Loading video...
Video Failed to Load
The quantum-mitigation question on every cryptographer's mind: to use hash-based or Lattice-based signatures in Bitcoin? Hash-based signature schemes—e.g. SHRINCs/SHRIMPS by Blockstream's Jonas Nick—have been called "the conservative choice" by Adam Back while Dan Boneh makes a push for lattice-based signatures. "Hash-based signatures are combinatorial in nature—and that limits a... show more
14,125 views • 20 days ago •via X (Twitter)
0 Comments
No comments available
Comments from the original post will appear here
![BITCOIN RAILS #59: Post-Quantum Bitcoin Signatures (+ their tradeoffs) | with BIP 360 co-author Ethan ✨ is on BlueSky✨ Heilman 🐱 and Blockstream Head of Research Jonas Nick 🔗 YOUTUBE: 🌿 SPOTIFY: According to BIP 360 co-author Ethan Heilman, Bitcoin needs a minimum of two soft forks to become quantum resistant: P2MR (or an output type that can safely execute PQ signatures) + a post-quantum checksig (signature scheme). Ethan and the BIP 360 team (including myself and Hunter Beast 🕯️) introduced the P2MR part via a BIP 360 update late last year—but the question remains, what’s the most appropriate PQ signature scheme for Bitcoin? They all have substantive tradeoffs, but hash-based signatures seem to be leading technical discourse—likely due to recent optimizations by Jonas Nick and the broader Blockstream research team. It was an honor to sit down with both of these men - arguably the two most influential and productive cryptographers in Bitcoin quantum mitigation right now - for an in-depth review of the leading PQ signature schemes and a temperature check on Bitcoin’s post-quantum planning process. TBH, if you want to skip the noise and jump straight to the signal on quantum, this is the interview to watch. In this episode, we discuss: - What needs to happen at the soft fork, infra, and mitigation levels to fully quantum-harden Bitcoin - Recent updates to BIP 360 + breakdown of the leading hash-based signatures schemes for Bitcoin (SHRINCS + SHRIMPS) - Why we may actually get consensus around a stateful scheme for Bitcoin - Comparisons of hash-based signatures vs Lattice and Isogeny-based schemes - Assessing the risks of both waiting too long and acting too fast (and why quantum is a better threat to be facing than a potential classical attack) This episode of Bitcoin Rails is brought to you by my NEW sponsors: - LayerTwo Labs LayerTwo Labs — developing research, software, and technologies for scaling Bitcoin via the integration of Drivechains (BIP 300/301) - Hashi on Sui — a primitive for executing Bitcoin Defi transactions, without having to trust a federated bridge or other centralized entity - BitBox BitBox — an open-source Bitcoin-only hardware wallet, with smooth UX and no compromises on security. Check out Bitbox [dot] swiss and use code BITCOINRAILS to get a discount TIMESTAMPS: 00:00 Intro 02:18 Ethan’s Quantum Wakeup 05:18 How Blockstream Enters Post Quantum 09:25 BIP 360 Explained 12:11 How Bitcoin Transitions to PQ 17:35 Choosing Post Quantum Signatures 23:20 How Blockstream Created SHRINCS 27:22 Signature Budgets Importance Explained 41:13 What are SHRIMPS? 44:51 SHRIMPS vs SHRINCS 47:48 Why SLH-DSA Alone Won’t Cut It 49:24 Is a SHRIMPS + SHRINCS BIP Coming? 51:51 Blockstream’s Big Plans for Liquid 59:04 Quantum Readiness Roadmap 01:02:22 Importance of a PQ Recovery Plan 01:05:35 How Long Would a PQ Migration Take 01:11:17 Quantum Watchlist Recommendations](https://image.24vids.com/tw-2051672209454756108/amplify_video_thumb/2051671562672082952/img/GYI9mVH4-kcDz2Gz.jpg)
![BITCOIN RAILS #61: QUANTUM CRYPTOGRAPHY FOR BITCOIN | with Dan Boneh Dan Boneh 🔗 YOUTUBE: 🌿 SPOTIFY: One of the most prolific and influential cryptographers in the world, it’s difficult to fully quantify the impact that Dan Boneh has had on Bitcoin and digital assets more broadly. Through both his own research and his mentorship of some of the space’s most important contributors — e.g. Andrew Poelstra, Benedikt Bünz ☕️, and Robin Linus — few people have done more to shape the cryptographic foundations underlying modern blockchains and digital finance. More recently, Dan co-authored Google's widely discussed paper, “Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities,” which reduced prior estimates of the resources required to run Shor’s algorithm against the elliptic-curve cryptography used by Bitcoin. The paper reignited debate around quantum computing timelines and the long-term security assumptions behind modern cryptocurrencies. In this episode of Bitcoin Rails, Dan and I discuss the current state of quantum computing, its potential implications for Bitcoin, and how he believes the Bitcoin community should think about preparing for a post-quantum future over the coming decade and beyond. And yes, Dan shares his take on the “when quantum” question in the interview, among other key perspectives. This episode of Bitcoin Rails is brought to you by my NEW sponsors: LayerTwo Labs LayerTwo Labs — developing research, software, and technologies for scaling Bitcoin via the integration of Drivechains (BIP 300/301) Hashi on Sui — a primitive for executing Bitcoin Defi transactions, without having to trust a federated bridge or other centralized entity BitBox BitBox — an open-source Bitcoin-only hardware wallet, with smooth UX and no compromises on security. Check out Bitbox [dot] swiss and use code BITCOINRAILS to get a discount TIMESTAMPS: 00:00 — Intro and Dan’s history with cryptography and Bitcoin 11:44 — Shor's algorithm: how a 1994 paper became cryptography's most important threat 16:39 — Building a quantum computer: superconducting qubits vs neutral atoms 25:37 — When should we start worrying about quantum computers? The timeline debate 31:51 — Have we already reached quantum computing's “ahá” moment? 39:09 — Inside the Google paper: how Shor's algorithm was optimized 49:57 — The Bitcoin mempool attack and the 10-minute window 59:21 — Mitigation: what should Bitcoin do to prepare for quantum? 1:11:54 — Hash-based vs lattice-based signatures: Dan's case for lattice 1:23:15 — ZK proofs, BIP361, and what to do with Satoshi's coins 1:31:52 — Encrypted mempools and MEV 1:38:29 — Why Bitcoin will survive quantum and Dan's message to Bitcoin builders](https://image.24vids.com/tw-2057110642662797602/amplify_video_thumb/2057106711635275776/img/Pa2J_IxNMDKku2uu.jpg)
