I’m sharing the full article I found on X. Seriously, check it out! It’s crucial for everyone here to really understand the potential dangers of a Quantum Event that might come sooner than we think.
I think Nic is asking the right scary question and then wandering into the wrong cure. Quantum risk is not pure bedtime folklore, but the moment people start sounding comfortable with freezing or reallocating old coins "for the good of the network," my hand goes straight to my wallet. That precedent is radioactive. Once Bitcoin crosses the line from "if you have the keys, you have the coins" into "unless the crowd, institutions, devs, miners, or some panic committee decides otherwise," you have quietly replaced a rule with a permission slip.
The part a lot of people keep blurring is that there's a huge difference between giving users new tools to migrate funds and forcibly invalidating certain UTXOs because they look vulnerable or politically convenient. One is an upgrade path. The other is expropriation wearing a lab coat. And no, it doesn't become noble just because Satoshi's stash is involved. Bitcoin doesn't get stronger by proving that sufficiently old or weird coins can be put on a chopping block when the narrative feels urgent enough.
So, to me this is neither "Chicken Little" nor "let's pre-freeze half the museum." The sane posture is to take PQ seriously, keep working on migration options, reduce address reuse like civilized adults, and avoid turning a technical threat into an excuse for social-layer vandalism. If Bitcoin ever decides some coins are too dangerous to be owned unless approved by the village council, the quantum computer will be the second most interesting thing that happened.
Nic Carter is also for some reason unable to refrain from lying about the status of development on QC robust cryptography for Bitcoin-- he's constantly screaming that no developers care and nothing is being done, but that is just painfully obviously untrue. Now as to why he'd engage in that kind of dishonest behavior, -- that's up to you, but many people have noted that he's a significant investor in some company selling PQ 'fixes'. Could just be plain stupidity though, or reliance on LLMs. The guy can't even figure out who the developers *are* or how to email them, but he thinks he's qualified to publish on whats being worked on.
The elegant answer to the freeze proponents is that they're free to make a fork that reflects their beliefs. If they are right, it'll become dominant in the market. If they're wrong-- it'll end up worthless. A lot of long time Bitcoin investors I talk to agree with your position-- that it's would be a devastating blow to Bitcoin's value proposition and would only be interesting if the alternative was bitcoin's demise. That fits well with that "if you think its needed, you can make a fork for it": if the non-confiscatory bitcoin dies then that opens the field for the survivor. And most importantly everyone got to chose what currency they adopted, without confiscation being forced onto them.
We've already explained who this fraud is in another thread about quantum computers, and yet here is another one.
Exactly, at least scammers like Roger Ver tried to make their own fork and proved that they were completely bamboozled idiots. The market eventually proved them wrong even if they didn't want to believe or listen to the engineers at the time. Stupid people tend to insist that they are right at all cost.
The more I have been reading and pondering about this topic, the worse my conclusion is. If we freeze coins with no recovery (or even at all) which would be the case with coins such as satoshi's this would create a precedent and turn Bitcoin into something from which there is no going back to. This is the worst solution of all, much worse than letting more than a million coins flood back into the circulating supply. Figuring this out is very easy, understanding the full implications perhaps may be a bit more difficult but I do not see how these idiots can't figure that out.
This is perhaps some optimal case scenario that I have no read before, but I do not see how likely this is unless someone extremely well connected gets this going themselves. I don't think it is going to just happen on its own out of nowhere.
This is false and misinformation. Bitcoin will not die from some coins entering back into circulation. Old coins are entering back into circulation all the time, a temporary one-time large-scale will not cause any issues. Coins get hacked through all sorts of methods all the time, including private key derivation (because the randomness was weak or the method was insecure) -- stop pretending that this is something else.
"My keys, my coins" -- you can fuck off to your centralized confiscation shitcoin Nic.
There may be an underlying thread that some people delusional believe that some huge portion of coins are lost-- and so those coins going into circulation again would violate their own expectations of what bitcoin is. But there is no basis for people to believe that-- people who told it to them were confused or lying. With a few exceptions one should assume that all the coins that exist can and someday will be spent. Those who accept this truth probably have less reason to go around proposing seizing people's assets.
A useful thing researchers could look into: is there a way in zero knoweldge to bind an existing coin to a new 'secure' output, without exposing which coins got bound?
Like you construct a PQ secure ZKP that says "Value X is a hash of the private key for some output that exists and is worth X bitcoin, it now should belong to this new address" this way parties with long dormant coins could secure them with new keys without revealing that they still exist.
Exactly, in most cases they are done through various assumptions relating to events (which are most often not objectively or mathematically verifiable but anecdotes of various sources) or coin age. However, we frequently see cases where extremely old addresses get woken up which violate the latter assumption all the time which means that it can not be used in a superficial way like that. So the choice is this, either sacrifice:
1. The assumption that 3-4 M coins are lost (or whatever the estimate), or2. The core principle that Bitcoin is a non-freezable, censorship-resistant asset where your keys mean your coins.
Gee, it is so hard to figure out which one is fucking more important. A relatively baseless assumption based on speculation by individuals or a core principle of Bitcoin. Luckily we do not have any kind of explicit governance system, not even a organization pretending to be decentralized like DAOs as otherwise these people would lead us to ruin ourselves like shitcoins regularly do.
That is an interesting line of research.
That's indeed very interesting, even if it of course doesn't solve the issue of real "lost" coins.
I believe it should be possible, even I as a layman can imagine a structure like this:
- You create a script which proves that you own P2PK key X and post-quantum key Y. For example, you sign a message both with key X and Y, or you sign the address corresponding to Y with X (then you don't prove Y belongs to you)
- You publish a hash of this script in an OP_RETURN transaction as early as possible (so you're ahead of Q-day).
- A future recovery mechanism requires P2PK outputs to be spent only of the following conditions are fulfilled: 1) the transaction moving the funds contains the original script proving the ownership of both keys and a quantum-resistant signature, and 2) the script hash was published in a transaction before a deadline before the expected Q-day (so it can't be done by someone with a QC).
SO is freezing to be done on :
2009-2012 coins
Or on all legacy addresses
I can make a legacy address today put in 0.001 coins
My issue then is my new coins are frozen so no one steals them?
Why ?
I choose to do it. Place my coins in a supposed weak address.
Is it not my choice to take that risk?
BTW all my coins are in bc1q******** addresses also my choice.
Just like I choose to buy some coins from kraken
And mine some coins on viabtc
Is
In both cases the mined coins and purchased coins are entrusted to kraken and viabtc until I move them to one of my
bc1q******* addresses
Why don't we leave the older 2009-2012 coins alone in legacy addresses until they start to be stolen.
I for one am interested in how long will it take for them to be stolen.
Why don't we make a way to secure bc1q**** from quantum as our priority.
Giving those with the older addresses a choice to transfer to safety if they want.
And let's set a forced transfer date or freeze date in 2056.
I would be 99 but it would motivate me to live to see if all the older 'unsafe' addresses are stolen before 2056. Or if after a few thefts they start to be transferred over to a safe version of 'bc1q' addresses
I believe that freezing could be done on coins that will not be moved to "Quantum Safe addresses" after a fixed amount of time. It would be stupid not to move your coins because you know it would be stolen, no? No person would put money somewhere merely to be stolen.
But in my personal opinion, no freeze - let the market decide. But I'll admit that I might consider selling some of my coins if it's decided that there will be no freeze.
Bitcoin was always about giving you that choice, being your own bank means that you can do whatever the fuck you want as long as it is valid according to the consensus rules. Do you want to send your money in a black hole address? It is your choice. Do you want to send it to terrorists? We can't stop you. Do you want to put it in an address that is derived by shitting randomness? Yes you can. The freeze proposal goes against everything that Bitcoin stands for.
Nobody knows that. The idea is that we can't be certain if it will take days or weeks to crack 1 address once it starts to actually work, or it could be minutes. If it is minutes or less then we won't be able to do much in time. It is not like we could coordinate a large scale, somewhat controversial (or worse, completely controversial like this proposal) solution and deploy it quite quickly in Bitcoin. Preferably we would want to avoid that, even if in the times of the utmost emergencies it could probably work -- but let's not try to test this.
Because there isn't a very good way to make existing addresses secure. What will happen is that there will be a new signature algorithm which will produce a new type of addresses that are quantum-safe(r), and you will have the choice to transfer your funds there if you want to. This part will definitely happen. Any kind of freezing, confiscation, or other retarded proposals no.
Then you are absolutely crazy and have never understood what Bitcoin was about. This would sacrifice a core principle of Bitcoin to avoid short-term price fluctuations. There is no existential threat here, nothing that could break Bitcoin at all. In the worst case it would lead to some coins being dumped on the market, and then it is over -- the protocol continues like nothing has happened at all.
Yet it happens all the time, every single day. Everything from brainwallets over entering your seed phrase online to storing ridiculous amounts of coin on a shitty and insecure phone. If someone wants to place Bitcoin into an insecure address or in an insecure way, it is their choice -- Bitcoin is about providing this choice.
Go ahead and sell, it worked out great for Roger Ver.
I think it will be real when Quantum Day (QD) arrives. When? I dont exactly understand, theres news about 2035 but it seems too soon. But I dont know how it could usually be faster or slower. Remember how the US is currently also trying to implement security through banning crypto that uses EDSCA technology. This is being done by the US FEDERAL agency officially banning ECDSA cryptography starting in 2030 with a final deadline in 2035. Maybe this is also one of the steps to protect against quantum technology.
In my local media, I also talk about quantum, but they are still optimistic that developers will soon take anticipatory measures. I have also read BIP 360 and most recently yesterday BIP 361. The 360 proposal is quite good, but the weakness is old inactive wallets; BIP 361 tries to improve it, but logically, I am a little surprised by this proposal. Of course, I understand the concern if QD arrives and is genuinely capable of stealing Bitcoin from old wallets.
Is there a way to anticipate the arrival of Quantum day and for Crypto to continue running safely without worry about crime? I am not a developer and I can't, I can only think about how all these coins can migrate to new technology automatically in a way that is safe from Quantum attacks.
Nitpicking again, Satofan69? Get the context. I was merely projecting what some developers might propose to do, not necessarily what I would do.
That doesn't mean they wanted their assets to be stolen. No person would put their coins in a vulnerable address knowing it would be stolen from them, no?
I will truly consider it, especially IF the Quantum Debate becomes more tumultuous and divisive than the Segwit Debate. Because this isn't merely a matter of market or price performance. This is potentially a serious technical matter that could make many HODLers lose confidence in the network.
It's easy for you to say "go ahead and sell", but for some of us, we have invested a large portion of our savings in this.
But you, Satofan69, are a troll. Welcome to my ignore list.
People who create puzzles do. For example: https://mempool.space/tx/08389f34c98c606322740c0be6a7125d9860bb8d5cb182c02f98461e5fa6cd15
At the time of writing, there is literally 7.1 BTC, sitting on 1PWo3JeB9jrGwfHDNpdGK54CRas7fsVzXU, which is probably a weak, 71-bit private key, where it is not yet taken, only because it is hashed. But once the public key will be revealed, then double-spending transactions could be made in seconds.
So, weak keys are tested with whole BTCs, which is why puzzle solvers claim them through Slipstream, or similar ways.
Also note, that the reward in 1PWo3JeB9jrGwfHDNpdGK54CRas7fsVzXU was bumped from 0.071 BTC to 0.71 BTC, and later to 7.1 BTC (and the same happened to many other addresses in this puzzle as well). And someone decided to send a lot of coins to addresses, where everyone knew, that the private keys are weak.
That's taking the question out of context, ser. I'm talking about people who accumulate Bitcoin, investors, HODLers, traders, PLEBS like us.
Because, who would deliberately store their Bitcoin in a vulnerable address, while they know that the address is indeed vulnerable?
Please don't derail the topic.
It is not going to happen, you will be stopped like scammer Ver was. If developers propose radical ideas, they will lose their ability to influence Bitcoin Core in any significant way similarly to how the CSAM-archiving freak Luke-jr lost all his influence.
Whether I want my assets to be stolen or not is not your place to determine. You do not know anything about the choices of others and you are making assumptions in order to justify stealing their property. If I want to put my coins in something insecure, knowingly or unknowingly, it is my choice. This is what Bitcoin is about. Everything else is not Bitcoin, but since most of the "old" users here are deeply brainwashed by the traditional centralized systems they keep resorting to ideas that are classic for those systems. Freeze, blacklist, why not full KYC and whitelist only in the end?
This is not a technical matter and it has no way of breaking the network, you are spreading false information about this case again. I will tag you appropriately once more and warn other users from interacting with misinformation.
That is not for you to decide. If you want to act as a central committee person that decides something for others, you can join the CSAM-review team that is proposed by luke-jr.
Shower thought.
IF the FIRST Quantum Computer would be built tomorrow, I believe that because "Game Theory", the people having it might not waste letting everyone know that they have it by cracking Bitcoin.
Why?
Probably because,
1. How would they sell those coins? If a Quantum Computer cracked Satoshi's wallet, I believe exchanges would refuse to have those outputs sent to them.
2. Plus why would they show that they do indeed have a Quantum Computer that could break Bitcoin/public key cryptography? If it's China, they probably would wait and use it on something more important, like break United States/Taiwanese Military networks if they decide that it's time to invade Taiwan.
¯\_(ツ)_/¯
Now you have finally written something reasonable instead of listening to scammers like Nic Carter. When it comes to incentives there are generally two camps:
1. Those that see the quantity of Bitcoin at stake as a canary/incentive for someone to build a quantum computer. While some people tend to misuse the arguments that banks would be targeted and everything else will be insecure, it is besides the point. There does not exist a single system in the world that has a big treasure lying around like this, and in traditional centralized systems they could just shut everything down and undo the theft.
2. Those that see that hacking Bitcoin would expose your quantum supremacy right away, and is that going to be worth it?
Now there are other issues that are relevant here, and jeets learn already how markets work:
1. The millions of coins that are at stake, whether they be hacked extremely quickly (e.g. 1 day) or a bit longer over short periods of time can not be sold on a normal market. This is not how it works.
2. Legal entities are not able to sell these coins as they are stolen property, even if the original owner of this property does not come forward.
This only leaves:
1. Rogue states (e.g. China), but that comes back to the would they waste their secret of achieving quantum supremacy on this and this is assuming they are even able to pull this off.
2. Rogue entities, but that is extremely unlikely given the complexity and money involved in reaching the first quantum computer.
The setup which has us choosing between bad options (coins stolen vs coins frozen) however is still uniquely positioned to give this outcome: a US legal entity (such as Google) achieves quantum supremacy and.... nothing happens! At least for a little while. This is the most likely scenario (assuming they DO achieve it). We still get plenty of time before some rogue entity or state manages to build their own, we are talking about many years or decades. People fail to understand that some technologies can not be copied in a few years even through trade secret theft.
Quantum threat is not fake, it's real and it will happen. But we need to also realize that quantum is not one sided thing. Even with quantum it is not going to be instant, like a second and it's all gone, it just makes it faster and doable. And quantum will not be at the hands of people who will first try to crack bitcoin as first thought, if anything they would try to get nuclear codes as first thought, because it's a system that is being worked on with billions, and people who are rich that way, and governments, will want that first.
Meanwhile, we can make the security even more stronger but if once invented then quantum computing also will evolve. Personally I still believe quantum computing is kind of alien technology hence we need long way to see it working around us.
@tygeade. I am skeptical on how the mainstream news media and the cryptonews media are making this quantum threat appear. I reckon this might be similar to the Y2K bug where they said all of the computers in the world will turn off. However, did the computers turn off?
In any case, this might be the next fud that will cause a big dump and we can certainly speculate that there are people paying for these articles to be published to cause more fearfulness on the market heheehehehee.
Bitcoins timeline to deal with quantum computers just got a little bit shorter.
A researcher called Giancarlo Lelli performed the largest known quantum attack on elliptic curve cryptography, the standard that secures Bitcoin, Ethereum, and a vast majority of the $2.6 trillion crypto market. Lellis breakthrough is a 512-fold jump from the previous record.
Even though the result doesnt break Bitcoin, it suggests something pretty unsettling. Progress towards breaking the $1.5 trillion network is accelerating on hardware that anyone can rent.
The winning submission came from an independent researcher working on cloud-accessible hardware, said Andy Pruden, CEO of Project Eleven, a startup dedicated to addressing Bitcoins quantum computing threat.
The resource requirements for this type of attack keep dropping, and the barrier to running it in practice is dropping with them.
What was considered a far-fetched threat not too long ago has now taken centre stage. In January, Wall Street behemoths like BlackRock and $5 trillion UBS CEO Sergio Ermotti denounced the quantum threat, while developers turned a blind eye. Not anymore. After Google accelerated its timeline for quantum to 2029, Bitcoin maintainers have begun to think about ways to stave off the threat.
Read in full https://www.dlnews.com/articles/markets/quantum-computing-attack-jumps-512x-bitcoin/
Oh my god what a trash article. But anyway, I don't want to dismiss Lelli's achievement.
It is hidden in the article that the key Lelli cracked was a 15-bit key. This means there were around 32000 possible key combinations. Even bruteforcing and without using the fancy algorithms our Kangaroo fanboys of the Development & Technical subforum use, this is something a conventional computer does in a fraction of a millisecond.
So it would be very interesting which "public accessible cloud" hardware exactly Lelli used, which is not specified in the articles I have found about the subject.
It is also not true what the article claims that "only after Google's update to 2029" the Bitcoin developers became aware of the problem. SHRIMPS was published in March, and SHRINCS in December 2025.
PS: more about the supposed "attack": https://u.today/first-quantum-hack-in-crypto-is-here-but-bitcoin-pioneer-adam-back-labels-it-as-fake