š§ Long-Range vs Short-Range Quantum Attacks on Bitcoinš§ Long-Range vs Short-Range Quantum Attacks on Bitcoin
Quantum computers will change the security assumptions of Bitcoin. But how exactly?
Letās break it down.š
Bitcoin relies on ECC to protect your private keys.
But quantum computers break ECC.
Quantum computers open two attack windows:
- Short-range: pubkey is revealed before confirmation
- Long-range: pubkey was exposed long ago and still sits on-chain
š 1- Short-Range Attacks (a.k.a. Transaction Hijacking)š 1- Short-Range Attacks (a.k.a. Transaction Hijacking)
Letās start with a P2PKH transaction.
It looks secureā¦ until you broadcast it.
š When Does the Public Key Appear?š When Does the Public Key Appear?
In P2PKH, your public key stays hidden until you spend.
The moment you sign a transaction, your pubkey becomes visible.
A Window for AttackA Window for Attack
From that moment, thereās a race:
Can a quantum attacker compute your private key before your transaction gets mined?
ā³ Mempool = Danger Zoneā³ Mempool = Danger Zone
Hereās how it plays out:
- You sign and broadcast your tx
- It enters the mempool
- Miner hasnāt mined it yet
ā Thatās the attack window
Next step: they broadcast a conflicting transaction that spends the same coins.Next step: they broadcast a conflicting transaction that spends the same coins.
Miner Chooses the Higher FeeMiner Chooses the Higher Fee
šµļø 10. Transaction Hijackingšµļø 10. Transaction Hijacking
Also known as a front-running attack.
Itās specific to the time window between broadcast and mining.
š§± 2- Long-Range Attacksš§± 2- Long-Range Attacks
These are scarier.
They target coins that already have public keys exposed ā like old P2PK outputs.
These UTXOs are permanently vulnerable.
A quantum attacker can sweep them at any time.
Once a public key is on-chain, the attacker doesnāt need perfect timing.
They can break it at any moment in the future.
Examples of script types vulnerable to long-range attacks:
- P2PK
- P2MS
- P2TR (script-path)
All reveal the pubkey before spend.
š P2PK Holds 8.68% of All BTCš P2PK Holds 8.68% of All BTC
Thatās ~1.72 million BTC sitting in publicly-exposed outputs.
Mostly Satoshi-era coins.
(Source Chaincode last report on "Bitcoin and Quantum Computing")
Even P2PKH isn't totally safe.
If a user reuses the address, their public key becomes exposed and vulnerable to future long-range attacks.
š Whatās Next?š Whatās Next?
In upcoming posts, weāll cover:
- Bitcoin Mining and Groverās Algorithm
- The āBurn vs Stealā Dilemma
- Post-Quantum Proposals: Lamport, OP_CAT, P2QRH...
Stay tuned.
š Make sure to follow @Bitcoin_Devs
so you donāt miss whatās coming next!
The current state of QC is some researchers with a desk full of fist sized vacuum tubes soldered together by hand telling you that the day is coming when they will be 4nm in size with billions of them on a postage stamp sized wafer.
Perhaps they are in fact right, but we are so far off from that there is no immediate need to do anything.
Quit falling for google/ibm marketing claims, its not intended for you....its aimed at fleecing wall street.
There was even a paper published last year that said that successful use of Shor may require a far lower QC noise floor than previously thought.