public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Gregory Maxwell <greg@xiph.org>
To: Anthony Towns <aj@erisian.com.au>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Taproot: Privacy preserving switchable scripting
Date: Tue, 23 Jan 2018 22:45:06 +0000	[thread overview]
Message-ID: <CAAS2fgTNcCB2mfvCBhC_AhgxX=g8feYguGHN_VPWW0EoOOxMyA@mail.gmail.com> (raw)
In-Reply-To: <20180123222229.GA3801@erisian.com.au>

On Tue, Jan 23, 2018 at 10:22 PM, Anthony Towns <aj@erisian.com.au> wrote:
> Hmm, at least people can choose not to reuse addresses currently --
> if everyone were using taproot and that didn't involve hashing the key,

Can you show me a model of quantum computation that is conjectured to
be able to solve the discrete log problem but which would take longer
than fractions of a second to do so? Quantum computation has to occur
within the coherence lifetime of the system.

> way for individuals to hedge against quantum attacks in case they're ever feasible, at least that I can see (well, without moving their funds out of bitcoin anyway)?

By using scriptpubkeys with actual security against quantum computers
instead of snake-oil.

> (It seems like using the point at infinity wouldn't work because

Indeed, that doesn't work.

> that when quantum attacks start approaching feasibility. If funds are
> being held in reused addresses over the long term, that would be more

They are. But I don't believe that is relevant; the attacker would
simply steal the coins on spend.


  reply	other threads:[~2018-01-23 22:45 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-01-23  0:30 [bitcoin-dev] Taproot: Privacy preserving switchable scripting Gregory Maxwell
2018-01-23  1:55 ` Chris Belcher
2018-01-23  2:51 ` Matt Corallo
2018-01-23 14:39   ` Mark Friedenbach
2018-01-23 21:23     ` Matt Corallo
2018-01-23 21:38       ` Gregory Maxwell
2018-01-23  6:44 ` Anthony Towns
2018-01-23 13:15   ` Gregory Maxwell
2018-01-23 22:22     ` Anthony Towns
2018-01-23 22:45       ` Gregory Maxwell [this message]
2018-01-24  1:52         ` Andrew Poelstra
2018-01-24  9:28           ` Tim Ruffing
2018-01-24 12:51         ` Natanael
2018-01-24 15:38           ` Tim Ruffing
2018-01-24 18:51             ` Natanael
2018-01-24 23:22               ` Tim Ruffing
2018-01-25  0:09                 ` Natanael
2018-01-26 13:14                   ` [bitcoin-dev] Recovery of old UTXOs in a post-quantum world Tim Ruffing
2018-01-27 17:07   ` [bitcoin-dev] Taproot: Privacy preserving switchable scripting Russell O'Connor
2018-01-27 17:23     ` Matt Corallo
2018-01-23 15:43 ` Greg Sanders
2018-01-26 21:34 ` Gregory Maxwell
2018-07-13  1:51   ` [bitcoin-dev] Generalised taproot Anthony Towns
2018-10-24  2:22     ` Pieter Wuille
2018-02-05  9:27 ` [bitcoin-dev] Taproot: Privacy preserving switchable scripting ZmnSCPxj

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAAS2fgTNcCB2mfvCBhC_AhgxX=g8feYguGHN_VPWW0EoOOxMyA@mail.gmail.com' \
    --to=greg@xiph.org \
    --cc=aj@erisian.com.au \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox