reply on: Quantum vs Bitcoin: A Visual Breakdown \ stacker news ~bitcoin

pull down to refresh

408 sats \ 2 replies \ @Filiprogrammer 2 Jun \ on: Quantum vs Bitcoin: A Visual Breakdown bitcoin

Sigh, quantum fearmongering again.

Bitcoin uses elliptic curve cryptography (ECC).

Private key k, public key P = k*G.

Yeah, Elliptic Curve Digital Signature Algorithm (ECDSA) to be more specific.

When you spend, your public key is revealed.

That is the case for P2PKH, P2SH, P2WPKH and P2WSH. P2TR outputs (bc1p...) themselves are already the public key, so for those addresses it does not matter whether you spend or not.

Experts give a 50% chance we’ll see quantum computers that can break ECC by 2030–2035.

Highly doubt it. Right now there is no quantum computer in existence that can even run Shor's algorithm.

0 sats \ 1 reply \ @anon 3 Jun

I think that's kind of the point for P2TR. Those addresses are far more vulnerable than the hash and script based ones you mention.

0 sats \ 0 replies \ @Filiprogrammer 3 Jun

Those addresses are far more vulnerable than the hash and script based ones you mention.

Under the assumption that quantum computers can ever derive the private key from the public key.

On the other hand one could also argue that P2TR is more resistant to brute-force attacks than the hash-based addresses. The hashing algorithm used in P2PKH, P2WPKH... is RIPEMD160, which produces a 160 bit long hash. In principle, that means many different 256 bit private keys map to the same 160 bit hash (and therefore the same address). But a Taproot address consists of a 256 bit long compressed public key. That's much harder to brute-force.