/biz/ - Business & Finance

>>25060822
Also, you need to realize that hash algorithms (separate from the sig algorithm) are NOT based on the Discrete Logarithm Problem. They're not based on factorization. Meaning they are not susceptible to quantum computing in the same way, it is NOT trivial to develop a quantum algorithm for such functions. https://en.wikipedia.org/wiki/Discrete_logarithm

Why is that important? Because the Bitcoin protocol does not even broadcast the public key at ALL, until you actually spend from an address. It broadcasts a double-hashed version instead. This serves as protection even IF the digital signature algorithm WAS attacked by a quantum computer (again, which wouldn't happen for long time since the comps aren't anywhere near 1000s of err-corrected qubits, and plus everyone will migrate to quantum-resistant algos anyway lol).

This means that someone would have to compromise the digital signature IN THE INCREDIBLY SHORT TIME WINDOW between the time that you transmit the transaction to the network and the time it gets confirmed, AND THEN it would have to create a new transaction to attempt to double-spend and transmit THAT to the network. But the Bitcoin protocol always works upon longest-chain, so by the time the attacker even did that it's far too late, miners/nodes will have already confirmed and forwarded the information, the correct block will have already been created. And again that's all assuming the quantum attack approach is even valid in the first place.

To put it simply the world is NOWHERE NEAR the technology needed to attack classical digital signature algorithms like ECDSA, and even if that happens, the entire world (not just crypto) will have long-since migrated to newer and better quantum-resistant algorithms. And EVEN IF THEY DIDN'T migrate, the premise of an attack is STILL bogus because of the double-hashed public key, the longest-chain protocol rule, and the prohibitively small time window required for a double spend.

2/3