
Ask HN: If Quantum computing wins, Blockchain then dies, right? - somid3
Given today&#x27;s news of IBM&#x27;s quantum chip and the myriad of other quantum-related news out there, it seems all Blockchain technologies will be susceptible to be hacks and will inevitably fail -- correct?
======
api
Not necessarily, but the signature algorithm would have to change.

Block chain itself is based on hashes, which are already quantum hard. QC will
not break SHA256. However addresses are based on ECC crypto, which would no
longer be secure. These would have to be replaced by another scheme like
supersingular isogeny ECC or lattice based crypto. Old BTC addresses would
need to have their coins moved out of them to new addresses or those coins
could be stolen by anyone with a sufficiently advanced QC.

There's a lot of post-quantum crypto research underway.

Interestingly this would permit the recovery of "lost" coins, bringing more
BTC into circulation. Any coins that weren't moved -- meaning nobody cared
about them or wallet keys had been lost -- would get recovered and returned to
circulation.

What I consider much more intriguing is how the NSA is apparently hoovering
monstrous amounts of Internet data and storing it on disks. Much of that data
is encrypted, but once QC becomes available they will be able to go back and
decrypt almost all of _today 's_ Internet traffic. That will be...
interesting. It would be kind of like a crypto "jubilee" in which all
yesterday's secrets become known.

~~~
somid3
Ok and this transition will take YEARS, while a hack will only take one night.

~~~
api
QCs won't appear overnight. We will see someone demonstrate a small-scale QC
that is too small to usefully break real world crypto. As soon as that
happens, there will be a rush to migrate everything to post-quantum crypto.
Anyone not doing this with their coins as soon as they can is a fool.

It's possible that bigger QCs will appear in the "black" world before they are
publicly known, but in that case they're not likely to be used to steal
bitcoin since doing so would indirectly reveal their existence. If too many
BTC wallets get silently snarfed, people will suspect a break. Anyone with
such a QC would be better off sitting and passively monitoring for as long as
they can.

------
max_
Ethereum has this planned for lamport signatures in Serenity.

[https://blog.ethereum.org/2015/12/24/understanding-
serenity-...](https://blog.ethereum.org/2015/12/24/understanding-serenity-
part-i-abstraction/)

There is also a new project called the Quantum Resistant Ledger.
[https://github.com/theQRL/qrl](https://github.com/theQRL/qrl)

------
somid3
My general rationale is that if DOA failed because of a single hack, then
although its expensive today to run an experiment on a quantum device, it's
still worth the millions that can be harvested. So accessibility is not a
barrier. Likewise, if this event were to take place, it would be a winner take
all scenario. All hacks will occur overnight in one go, since there is no
reason to leave money on the table.

So if the potential is there, and the science is there, I feel all blockchain
technologies are at risk.

------
samlewis
If you don't reuse Bitcoin addresses, then your Bitcoin will be safe. Bitcoin
public keys aren't revealed until they're used to sign a transaction. An
address is the SHA256 hash of the public key and SHA256 is quantum safe.

That said, the method of transaction signing would need to be reworked to be
quantum safe. But not all Bitcoin would be able to be disappeared overnight.

------
ghazak
Not necessarily - the software could be upgraded to take the existing chain,
and upgrade it to a quantum resistant hash prior to any damage being done.

~~~
somid3
Yes, but then non-quantum devices will take forever to execute a trade.

~~~
lbradstreet
If that's true, third party middlemen with quantum devices could work around
this until it becomes more mainstream. At least it would allow it to not
wither on the vine until everything is restructured. It's not really obvious
what would happen in any case, but humanity has a way of papering over things.

~~~
somid3
Ok. I just wouldn't want to bear that risk and have a dime on any public-
digitally-signed protocol. Let alone my savings.

~~~
jotux
If quantum chips work out then a ton of existing financial infrastructure
using non-quantum-resilient security will also fail.

------
somid3
By 2025 I will show this thread to all my friends who lost their savings as a
time stamped proof that I saw the acopalypse that was headed their way.

~~~
lawrenceyan
I mean, sure cryptocurrencies would be total foobar, but so would basically
every financial institution and bank in the world too. And this is assuming
that neither preemptively secure there systems for post-quantum.

~~~
bbcbasic
With Bitcoin you need to transition and get consensus. A bank can just upgrade
their systems.

