Greg Maxwell, a prominent developer of Bitcoin Core and co-founder of Blockstream, published an analysis of the post-quantum debate in Bitcoin on the Hacker News forum yesterday, April 6th, which goes against the tone of urgency proclaimed by companies and some in the Bitcoiner community.
In publications, Maxwell addressed three situations.: Adding post-quantum signatures to Bitcoin is technically easy. There is active development of protocols tailored to specific needs. And some of the panic at the developer’s apparent inaction stems from fraudulent schemes exploiting the issue to attract investment.
Regarding this last point, Maxwell said that some of the complaints about Bitcoin developers’ inaction are due to “A massive fraud scheme is underway”and mentioned at least two different plans using “nearly identical scripts.” In other words, people seeking investment with the promise of building quantum computers to steal Bitcoin.
One of them “is suspected of collecting close to a significant portion of $1 billion from victims,” Maxwell said.
“For every victim you convince to hand over money, you’re probably going to panic another 99 people,” Maxwell said, explaining the side effect such schemes have on public discourse.
Wrong trade-offs of current standards
“Adding new signature schemes to Bitcoin is relatively easy and has been done before,” Maxwell wrote, noting that Bitcoin already supports both ECDSA scheme signatures and Schnorr signatures, which will be included in Taproot in 2021.
According to his analysis, the real problem is not the technical ability to incorporate new schemes; Find one with the right features for your protocol.
Maxwell’s central technical argument is that post-quantum standards approved by the National Institute of Standards and Technology (NIST), such as SLH-DSA and ML-DSA, are optimized for common use cases. Large yet durable signature that stands up to many useswith quick signature.
Bitcoiner developers have revealed that these features are suitable for protecting internet traffic and corporate systems.
Bitcoin requires the opposite. «Signature and key size are importantthe key needs to be more of a one-time use, and the signature time is irrelevant,” Maxwell said.
In Bitcoin, each byte of a signature occupies space within a block of fixed size, which directly leads to fewer transactions per block, higher fees, and increased storage requirements for nodes.
Apply NIST standards directly to Bitcoin without any adjustments Can severely impact network performanceThis is consistent with post-quantum tests conducted on Solana, which led to a 90% speed reduction, as reported by CriptoNoticias.
Developments that Maxwell cited as evidence
To support his claim that there is a lot of activity aligned with Bitcoin, Maxwell explicitly cited SHRIMPS, a post-quantum signature scheme based on hash functions.
CriptoNoticias reports that SHRIMPS was developed by Blockstream Research, the company’s research arm co-founded by Adam Back, and generates signatures of approximately 2,564 bytes. This is three times more compact than the NIST SLH-DSA standard, which produces a 7,872-byte signature. Currently, Bitcoin ECDSA signatures weigh between 70 and 72 bytes.
“I think progress is pretty reasonable,” Maxwell wrote, referring to the general state of post-quantum development aligned with Bitcoin.
other voices in the discussion
One of those who recently weighed in on when Q-Day will come was Samson Mo, who put Bitcoin’s quantum risk at a 10-20 year horizon and warned against a hasty transition. New vulnerabilities may emergeincluding the possibility back door with a random number generator.
A recent report from Blockstream co-founder Adam Back and ARK Invest aligns with the deadline laid out by Mow. Buck also disputed Nick Carter’s claims that he was doing nothing about quantum, pointing out that his company has 20 people working full-time on the problem.
On the other end of the debate, Vitalik Buterin estimated the threat could materialize in 2028, while Grayscale supported Google’s call for urgency, warning that the biggest hurdle to Bitcoin transition is governance, not technology.
Mr. Maxwell’s comments are consistent with Mr. Buck and Mr. Moe’s position on deadlines, and add a distinction between the actual technical work being done and the noise generated by parties with interests outside the protocol.
The debate over when and how to protect Bitcoin from quantum threats continues without a unified answer. What Maxwell’s comments make clear is that there are at least two distinct layers to this argument. One is the technological layer, where slow but concrete progress is being made, and the other is the political layer, where external noise complicates the signals.
(Tag Translation)Bitcoin (BTC)
