pull down to refresh
I see. So it's more a function of how frequently you are using keys or children of the keys to sign and posting those signatures publicly (say, on a blockchain) than it has to do with the algorithm itself being cracked.
If that's the case, this is not something that gets talked about in bitcoin very often.
Yes, but as the risk of lost keys is definitely the highest risk, you want to have a process for this that you exercise. Not something that after 20 years you find out doesn't work (or got flooded, lost in a fire, stolen, otherwise destroyed) and it was your last copy on a piece of paper... I'm saying this from first hand experience. Rolling over (or at least rolling forward) is a good practice and if you do it on your hot wallet you'll be more comfortable and have less immediate risk.
I'd say the risk of, without any other error, someone attacking your key through magic quantum computers in a cluster the size of Jupiter is a lot smaller than you losing your keys. The chance that your wallet implementation is bad, is much larger. The chance that your metal seed vault thing gets stolen, is larger.
And the impact, on a personal level, for all these is exactly the same: you lost your coin.
I'd base it off of transaction frequency. For my hot wallet I do it 1-2 years. For cold, I'd say 5-7 years assuming it's truly cold and you don't spend from it, or at least no more than once/twice a year. I personally never made it to 5 years till now though, but if I'd make it that far, I'd probably force myself to do that.
You anyway need to ensure sometimes that your recovery process still works; you're not doing the ecdsa in your head so you need hardware, software, a chain.. all that (or if you actually can do it in your head, why are you posting on SN and not in some basement decrypting shit for a 3LA)