Re: [bitcoindev] Proposal for Quantum-Resistant Address Migration Protocol (QRAMP) BIP

[Agustin Cruz <agustin.cruz@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 6412 bytes --]

Hi Dustin:

I understand that the proposal is an extraordinary ask—it would indeed void
a non-trivial part of the coin supply if users do not migrate in time, and
under normal circumstances, many would argue that unused P2PKH funds are
safe from a quantum adversary. However, the intent here is to be proactive
rather than reactive.

The concern isn’t solely about funds in active wallets. Consider that if we
don’t implement a proactive migration, any Bitcoin in lost
wallets—including, hypothetically, Satoshi’s if he is not alive—will remain
vulnerable. In the event of a quantum breakthrough, those coins could be
hacked and put back into circulation. Such an outcome would not only
disrupt the balance of supply but could also undermine the trust and
security that Bitcoin has built over decades. In short, the consequences of
a reactive measure in a quantum emergency could be far more catastrophic.

While I agree that a forced migration during an active quantum attack
scenario might be more acceptable (since funds would likely be considered
lost anyway), waiting until such an emergency arises leaves us with little
margin for error. By enforcing a migration now, we create a window for the
entire community to transition safely—assuming we set the deadline
generously and provide ample notifications, auto-migration tools, and, if
necessary, emergency extensions.

El mar, 11 de feb de 2025, 9:48 p. m., Dustin Ray <
dustinvonsandwich@gmail.com> escribió:

> I think youre going to have a tough time getting consensus on this
> proposal. It is an extraordinary ask of the community to instill a
> change that will essentially void out a non-trivial part of the coin
> supply, especially when funds behind unused P2PKH addresses are at
> this point considered safe from a quantum adversary.
>
> In my opinion, where parts of this proposal make sense is in a quantum
> emergency in which an adversary is actively extracting private keys
> from known public keys and a transition must be made quickly and
> decisively. In that case, we might as well consider funds to be lost
> anyways. In any other scenario prior to this hypothetical emergency
> however, I have serious doubts that the community is going to consent
> to this proposal as it stands.
>
> On Tue, Feb 11, 2025 at 4:37 PM Agustin Cruz <agustin.cruz@gmail.com>
> wrote:
> >
> > Hi Dustin
> >
> > To clarify, the intent behind making legacy funds unspendable after a
> certain block height is indeed a hard security measure—designed to mitigate
> the potentially catastrophic risk posed by quantum attacks on ECDSA. The
> idea is to force a proactive migration of funds to quantum-resistant
> addresses before quantum computers become capable of compromising the
> current cryptography.
> >
> > The migration window is intended to be sufficiently long (determined by
> both block height and community input) to provide ample time for users and
> service providers to transition.
> >
> >
> > El mar, 11 de feb de 2025, 9:15 p. m., Dustin Ray <
> dustinvonsandwich@gmail.com> escribió:
> >>
> >> Right off the bat I notice you are proposing that legacy funds become
> unspendable after a certain block height which immediately raises serious
> problems. A migration to quantum hard addresses in this manner would cause
> serious financial damage to anyone holding legacy funds, if I understand
> your proposal correctly.
> >>
> >> On Tue, Feb 11, 2025 at 4:10 PM Agustin Cruz <agustin.cruz@gmail.com>
> wrote:
> >>>
> >>> Dear Bitcoin Developers,
> >>>
> >>> I am writing to share my proposal for a new Bitcoin Improvement
> Proposal (BIP) titled Quantum-Resistant Address Migration Protocol (QRAMP).
> The goal of this proposal is to safeguard Bitcoin against potential future
> quantum attacks by enforcing a mandatory migration period for funds held in
> legacy Bitcoin addresses (secured by ECDSA) to quantum-resistant addresses.
> >>>
> >>> The proposal outlines:
> >>>
> >>> Reducing Vulnerabilities: Transitioning funds to quantum-resistant
> schemes preemptively to eliminate the risk posed by quantum attacks on
> exposed public keys.
> >>> Enforcing Timelines: A hard migration deadline that forces timely
> action, rather than relying on a gradual, voluntary migration that might
> leave many users at risk.
> >>> Balancing Risks: Weighing the non-trivial risk of funds being
> permanently locked against the potential catastrophic impact of a quantum
> attack on Bitcoin’s security.
> >>>
> >>> Additionally, the proposal addresses common criticisms such as the
> risk of permanent fund loss, uncertain quantum timelines, and the potential
> for chain splits. It also details backwards compatibility measures,
> comprehensive security considerations, an extensive suite of test cases,
> and a reference implementation plan that includes script interpreter
> changes, wallet software updates, and network monitoring tools.
> >>>
> >>> For your convenience, I have published the full proposal on my GitHub
> repository. You can review it at the following link:
> >>>
> >>> Quantum-Resistant Address Migration Protocol (QRAMP) Proposal on GitHub
> >>>
> >>> I welcome your feedback and suggestions and look forward to engaging
> in a constructive discussion on how best to enhance the security and
> resilience of the Bitcoin network in the quantum computing era.
> >>>
> >>> Thank you for your time and consideration.
> >>>
> >>> Best regards,
> >>>
> >>> Agustin Cruz
> >>>
> >>> --
> >>> You received this message because you are subscribed to the Google
> Groups "Bitcoin Development Mailing List" group.
> >>> To unsubscribe from this group and stop receiving emails from it, send
> an email to bitcoindev+unsubscribe@googlegroups.com.
> >>> To view this discussion visit
> https://groups.google.com/d/msgid/bitcoindev/08a544fa-a29b-45c2-8303-8c5bde8598e7n%40googlegroups.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/CAJDmzYzUAzoCj3da-3M_ast0_%2BQxf3_J1OXWf88B2D-R70pPrg%40mail.gmail.com.

[-- Attachment #2: Type: text/html, Size: 7849 bytes --]