| |
Easily, one of the most frequent questions I receive from subscribers is about the risk of quantum computers being able to hack blockchain technology. |
| This has always been a valid concern. |
| After all, quantum computers will be capable of breaking the current encryption used by most blockchains. |
| The real question is "in what time frame?" |
| Most "experts" have said that this is a decade or more away. Nothing to worry about. |
| However, I've maintained that it will happen within the next few years, given the exponential improvement that we've been seeing in quantum computing technology. |
| It is coming fast. |
| The time to harden blockchain technology is right now. |
| And the good news is, given that blockchain technology is based on software, the software can be updated and upgraded with new forms of encryption resilient to quantum technology. |
| Those that don't will be in deep trouble. |
| Quantum's Early Warning Signal |
| Early this morning, Google's Quantum AI division published some brand-new research. |
| And I know it will create quite a stir. |
| Many will say that it is fear-based, too aggressive, or unrealistic. |
| It's not. |
| It's very accurate and should be taken seriously by the industry. |
| Google is in a unique place to provide projections about the technological advancements of quantum computing technology, given that it is an industry leader with its superconducting quantum computer. |
| |
| Google's Quantum Computer | Source: Google |
| |
| The frenzy wasn't caused by the new quantum chip itself, but by the new quantum error correction technology developed by Google, resulting in exponentially improved fidelity. |
| The market has calmed down dramatically in the last six months, but the frenetic race towards developing a universal fault-tolerant quantum computer has only intensified. |
| |
| More specifically, it highlights how quantum computers will be able to break the elliptic-curve cryptography (ECC) that is used by most blockchains for security. |
| Google highlights that most blockchains use the elliptic curve discrete logarithm problem (ECDLP-256) for providing security for blockchain transactions. |
| This is done using an algorithm – the Elliptic Curve Digital Signature Algorithm (ECDSA) – which is how the ECDLP is practically implemented for digital signatures and authentication on blockchains. |
| Here's why we should pay attention: |
- Both Bitcoin and Ethereum use elliptic curve cryptography and will be impacted by quantum computers.
- Solana and Cardano both use the Edwards-curve Digital Signature Algorithm (EdDSA), which uses elliptical curves for security.
- Polkadot and Internet Computer also use Schnorr signatures, which are also elliptic curve-based.
|
| At a high level, more than 99% of the entire total value locked on blockchains, representing total economic activity, is on blockchains that use elliptic curve cryptography (ECC) of one sort or another. |
| Said another way, the entire economic value of cryptocurrencies is at risk with the current ECC being used due to developments in quantum computing. |
| Does that mean that the entire crypto industry will collapse? |
| No, definitely not. |
| But it does mean that the industry needs to pull in their timelines for upgrading their cryptographic technologies. |
| A Truncated Timeline |
| One of the key findings in Google's research is that it will take a lot less quantum computing resources to crack the ECC used by so many blockchains than previously thought. |
| In the chart below, we can see previous quantum resource requirements noted by the blue circles, and the latest work by Google noted by the red stars. |
| |
| Source: Google Quantum AI |
| Quantum computing systems that are low and to the left of the chart (the red stars) require far less quantum computational resources to break ECC. |
| Google estimates that it is now possible to do so with only 1,200–1,450 logical quantum bits (qubits), which can be established with a superconducting quantum computer that has 500,000 physical qubits. |
| And it can be cracked in just a few minutes. |
| Google is defining this as a cryptographically relevant quantum computer (CRQC), and it is projecting that this will be achieved by 2029. |
| To state the obvious, that's just a few years away. |
| Today, I estimate that Google's Quantum AI team has achieved Milestone 3 and is working on Milestone 4. And the company will attain Milestone 5, which is the scale at which it will be capable of a quantum computer with 500,000 physical qubits. |
| |
| Google Quantum AI Roadmap | Source: Google |
| The industry should take this prediction very seriously and get to work on post-quantum cryptography to secure their respective blockchains. |
| And while this is both feasible in practice, there is some nuance in the significance of this problem, particularly with the Bitcoin blockchain. |
| |
| The Evolution of Blockchain Software |
| As with nearly all software, it evolves over time. |
| This is most certainly true of Bitcoin's blockchain protocol. |
| Below is a perfect example of how blockchain software evolves. |
| |
| Bitcoin's Evolving Protocol | Source: Google |
| Above, we can see the evolution of the Bitcoin blockchain protocol as it pertains to transaction output scripts, which are used to transact on Bitcoin's blockchain. |
| As we can see, two protocols (shown in tan and light gray) dominated transactions on the Bitcoin blockchain from the beginning through mid-2018. |
| Since then, several new scripts have gained much larger adoption. |
| The problem is that some of these older scripts are particularly vulnerable to a quantum computing hack. |
| And about 17.3% of all Bitcoin that has been "dormant" – coins that have been sitting, untouched, in crypto wallets – for 10 years or more is vulnerable. |
| Related, and as shown below, about 1.7 million Bitcoin were transacted using those old, vulnerable transaction output scripts. |
| |
| Source: Google |
| What this all means is that hundreds of billions of dollars' worth of Bitcoin are at risk in the absence of an upgrade to the Bitcoin blockchain to make it resistant to quantum computing tasks. |
| And even with a blockchain upgrade, it doesn't solve the problem of what to do with all those dormant Bitcoin. |
| 36 Months to Solve |
| Google suggests three possible public policy solutions. The main goal of these solutions is to avoid the dormant assets falling into the hands of bad actors (criminals and/or rogue nation states): |
- Regulated destruction of dormant assets – this is an unlikely option. Legally, it is problematic as it is the destruction of personal assets without consent. Destroying the dormant assets would also require the blockchain to be rewritten, which would be very expensive to perform. One solution, however, might be for the government to require Bitcoin miners to block any transactions from dormant Bitcoin, thus making the theft unobtainable, but this would be equivalent to censorship of private assets, which creates its own set of legal problems.
- Digital salvage – The dormant assets could be declared unclaimed property, and a cryptographically relevant quantum computer (CRQC) could be used to salvage all lost and abandoned Bitcoin proactively, before a bad actor could do the same.
- National security response – If the U.S. government (or any other government) felt that the risk of the dormant Bitcoin falling into the hands of bad actors would be a national security risk, it may decide to secure them to avoid an unwanted outcome that could potentially fund terrorism or depress the price of Bitcoin, thus decreasing the value of the U.S. government's Bitcoin assets.
|
| None of these solutions is perfect. |
| The Bitcoin community also has some ideas on what to do with the dormant Bitcoin as well, and they are not much better… |
| The best of which is to establish a "bad sidechain," which would be a centrally managed sidechain holding all of the dormant assets, in hopes of authenticating and resolving ownership of those dormant assets over a long period of time. |
| It's also worth noting that this issue is much larger than the total market cap of all cryptocurrencies, which now stands at $2.35 trillion. |
| Cryptographic security of blockchains impacts the total value of all assets that have been tokenized and placed on blockchains. |
| Which is to say tens of trillions of dollars in the coming years. |
| This has become an urgent matter for the digital assets industry to solve. |
| And they have less than 36 months to solve it. |
| Fortunately, the National Institute of Standards and Technology (NIST) has spent more than a decade preparing for this moment. |
| |
| Google Quantum AI's research paper today is a good wakeup call for the whole industry. |
| And if all these developments aren't concerning enough, it is worth pointing out that the entire traditional finance industry is at an equal or greater risk compared to the blockchain industry. All of the current encryption used by traditional finance will be easily hacked by a cryptographically relevant quantum computer (CRQC) in the same timeframe or less. |
| |
| |
| |
No comments:
Post a Comment