Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's worth mentioning that Bitcoin addresses aren't exposed on the blockchain as public keys, but hashes of the public keys. If you want to steal the coins you'll need to turn ripemd160(sha256(sha256(publicKey))) into a private key. Good luck.


Yes, but the public key is exposed when you send from that address. If a quantum computer is quick enough, it could get your private key and issue its own transaction, racing you to get into a block.


Cracking a public key in 10 minutes is much harder than cracking a public key (at all). Considering we haven't cracked anything yet, I wouldn't be worried about that. Also, if you're transferring thousands of bitcoin and want to be safe, you could always privately send it to a miner rather than broadcasting it. In that case the tx would have 1 confirmation before the the public knows about it, requiring them to also pull off a 50% attack.


A QC factors the current public key algorithms in constant time. More qubits just means you can factor bigger keys. How big that constant is will depend on how the QC works.

Sending privately to a miner would help, but you'd end up with a very centralized system since you would want to send to the biggest miner, to minimize the time until that miner produces a block. You can't have miners sharing the transaction, even privately among themselves, since if they did that then one of them could have a QC and you wouldn't have any way to know who stole your money.


There had better be enough money available then after all, if it costs you $1M to steal $100 then you've just lost money.


It doesn't need to be quick if you still have coins at that address.


Wrong due to P2PK transactions. But also no matter which hash you use as an address the person has to reveal their public key in a digital signature to transact the coins, and if an individual has access to a quantum computer which solves the ECDLP fast enough they can run a node which monitors transactions and conceivably get your private key and then exploit a race condition by transacting the same coins with a higher fee to steal the coins.


It's impossible to use a hardware wallet without exposing the master public key to an untrusted device (not hardware wallet).

The only solution would be to run a Bitcoin node on the hardware wallet itself, which is not possible right now.

So you have to treat the public key as a public key.


That would involve your computer being already compromised. If that's the case AND you have enough bitcoins to warrant running a quantum computer worthwhile, you're not securing your coins properly.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: