[Cryptography] BitCoin as Quantum Cryptanalysis canary.

Sat Dec 19 20:39:34 EST 2020

On 2020-12-18 at 21:51 +0000, Kapilkov, Michael wrote:
> I am not sure I follow your train of thought.  I believe the genesis
> block is hard coded and is not spendable regardless.  If I had access
> to a super powerful pc capable of breaking Bitcoin’s crypto, I
> wouldn’t start with the genesis block anyway as not to attract
> attention.  Also, realistically, in the next couple of decades the
> only parties that will be capable of developing such machines will be
> nation states and huge corporations.  Anyway, by then, Bitcoin would
> switch to quantum-resistant cryptos.

This. The secret of having such quantum computer without others knowing
would be more valuable than the amount on those bitcoins. It would be
wiser to attack lower-profile wallets lost by their owners. And even if
they were not lost, their legitimate owner would need to realise their
long-sitting bitcoins are no longer there, and it would have to be
linked to a quantum computer, and not to e.g. a compromised system or
even the use of a weak PRNG for creating the wallet.
Breaking the storage wallet of a big fish such as an Exchange, where
there should be a clear track of the crypto, hardware wallet, etc.
would be very risky. But (at the current state of the art) a suspicion
of more mundane breaking attempts would come before than quantum
computers, I think.

However, it would be a perfect tool for someone that wanted to expose
that computer. A Snowden could "simply" send those bitcoins to a number
of NGO organizations, perhaps even including a message in the
transaction pointing the quantum-brokenness of the algorithms. That
would be picked immediately.
The list of people able to send jobs to that computer would still be
quite short, though, so even though the message could be sent
anonymously, the culprit might still be found. 

The bitcoin genesis would be a canary, but probably amongst the last
one to die. In order to use bitcoin for early detection of Quantum
Cryptanalysis, I think one should instead detect anomalous transactions
as a whole. Like, many wallets < n bits, which were dormant for 10
years, showing now transfers. And even using the compute for that would
be frowned upon by the powers that would have built such secret Quantum
computer.

It's not impossible that they used bitcoin wallets as testing targets,
though. They could then keeps the keys for those wallets without acting
on them (it would be completely secretive, plus, bitcoin continues
increasing in value) awaiting for the classicryptocalypsis, in which
they would spend all of them. In fact, with that idea, there might be
*several* actors right now sitting on those keys awaiting the time to
use them.