1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
|
Delivery-date: Thu, 12 Dec 2024 18:20:10 -0800
Received: from mail-yb1-f186.google.com ([209.85.219.186])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBCQNPUMG2ADBBUFT525AMGQEQVT32NQ@googlegroups.com>)
id 1tLvHl-0004mw-Hp
for bitcoindev@gnusha.org; Thu, 12 Dec 2024 18:20:10 -0800
Received: by mail-yb1-f186.google.com with SMTP id 3f1490d57ef6-e3a0d165daesf1890606276.1
for <bitcoindev@gnusha.org>; Thu, 12 Dec 2024 18:20:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1734056403; x=1734661203; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-sender:mime-version
:subject:references:in-reply-to:message-id:to:from:date:sender:from
:to:cc:subject:date:message-id:reply-to;
bh=ZA3uDp0BBNvtkAZVvyh/Tpfv52f/XMX4Wgt2em3KsUs=;
b=fUxePUwdFPnUr4s66CPtTTWK9qEcCATGA3Ep2Zl690DIvSpfEuNBsK0hffBmMAbMPE
3WeFrZZuY3W1HMoW+WlHFQlUVwY3YMDWyza7uEGdQfh3yKvL+JPcDoTqFxaUdRuFazPM
mDk8DtfmeqqP/Z11PUslhpEYBTX0/18zpY2t9SriQi6CC6ftnF6OFdZxbZ3blJ1vIhFY
u4PczWTTySV6/W58zvR04FOxeqTv9RbSXOBtuNTEvSf/dpfE/eziSzInRHoS01aK78zS
An0vbv1hU9ft404bCO6gSi+lJ5lbkIGAf5CPkLCxbXY9Qur2OFiTM7sX2433rzceFexV
hAlA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1734056403; x=1734661203; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-sender:mime-version
:subject:references:in-reply-to:message-id:to:from:date:from:to:cc
:subject:date:message-id:reply-to;
bh=ZA3uDp0BBNvtkAZVvyh/Tpfv52f/XMX4Wgt2em3KsUs=;
b=L60n1Fb9OfLrJB1XzFnmaKFzw7mru+yqs/q2jvqWoIEI1dKqcQyMOdTL2kFpERJF5a
7k31H59hdRZKHbX+ZWpLb4Lxw4yMyZDNGJMRieTqreGTAJh8DIQES5lK+WtDR0glM6K9
nAg4Z1uBSTQrxceMyBYY5MR1SR2UTl97XOwokxG2HAJ3d4KD93UOTRzq+q6WVOwo/m3F
stirn7Qq5scBsIf797SU3MFIg1+CWMgEWBGVKUO0SMmL1WF+KHWd+B2eebf+rbHKonnx
VGdn466u/wlsQogkSeueb1u2Pgs7L15ZoNGQUu9i1uIy9JZbXVm92w7pMWElHURtNx50
jL8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1734056403; x=1734661203;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-sender:mime-version
:subject:references:in-reply-to:message-id:to:from:date:x-beenthere
:x-gm-message-state:sender:from:to:cc:subject:date:message-id
:reply-to;
bh=ZA3uDp0BBNvtkAZVvyh/Tpfv52f/XMX4Wgt2em3KsUs=;
b=eVv+6ejLMnj0vIsdlyxdyAFEw9TV/Wcf/UIwLg8y30tF/p3aaue1SZLG1Mdwezdszp
h3j3pUapBGZzEwI8kYivfwCHTEyHOASf8IVO/1M23rgeRfVConk4myJ2fFO/iPDW0AAB
gTU9ivl4ewCIdd32etQU+i41l+pbdBDsDLrvGu9OdxDLjM21TG2yg46Wldz3g53xccW3
vFymp+AIArXMuCi0fUjhMhX+jxFGcwLAALopD7auQx20Qa2gPHjEUIZdbzDddlMEKl65
9VIiSSkKlEbX20PiU7NCNsChycfEFKnXiJnR8mt/5F/ZoZTnkL33ljv/a0CrysZxRVzu
zMqw==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=1; AJvYcCUkc7Na9JbHFDLMw1gCslfyZl3QHRXlYig8Ds3V4wnAxi40ToxxzV58DhkRoVgSIUlfU4KyA8yPs6hP@gnusha.org
X-Gm-Message-State: AOJu0YwvBBCIs/ty0temPjqXu++GWcjABFuSNQrsFyybF8fyTg5Potc7
qTPsStEjliQEpj9uMpFGE1Crp4+j+2yikfoT3G92H3CtIm994/lk
X-Google-Smtp-Source: AGHT+IErCLkFdTpKwl9clA9RjT5PkG+oYgrdaW3mHcnuH/jX/12x7K846FRWuH6wfNfCH/CdZrQIzA==
X-Received: by 2002:a05:6902:2686:b0:e39:b0de:fed8 with SMTP id 3f1490d57ef6-e434a354f71mr822735276.17.1734056402898;
Thu, 12 Dec 2024 18:20:02 -0800 (PST)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a25:d004:0:b0:e35:de95:59d5 with SMTP id 3f1490d57ef6-e43b0c25f12ls154680276.1.-pod-prod-05-us;
Thu, 12 Dec 2024 18:20:00 -0800 (PST)
X-Received: by 2002:a05:690c:6303:b0:6ea:7b00:4aa5 with SMTP id 00721157ae682-6f279b88515mr8179577b3.33.1734056400281;
Thu, 12 Dec 2024 18:20:00 -0800 (PST)
Received: by 2002:a05:690c:fd3:b0:6ef:892f:89f3 with SMTP id 00721157ae682-6f278d02555ms7b3;
Thu, 12 Dec 2024 18:07:29 -0800 (PST)
X-Received: by 2002:a05:690c:67c7:b0:6ee:a89e:af3b with SMTP id 00721157ae682-6f279ad71e1mr11012217b3.9.1734055648889;
Thu, 12 Dec 2024 18:07:28 -0800 (PST)
Date: Thu, 12 Dec 2024 18:07:28 -0800 (PST)
From: Ian Quantum <ianquantum2027@gmail.com>
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Message-Id: <d142e67b-a0b1-49a0-9593-82053d55e3a5n@googlegroups.com>
In-Reply-To: <07384dbd-4b98-43db-a71a-e19a1d04f849n@googlegroups.com>
References: <CAJDmzYyPJSgHvg57OcQoBN9JWs-eGxLSwm+Rc66HoaRqhTq3_A@mail.gmail.com>
<07384dbd-4b98-43db-a71a-e19a1d04f849n@googlegroups.com>
Subject: [bitcoindev] Re: Proposal for Quantum-Resistant Cryptography in
Bitcoin - BIP Submission
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_63250_427599127.1734055648353"
X-Original-Sender: ianquantum2027@gmail.com
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.5 (/)
------=_Part_63250_427599127.1734055648353
Content-Type: multipart/alternative;
boundary="----=_Part_63251_1681148483.1734055648353"
------=_Part_63251_1681148483.1734055648353
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Some contributions of my own to add to this conversation.
FALCON wasn't approved by NIST because the security of the algorithm is=20
directly linked to the randomness of the input parameters. There was a=20
similar concern over RSA about 25 years ago, and the question of the=20
exponent related to the operation as a matter of security. They weren't=20
sure if the exponent should be high, random or irrelevant to the security.=
=20
Turns out that it was irrelevant, so the cryptography community relaxed and=
=20
selected the exponent 3 for RSA for performance reasons with no cost to=20
security. When a parameter is so relevant to the security of FALCON it is=
=20
alarming, and the algorithm may be unsuitable for blockchain.=20
I would suggest NTRU Prime by Daniel Bernstein as a solid contender for=20
secure Lattice. Critically to a heterogenous environment, it is not=20
susceptible to side channel attacks so the keys cannot be stolen through=20
magnets next to a thumb drive. Daniel Bernstein managed to perform side=20
channel attacks 10 out of 10 times on multiple NIST PQ standards.
A quantum network runs 45x faster than the same qubits assigned to a single=
=20
machine. https://arxiv.org/abs/2211.15465
Quantum networks also require less wiring, and a 6000 node network of 1152=
=20
qubit machines can crack bitcoin in 10 minutes on=20
average. https://arxiv.org/abs/2306.08585 The qubit count is expected to go=
=20
down by at least 30% by 2027 due to general improvement in the algorithm.=
=20
Litinski explained his algorithm at Crypto conference, and included further=
=20
optimizations to lower the qubit count and increase=20
performance. https://www.youtube.com/watch?v=3DAumHpDRS5iI
The scaling of some machines and algorithms is indeed=20
linear https://arxiv.org/abs/1808.02892 but this is not always true. With=
=20
Active Volume, an 3x increase in nodes causes a 7x increase in performance.
Due to Grover's it is critical that 256 bit addresses be used. 160 bits is=
=20
simply too small to be future proof.
With the advent of quantum networks, the hardware is more achievable. Mass=
=20
production becomes the new paradigm, not IBM's flagship for gathering news=
=20
attention. PSI Quantum has solved mass=20
production https://arxiv.org/html/2404.17570v1 and has completed the entire=
=20
system end to end. https://www.youtube.com/watch?v=3DA1tD4VXzswU=20
A reasonable estimate would be PSI Quantum breaking secp256k1 in 2027.=20
Hopefully we will get a 'canary warning' by breaking ECC-32 but to increase=
=20
scale to break ECC-256 would only be a 4x increase in total qubits.
Other candidates for mass production are:
Oxford Ionics, who produces 256 qubit machines that run at room=20
temperature. The trapped ion system is cooled and operates using lasers and=
=20
magnets.=20
Riverlane, who produces rapid components but is mostly focused on high=20
performance. Targeting 1 mil qubits in 2027 is a reasonable extrapolation=
=20
of their roadmap. (100k qubits in 2026 after 10k qubits in=20
2025.) https://www.riverlane.com/newsroom
Intel, who produces electron spin wafers with an unknown but extremely=20
large number of qubits per wafer. These devices are produced fully=20
autonomously and without intervention. 15 wafers are produced per day, per=
=20
manufacturing and testing device. More devices will probably be produced=20
soon, and they could potentially produce billions of qubits per week with=
=20
20 machines. They do not have any reports of algorithm on chip, networking,=
=20
or complete computing capabilities at this=20
time. https://www.intc.com/news-events/press-releases/detail/1693/intel-tak=
es-next-step-toward-building-scalable=20
I hope that we can make significant progress in getting Bitcoin quantum=20
safe.
Ian Smith
@IanSmith_HSA
On Tuesday, October 22, 2024 at 12:38:44=E2=80=AFAM UTC+9 Jon Atack wrote:
> Hi Agustin,
>
> Good to see!
>
> Have you seen the work-in-progress BIP draft at=20
> https://github.com/bitcoin/bips/pull/1670? It may be good to review each=
=20
> other (and possibly collaborate).
>
> Discussions/references to that draft:
> * https://groups.google.com/g/bitcoindev/c/Aee8xKuIC2s/m/cu6xej1mBQAJ (Ma=
iling=20
> list discussion)
> * https://delvingbitcoin.org/t/proposing-a-p2qrh-bip-towards-a-quantum-
> resistant-soft-fork/956?u=3Dcryptoquick (Delving Bitcoin discussion)
> * https://bitcoinops.org/en/newsletters/2024/06/14/ (Bitcoin Optech=20
> newsletter)
> * https://bitcoinops.org/en/podcast
> /2024/06/18/#draft-bip-for-quantum-safe-address-format (Bitcoin Optech=20
> discussion transcript)
>
> Best regards,
> Jon
>
> On Thursday, October 17, 2024 at 5:06:34=E2=80=AFPM UTC-6 Agustin Cruz wr=
ote:
>
> Dear Bitcoin Developers,=20
> I would like to propose a Bitcoin Improvement Proposal (BIP) that aims to=
=20
> introduce quantum-resistant cryptography to the Bitcoin protocol. With th=
e=20
> rapid advancement in quantum computing, this proposal outlines the=20
> integration of post-quantum cryptographic algorithms (SPHINCS+ and=20
> Dilithium) to safeguard Bitcoin=E2=80=99s long-term security.
> =20
> The key points of the proposal are:=20
> - Introduction of quantum-resistant signature algorithms (SPHINCS+ and=20
> Dilithium).=20
> - New Bech32-based address formats for quantum-resistant addresses.=20
> - Modifications to transaction structures and script opcodes to support=
=20
> larger signature sizes.=20
> - A transition mechanism through a soft fork to ensure backward=20
> compatibility with existing Bitcoin addresses and transactions.=20
>
> The full BIP draft is available here=20
> https://github.com/chucrut/bips/blob/master/bip-xxxx.md for your review=
=20
> and feedback. I look forward to the community's input and am open to=20
> suggestions on how to improve the proposal.=20
>
> Best regards,
> Agust=C3=ADn Cruz
>
>
--=20
You received this message because you are subscribed to the Google Groups "=
Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/=
d142e67b-a0b1-49a0-9593-82053d55e3a5n%40googlegroups.com.
------=_Part_63251_1681148483.1734055648353
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Some contributions of my own to add to this conversation.<div>FALCON wasn't=
approved by NIST because the security of the=C2=A0 algorithm is directly l=
inked to the randomness of the input parameters. There was a similar concer=
n over RSA about 25 years ago, and the question of the exponent related to =
the operation as a matter of security. They weren't sure if the exponent sh=
ould be high, random or irrelevant to the security. Turns out that it was i=
rrelevant, so the cryptography community relaxed and selected the exponent =
3 for RSA for performance reasons with no cost to security. When a paramete=
r is so relevant to the security of FALCON it is alarming, and the algorith=
m may be unsuitable for blockchain.=C2=A0</div><div><br /></div><div>I woul=
d suggest NTRU Prime by Daniel Bernstein as a solid contender for secure La=
ttice. Critically to a heterogenous environment, it is not susceptible to s=
ide channel attacks so the keys cannot be stolen through magnets next to a =
thumb drive. Daniel Bernstein managed to perform side channel attacks 10 ou=
t of 10 times on multiple NIST PQ standards.</div><div><br /></div><div>A q=
uantum network runs 45x faster than the same qubits assigned to a single ma=
chine. https://arxiv.org/abs/2211.15465</div><div>Quantum networks also req=
uire less wiring, and a 6000 node network of 1152 qubit machines can crack =
bitcoin in 10 minutes on average.=C2=A0https://arxiv.org/abs/2306.08585 The=
qubit count is expected to go down by at least 30% by 2027 due to general =
improvement in the algorithm. Litinski explained his algorithm at Crypto co=
nference, and included further optimizations to lower the qubit count and i=
ncrease performance.=C2=A0https://www.youtube.com/watch?v=3DAumHpDRS5iI</di=
v><div><br /></div><div>The scaling of some machines and algorithms is inde=
ed linear=C2=A0https://arxiv.org/abs/1808.02892 but this is not always true=
. With Active Volume, an 3x increase in nodes causes a 7x increase in perfo=
rmance.</div><div><br /></div><div>Due to Grover's it is critical that 256 =
bit addresses be used. 160 bits is simply too small to be future proof.</di=
v><div><br /></div><div>With the advent of quantum networks, the hardware i=
s more achievable. Mass production becomes the new paradigm, not IBM's flag=
ship for gathering news attention. PSI Quantum has solved mass production=
=C2=A0https://arxiv.org/html/2404.17570v1 and has completed the entire syst=
em end to end.=C2=A0https://www.youtube.com/watch?v=3DA1tD4VXzswU=C2=A0<br =
/><br />A reasonable estimate would be PSI Quantum breaking secp256k1 in 20=
27. Hopefully we will get a 'canary warning' by breaking ECC-32 but to incr=
ease scale to break ECC-256 would only be a 4x increase in total qubits.</d=
iv><div><br /></div><div>Other candidates for mass production are:</div><di=
v>Oxford Ionics, who produces 256 qubit machines that run at room temperatu=
re. The trapped ion system is cooled and operates using lasers and magnets.=
=C2=A0</div><div>Riverlane, who produces rapid components but is mostly foc=
used on high performance. Targeting 1 mil qubits in 2027 is a reasonable ex=
trapolation of their roadmap. (100k qubits in 2026 after 10k qubits in 2025=
.)=C2=A0https://www.riverlane.com/newsroom</div><div>Intel, who produces el=
ectron spin wafers with an unknown but extremely large number of qubits per=
wafer. These devices are produced fully autonomously and without intervent=
ion. 15 wafers are produced per day, per manufacturing and testing device. =
More devices will probably be produced soon, and they could potentially pro=
duce billions of qubits per week with 20 machines. They do not have any rep=
orts of algorithm on chip, networking, or complete computing capabilities a=
t this time.=C2=A0https://www.intc.com/news-events/press-releases/detail/16=
93/intel-takes-next-step-toward-building-scalable=C2=A0</div><div><br /></d=
iv><div>I hope that we can make significant progress in getting Bitcoin qua=
ntum safe.</div><div><br /></div><div>Ian Smith</div><div>@IanSmith_HSA</di=
v><div><br /></div><br /><div class=3D"gmail_quote"><div dir=3D"auto" class=
=3D"gmail_attr">On Tuesday, October 22, 2024 at 12:38:44=E2=80=AFAM UTC+9 J=
on Atack wrote:<br/></div><blockquote class=3D"gmail_quote" style=3D"margin=
: 0 0 0 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex=
;"><div>Hi Agustin,</div><div><br></div><div>Good to see!<br></div><div><br=
></div><div>Have you seen the work-in-progress BIP draft at <a href=3D"http=
s://github.com/bitcoin/bips/pull/1670" target=3D"_blank" rel=3D"nofollow" d=
ata-saferedirecturl=3D"https://www.google.com/url?hl=3Den&q=3Dhttps://g=
ithub.com/bitcoin/bips/pull/1670&source=3Dgmail&ust=3D1734140250359=
000&usg=3DAOvVaw3_2CRv-71JyCxYdtz7ZgYM">https://github.com/bitcoin/bips=
/pull/1670</a>?=C2=A0 It may be good to review each other (and possibly col=
laborate).<br></div><div><br></div><div>Discussions/references to that draf=
t:<br></div><span><span><span><span><span><span>*<span> </span><a href=3D"h=
ttps://groups.google.com/g/bitcoindev/c/Aee8xKuIC2s/m/cu6xej1mBQAJ" rel=3D"=
noreferrer noopener nofollow" target=3D"_blank" data-saferedirecturl=3D"htt=
ps://www.google.com/url?hl=3Den&q=3Dhttps://groups.google.com/g/bitcoin=
dev/c/Aee8xKuIC2s/m/cu6xej1mBQAJ&source=3Dgmail&ust=3D1734140250359=
000&usg=3DAOvVaw3tpaxxiAjfo9Mv0-T2rYtB">https://groups.google.<span>com=
</span>/<span>g</span>/<span>bitcoindev</span>/<span>c</span>/<span>Aee8xKu=
IC2s</span>/m/cu6xej1mBQAJ</a> <span>(Mailing list discussion</span>)</span=
></span></span></span></span></span><span><span><span><span><br> <span><=
span>*<span> </span><a href=3D"https://delvingbitcoin.org/t/proposing-a-p2q=
rh-bip-towards-a-quantum-resistant-soft-fork/956?u=3Dcryptoquick" rel=3D"no=
referrer noopener nofollow" target=3D"_blank" data-saferedirecturl=3D"https=
://www.google.com/url?hl=3Den&q=3Dhttps://delvingbitcoin.org/t/proposin=
g-a-p2qrh-bip-towards-a-quantum-resistant-soft-fork/956?u%3Dcryptoquick&=
;source=3Dgmail&ust=3D1734140250359000&usg=3DAOvVaw3gDg-XCNQu6Doiy1=
mqvZuC">https://delvingbitcoin.org/t/<span>proposing</span>-a-<span>p2qrh</=
span>-<span>bip</span>-<span>towards</span>-<span>a</span>-<span>quantum</s=
pan>-<span>resistant</span>-soft-fork/956?u=3Dcryptoquick</a> <span>(Delvin=
g Bitcoin discussion</span></span></span></span></span></span></span>)<span=
><span><span><span><br></span></span></span></span><div><span><span><span><=
span> <span><span>* <a href=3D"https://bitcoinops.org/en/newsletters/202=
4/06/14/" rel=3D"noreferrer noopener nofollow" target=3D"_blank" data-safer=
edirecturl=3D"https://www.google.com/url?hl=3Den&q=3Dhttps://bitcoinops=
.org/en/newsletters/2024/06/14/&source=3Dgmail&ust=3D17341402503590=
00&usg=3DAOvVaw1lWrYAu4aJAa4XqbM4XgWA">https://bitcoinops.org/en/<span>=
newsletters</span>/2024/06/14/</a> <span>(Bitcoin Optech newsletter</span>)=
</span></span></span></span></span></span></div><div><span><span>*<span> </=
span><a href=3D"https://bitcoinops.org/en/podcast/2024/06/18/#draft-bip-for=
-quantum-safe-address-format" rel=3D"noreferrer noopener nofollow" target=
=3D"_blank" data-saferedirecturl=3D"https://www.google.com/url?hl=3Den&=
q=3Dhttps://bitcoinops.org/en/podcast/2024/06/18/%23draft-bip-for-quantum-s=
afe-address-format&source=3Dgmail&ust=3D1734140250359000&usg=3D=
AOvVaw3LX-gMI3tt73Fh5_D6Aqo3">https://bitcoinops.org/en/<span>podcast</span=
>/2024/06/18/#draft-bip-for-quantum-safe-address-<span>format</span></a> <s=
pan>(Bitcoin Optech discussion transcript</span>)</span></span></div><br><d=
iv>Best regards,</div><div>Jon<br></div><br><div><div dir=3D"auto">On Thurs=
day, October 17, 2024 at 5:06:34=E2=80=AFPM UTC-6 Agustin Cruz wrote:<br></=
div><blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb=
(204,204,204);padding-left:1ex"><div dir=3D"ltr">Dear Bitcoin Developers,=
=C2=A0<div>I would like to propose a Bitcoin Improvement Proposal (BIP) tha=
t aims to introduce quantum-resistant cryptography to the Bitcoin protocol.=
With the rapid advancement in quantum computing, this proposal outlines th=
e integration of post-quantum cryptographic algorithms (SPHINCS+ and Dilith=
ium) to safeguard Bitcoin=E2=80=99s long-term security.</div><div>=C2=A0</d=
iv><div>The key points of the proposal are:=C2=A0</div><div>- Introduction =
of quantum-resistant signature algorithms (SPHINCS+ and Dilithium).=C2=A0</=
div><div>- New Bech32-based address formats for quantum-resistant addresses=
.=C2=A0</div><div>- Modifications to transaction structures and script opco=
des to support larger signature sizes.=C2=A0</div><div>- A transition mecha=
nism through a soft fork to ensure backward compatibility with existing Bit=
coin addresses and transactions.=C2=A0</div><div><br></div><div>The full BI=
P draft is available here=C2=A0<a href=3D"https://github.com/chucrut/bips/b=
lob/master/bip-xxxx.md" rel=3D"nofollow" target=3D"_blank" data-saferedirec=
turl=3D"https://www.google.com/url?hl=3Den&q=3Dhttps://github.com/chucr=
ut/bips/blob/master/bip-xxxx.md&source=3Dgmail&ust=3D17341402503590=
00&usg=3DAOvVaw0cFm_rN4Fp9q2DVKTpucMX">https://github.com/chucrut/bips/=
blob/master/bip-xxxx.md</a>=C2=A0for your review and feedback. I look forwa=
rd to the community's input and am open to suggestions on how to improv=
e the proposal.=C2=A0</div><div><br></div><div>Best regards,<br></div><div>=
Agust=C3=ADn Cruz</div></div>
</blockquote></div></blockquote></div>
<p></p>
-- <br />
You received this message because you are subscribed to the Google Groups &=
quot;Bitcoin Development Mailing List" group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:bitcoindev+unsubscribe@googlegroups.com">bitcoind=
ev+unsubscribe@googlegroups.com</a>.<br />
To view this discussion visit <a href=3D"https://groups.google.com/d/msgid/=
bitcoindev/d142e67b-a0b1-49a0-9593-82053d55e3a5n%40googlegroups.com?utm_med=
ium=3Demail&utm_source=3Dfooter">https://groups.google.com/d/msgid/bitcoind=
ev/d142e67b-a0b1-49a0-9593-82053d55e3a5n%40googlegroups.com</a>.<br />
------=_Part_63251_1681148483.1734055648353--
------=_Part_63250_427599127.1734055648353--
|