Bitcoin was originally founded on the idea that no one can access your coins without your private key—this means not governments, not banks, and certainly not anyone else. However, this assurance is now facing scrutiny from within the developer community. They’re considering measures to protect against the threat posed by future quantum computers, which could potentially undermine the security of Bitcoin’s blockchain and enable theft of coins for the first time in its 16-year existence.
Suggestion
Jameson Loop, a prominent Bitcoin advocate, along with other cryptographers, has suggested that this could necessitate Bitcoin holders to shift their coins to new, quantum-proof addresses. Otherwise, they risk having their coins permanently locked by the network. In this scenario, while holders would still “own” the coins, they’d be unable to access or move them.
This initiative is outlined in a Bitcoin Improvement Proposal (BIP) called BIP-361, titled “Post-Quantum Transition and the Sunset of Legacy Signatures.” It was updated on Tuesday in the official repository for Bitcoin proposals.
These discussions have been sparked by a recent Google report cautioning that a sufficiently advanced quantum computer might pose a greater risk to Bitcoin’s blockchain than previously thought. Some experts are now suggesting that 2029 could mark a critical timeline for Bitcoin in dealing with quantum threats.
To grasp the reasoning behind potentially freezing coins, it’s essential to understand the protections in place. All Bitcoin wallets utilize a security method known as ECDSA (Elliptic Curve Digital Signature Algorithm). Imagine this as a key to your digital wallet. When a wallet is created, two keys are generated: a private key, which acts as a unique password verifying ownership, and a public key, derived from the private key, which facilitates fund reception and transaction verification while keeping the private key secret.
However, there’s a catch—the public key, once you send funds, becomes visible on the blockchain indefinitely. If a quantum computer were to be unleashed, it could potentially reverse-engineer private keys from public ones, leading to the theft of funds.
According to Google’s findings, as of March, around 6.7 million BTC were stored in addresses deemed vulnerable.
BIP-361 builds on a prior proposal, BIP-360, which suggested a soft fork that led to a new transaction type named Pay-to-Merkle-root (P2MR). This concept builds on Bitcoin’s Taproot framework but discards the key-based spending paths seen as risky in a quantum-focused future.
Three Phases
The BIP-361 proposal involves a three-phase transition. Phase A is set to begin three years following any potential activation, prohibiting new Bitcoins from being sent to older, quantum-vulnerable addresses. Although payments can still be made from these addresses, they would no longer be able to receive new funds.
Phase B will commence five years post-activation, completely disabling the old-style signatures (ECDSA and Schnorr). Attempts to spend from quantum-vulnerable wallets will be blocked by the network, effectively freezing those coins.
Finally, Phase C, which is still under exploration, proposes a solution that could allow owners of frozen wallets to demonstrate ownership via zero-knowledge proofs—this may facilitate the recovery of coins frozen in Phase B.
Community Backlash
The concept of freezing coins as a protection against quantum threats sharply contrasts with one of Bitcoin’s foundational principles: the sovereign, unimpeded control of assets.
Bitcoin was designed so that holders of private keys retain complete control over their coins, without exception. Introducing measures that allow for the freezing of coins, even under extraordinary circumstances like quantum attacks, undermines this core principle.
As a result, the community has expressed dissatisfaction with the proposal. One user remarked that “This quantum proposal is very authoritarian and confiscatory,” emphasizing that any upgrades should be entirely voluntary.
Another voice in the community highlighted the appearance of central planning and compelled actions in this proposal.
On the flip side, developers argue this is merely a precautionary tactic. They contend, “This is not an offensive attack but a defensive one. Our viewpoint is that the Bitcoin ecosystem aims to protect itself and its value from malicious actors seeking to undermine both trust and financial stability.”
