficient contention for that 1btc slot because legacy wallets are getting cracked.
> Anyone know if there's a way out that doesn't require this?
Honestly, I see this as a way for the powers that be to force explicit KYC. You want those coins? You prove they're yours, you stick your name on that wallet and all the liability that comes along with it. Otherwise the government (some government) holds onto them until you can definitively prove they're yours. I dont think this scenario is likely, but I can see it being something that is proposed or tried.
Bitcoin core devs do not make decisions for the distributed network. Yes they have outsized power but with the whole BIP110 thing going on now and Bitcoin Knots gaining adoption, I'm more confident now that sudden changes from the core devs will not be blindly accepted by all. That aside, it will be necessary to hard fork the chain from a point before a quantum attack, but there will be several proposals and the community will vote with their nodes.
No because you are not changing the ledger. You are changing the authentication mechanism for transactions. It's like adding a new supported password hash.
If you don’t also drop wallets with compromised signatures at some point after introducing secure signatures (effectively editing the ledger) they will be up for grabs.
Absent a functional ledger rewrite I expect there would be some window where miners with access to CRQCs switch their focus over to exclusively mining blocks of transactions transferring coins from insecure wallets to secure wallets under their own control. Is there actually interest in living in the world where the first person with both a CRQC and a mining farm gets to claim all of the stranded bitcoins for themselves?
This was already pretty well hashed out (heh) during the 'core'/'cash' issue when there was an attempt to fork in an expanded the block size. Both chains still exist. Bitcoin operation is entirely up to the miners to determine the heaviest chain, and that's like two entities (the number of entities required is called the Nakamoto coefficient). It's not magic, but there is a huge cult built up around it by scammers, rubes, opportunists and speculators.
> I have a great psychiatrist who has me on antidepressants, anti-anxiety meds, and mood stabilizers
Disclaimer: this is not medical advice, but have you considered being on less medication? I have seen a close family member become absolutely numbed from being on antidepressants, and although I have personally never been on them, I am highly skeptical that the amount of drugs the average American is being prescribed is healthy. My preferred choice of self-fixing is by quiet introspection, though I've had some useful experiences from therapy sessions as well.
I never stopped using foobar2000 on the desktop. I can recommend Evermusic on iOS for it's excellent playlist management, carplay integration and last.fm/scrobbling if you're ancient like me and still using that.
I think the metaphor here would be more like getting your license permanently suspended for going 3 mph over. Whether that happens anywhere or not in reality, the point is, it would be an absurd overreaction.
Not getting the "didn't go over the speed limit" award when you did in fact go over the speed limit shouldn't be a big deal to anyone.
Nobody is preventing the studio from working, or from continuing to make (ostensibly) tons of money from their acclaimed game. Their game didn't meet the requirements for one particular GOTY award, boo hoo
As someone whose stance is to be extremely skeptical of AI, I threw Claude at a complex feature request in a codebase I wasn't very familiar with, and it managed to come up with a solution that was 99% acceptable. I was very impressed, so I started using it more.
But it's really a mixed bag, because for the subsequent 3-4 tasks in a codebase that I was familiar with, Claude managed to produce over-commented, over-engineered slop that didn't do what I asked for and took shortcuts in implementing the requirements.
I definitely wouldn't dismiss AI at this point because it occasionally astounds me and does things I would never in my life have imagined possible. But at other times, it's still like an ignorant new junior developer. Check back again in 6 months I guess.
I mean, this sounds like the Gell-Mann amnesia effect. If it only 'works' in codebases you're unfamiliar with, that may be a signal that it doesn't work there either.
I though at least with this AGI datacenter push we'd see a renaissance in nuclear investments, with timelines getting more aggressive and plants actually getting built. Also getting some tangible progress in fusion would've been nice as well.
They're really proving lately that they are a company that can't be trusted with your data.
reply