Bitcoin’s quantum computing-related security concerns continue, especially over millions of coins sitting dormant in old wallets. The biggest risk here involves 1.1 million Bitcoins, which are known to be under the control of Satoshi Nakamoto and are currently worth approximately $84 billion. If sufficiently powerful quantum computers are developed, it may be possible to access and transfer the keys of balances in old addresses, especially these coins.
Software update recommendations and BIP-361 discussion
The most basic method recommended against this threat is to implement a soft fork in the network and not allow transfers from these old address types. Thus, all old balances may need to be moved to new quantum-resistant wallets. In April, Jameson Lopp, one of the leading Bitcoin developers, and a team of five people proposed to evolve these risky addresses within five years and freeze the unmoved coins with the solution they prepared under the name BIP-361.
However, since this proposal also includes addresses that have not been processed for a long time and whose owners are unknown, it causes a new impasse, such as names such as Satoshi Nakamoto or other former owners having to clarify the issue to the public.
According to the assessment of Dan Robinson from investment company Paradigm, current solution proposals either undermine security against quantum attack or the property rights of dormant address owners.
PACTs: Proving ownership without spending
In response to this challenge, Dan Robinson from the Paradigm team introduced the idea of Provable Address-Control Timestamps (PACTs). PACTs do not actually require moving coins; Instead, the user can cryptographically prove with a timestamp that he/she owns the address on a specific date. This determination can be made without requiring any expenditure and without leaking information to the community.
A secret salt (random data) is generated in the process. Proof of ownership is created with the BIP-322 standard, which is used to sign messages from the BTC address and can be used without spending coins. The pure and the proof are combined and recorded in the timestamp field as a batch transaction on the blockchain; The OpenTimestamps service used in this process can be used free of charge on Bitcoin. The relevant pure and proof files remain confidential.
This mechanism also allows deploying a STARK-based proof process that can be used as a recovery path if the Bitcoin network freezes old addresses in the future, similar to BIP-361. STARK stands out as a zero-knowledge proof protocol that is also considered secure against quantum attacks.
BIP-32 and technical deficiencies
This new approach allows the recovery of deterministic wallets created with the BIP-32 standard, which came into effect in 2012. However, since many of Satoshi Nakamoto’s addresses predate this standard, they may not be completely valid for existing addresses. According to Robinson’s warning about PACTs, a new soft fork and extensive community approval are required for Bitcoin to support STARK verification. Moreover, since the current infrastructure is not sufficient, serious infrastructure renewal will be required in items such as multi-signature, complex smart contracts and hardware wallet support.
Another critical point is; This protocol can only be activated if Satoshi himself or the current owner of the keys takes the necessary action. If Satoshi has completely disappeared and no one has the keys, all that remains is the possibility that the old coins will either be frozen by the community or destroyed by a potential quantum attack.
Finally, it is emphasized that with PACTs, developers have introduced a new alternative to the current frozen address discussion, but the question of whether Satoshi will use this method remains unclear.
