Paradigm Researcher Proposes PACTs to Shield Dormant Bitcoin From Quantum Computing Risk

Key Takeaways:

• Paradigm’s Dan Robinson projected PACTs connected May 1, 2026, offering bitcoin holders a free, backstage mode to timestamp code power earlier quantum threats arrive.
• Over 1.1 cardinal BTC worthy astir $75 cardinal successful Satoshi-linked wallets look vulnerability if cryptographically applicable quantum computers emerge.
• PACTs necessitate nary Bitcoin fork contiguous but request aboriginal STARK verification enactment and assemblage statement to activate a rescue path.

Bitcoin Holders Gain Silent Escape Hatch arsenic Paradigm Targets Quantum Vulnerability

The proposal, titled Provable Address-Control Timestamps (PACTs), outlines a three-step method utilizing existing Bitcoin tools to timestamp cryptographic impervious of wallet ownership. No onchain transaction is required. No nationalist awesome is broadcast. The holder stores a concealed salt, a BIP-322 connection signature, and an OpenTimestamps impervious file, past waits.

Dan Robinson, a wide spouse and researcher astatine the crypto task money Paradigm, framed the connection arsenic a hedge against a circumstantial dilemma facing Bitcoin. If cryptographically applicable quantum computers (CRQCs) get earlier the protocol adapts, addresses with exposed nationalist keys go susceptible to theft. If Bitcoin rushes a sunset brushed fork to frost those addresses, dormant holders look a forced, nationalist coin migration.

Image source: X

For wallets believed to beryllium to Satoshi Nakamoto, that migration would uncover whether the pseudonymous creator is alive, active, and inactive holding keys. Researchers estimation those wallets clasp astir 1.1 cardinal BTC, worthy much than $75 cardinal astatine existent prices.

PACTs connection a 3rd path. A holder generates a 256-bit concealed brackish and uses BIP-322 afloat connection signing to beryllium power of a susceptible scriptPubKey. The resulting committedness hash is past timestamped via OpenTimestamps, which batches hashes into a Merkle histrion and embeds the basal successful a Bitcoin OP_RETURN output. The process costs thing and reveals thing publicly.

Robinson described OpenTimestamps arsenic a free, trustless Bitcoin-based timestamping service. The strategy was possible, helium noted, due to the fact that Satoshi himself designed Bitcoin arsenic a distributed timestamp server successful the 2008 achromatic paper.

If Bitcoin aboriginal implements a sunset brushed fork, a PACT holder could taxable a STARK zero-knowledge impervious showing they knew the brackish and power impervious earlier a cutoff day established anterior to CRQC capability. The rescue transaction would beryllium bound to forestall replay. The underlying keys and brackish would enactment hidden.

The connection builds connected draught BIP-361, which addresses quantum-vulnerable bequest addresses, and references Jeremy Rubin‘s earlier forum discussions connected akin concepts. Robinson acknowledged the plan is illustrative and needs reappraisal from cryptographers, Bitcoin developers, and the broader community.

Risks are real. Bitcoin whitethorn ne'er instrumentality a quantum sunset. Even if it does, this circumstantial rescue way whitethorn not beryllium included. Robinson said holders should not trust solely connected PACTs until a rescue protocol clears consensus. Still, helium argued the outgo of creating 1 is debased capable to warrant acting erstwhile a modular format is agreed upon.

The connection does not widen cleanly to multisig wallets, analyzable scripts, oregon custodial accounts. Those cases necessitate further standardization work.

Bitcoin developers and quantum researchers connected X responded rapidly aft publication. Discussion focused connected STARK integration timelines, the feasibility of a brushed fork adding zero-knowledge impervious verification, and whether the privateness protections would clasp successful practice.

Robinson stated that adopting a PACT modular present would springiness semipermanent holders maximum clip to unafraid their coins earlier immoderate exigency fork. The harder decisions, including whether a quantum sunset is warranted astatine all, tin wait.

Robinson credited Eli Ben-Sasson, Jameson Lopp, Neha Narula, Nic Carter, and others successful the acknowledgments.