Simply put
- Naoris Protocol has introduced a blockchain that utilizes post-quantum cryptography approved by NIST.
- Experts caution that quantum computers may eventually compromise the signature systems securing Bitcoin and Ethereum wallets.
- Updating existing blockchains might necessitate extensive changes to wallets, tools, and nodes.
The much-anticipated “quantum apocalypse,” or “Q-Day” — the moment when quantum computers could undermine modern cryptography — has shifted from abstract talk to an urgent concern for the blockchain sector. But now, we’re seeing blockchain networks emerge that claim to be gearing up for this eventuality.
Recently, Naoris Protocol launched its mainnet, stating that their network is developed from scratch using post-quantum cryptography and algorithms sanctioned by the National Institute of Standards and Technology.
This initiative is part of an increasing movement to understand and enhance how blockchains would function if quantum computers were to break the cryptographic systems currently in use.
Notably, major blockchains like Bitcoin and Ethereum depend on public key signatures, such as the Elliptic Curve Digital Signature Algorithm (ECDSA), which are secure against classical computers. However, researchers warn that a sufficiently advanced quantum computer could leverage Shor’s algorithm to breach these defenses, enabling attackers to derive private keys from public ones and seize control of wallets.
Nathaniel Sherezra, the chief growth officer at Naoris Protocol, mentioned that their project deliberately opted for the finalized federal standard instead of earlier versions of the algorithm.
“A lot of blockchain projects playing with post-quantum signatures tend to mix up ‘dilithium’ and ‘ML-DSA’ as if they’re the same,” Sherezra noted. “Naoris draws strict distinctions between them.”
ML-DSA is a standardized version of the CRYSTALS-Dilithium algorithm that NIST has approved as a part of post-quantum cryptography. According to Sherezra, CRYSTALS-Dilithium and ML-DSA-87 aren’t separate entities; ML-DSA is simply the official variant of CRYSTALS-Dilithium, set to be published as FIPS 204 in August 2024.
Naoris’ announcement arrives at a pivotal moment, as blockchain developers deliberate over how to transition to cryptography resilient against quantum attacks. Migrating poses challenges, as significant protocol adjustments are needed. Back in February, Ethereum co-founder Vitalik Buterin outlined intentions to substitute several cryptographic elements within the protocol, including BLS and ECDSA signatures, with options designed to withstand quantum threats.
Similarly, Bitcoin developers are examining proposals like BIP 360, which aims to limit public key exposure by creating a new output type called Pay-to-Merkle-Root. This design eliminates a feature known as keypass disbursement that exposes public keys during transactions, laying the groundwork for future integration of post-quantum signature schemes.
Given that blockchain transaction histories are public, the cryptographic signatures associated with those transactions are also permanently visible. Therefore, when quantum computers achieve the needed advancement, attackers may exploit historical transaction data to recover private keys based on these exposed signatures.
Sherezra indicated that Naoris seeks to mitigate this risk by compelling accounts to move away from classical signatures once they adapt post-quantum keys.
“Once an account commits to PQC, the transition becomes definitive and irreversible,” he explained. “The transaction processor monitors all incoming transactions. If a sender’s address has a PQC binding, the transaction must include a valid ML-DSA internal signature.”
He also mentioned that ECDSA-only transactions from these bound accounts would be rejected, accompanied by a specific error advising users that a PQC signature is required.
With increasing engagement in the project, Naoris currently operates with a limited number of validator operators. Before its mainnet launch, Naoris reported that its test network handled over 106 million post-quantum transactions and identified more than 603 million security threats. Notably, these figures have not been independently verified.
Sherezra clarified that Naoris cannot retroactively shield assets already secured on traditional blockchains; therefore, protection necessitates users transferring their assets to the Naoris network.
“Assets transferred to Naoris will achieve quantum security, but those remaining on classical chains will remain exposed,” he stated. “The quicker users migrate, the shorter their exposure window will be.”
