jb55's avatar
jb55 _@jb55.com 1 month ago
My argument to him was “if we need most people to switch to taproot to increase anonymity set via keypath spends, won’t the fear of quantum hinder adoption due to taproot being p2pk!?” he said the inflight case of p2pkh is no different, but i disagreed, inflight spends that reveal pubkey would be harder to attack than p2pk taproot just sitting onchain. in the case where satoshis coins are stolen, we could at least recover over time in principle with quantum secure outputs and getting people to move their coins over time. Its cool people are thinking about this more seriously now even though my concerns were dismissed 6 years ago 🥲
↑ Parent

Replies (1)

Dr. Bitcoin, MD's avatar
Dr. Bitcoin, MD drgo@nostrplebs.com 1 month ago
If one assumes the first crqc is really really fast, pw would be right. But it’s probably not going to roll out that way…attacks with large amounts of time will probably be successful years or maybe decades before attacks that can only work over a limited interval.