From Theory to Countdown: Google Sounds the Blockchain Quantum Resistance Alarm with Zero-Knowledge Proof
Original Author: Haotian, Cryptocurrency Researcher
These days, with some free time on my hands, I roughly studied the impact of quantum computers on the blockchain ecosystem, involving a lot of cryptographic background knowledge. Without going into too much detail, I'd like to share a few key points:
1) It was generally believed in the academic community that breaking the 256-bit elliptic curve encryption algorithm would require around millions of physical qubits and around 6000 logical qubits. However, in the new paper published by Google, instead of introducing any groundbreaking new hardware, they simply recompiled Shor's algorithm to run on a quantum circuit, reducing the required number of logical qubits to 1200.
What does this mean? It means the computational cost has been directly reduced by nearly 20 times. This is the fundamental reason why the quantum threat theory has been widely discussed. What we always thought was absolutely impossible has now begun a "countdown";
2) Google has set the countdown's endpoint to the year 2029, implying that by this time, encryption methods such as HTTPS for the internet, SSL for bank certificates, SSH for remote login, as well as the underlying ECDSA signature schemes of BTC and Ethereum's public chains, must all undergo a "post-quantum" transfusion, or else they may face a catastrophe.
Regarding this point, 2029 is only 3 years away, which I feel is too exaggerated. After all, there is still a long way to go from pure theory to practical execution. However, at least it indicates one thing: the time window for upgrading encryption algorithms to resist quantum attacks has begun to open. It's not imminent, but it must not be taken lightly;
3) If even now many people still have no concept of the quantum threat, here are a few attack vectors to elaborate:
1. Currently, about 25%-35% of addresses on the BTC chain have their public keys exposed, including early addresses using the P2PK format from the Satoshi era, as well as all addresses that have been reused or involved in transactions. These addresses are within the attack scope. For other addresses that have not been involved in transactions, as soon as quantum computers mature and initiate transactions, they can preemptively attack and hijack transactions within the 10-minute Mempool transaction handling window, effectively paralyzing the entire network;
2. The crisis facing Ethereum is more direct. The public key of an EOA account is exposed on-chain through the signature when the account sends a transaction for the first time. This, combined with the data availability sampling mechanism after EIP-4844, and the consensus network's reliance on POS signature verification, means that the Ethereum mainnet is not facing a problem of private key cracking but rather a scenario where the entire network becomes virtual if the signature algorithm is not upgraded.
3. The key point is that since blockchain transaction histories are traceable and permanently stored on the chain, although quantum computing attack conditions may not be mature yet, transactions where public keys have already been exposed on-chain in the past and present will be recorded and become potential targets for attacks, just waiting for quantum machines to gradually come into play.
4. Of course, since quantum attacks still pose a threat with the possibility of technological breakthroughs and a time window, theoretically, as long as a "post-quantum attack" large-scale upgrade is completed in the next few years, a self-rescue can also be achieved.
Ethereum has long been optimizing its "engineering" layout against quantum threats, including promoting account abstraction to allow EOA addresses to directly switch signature schemes at the application layer, and validator signatures are also moving towards post-quantum cryptographic (PQC) algorithms that enhance quantum resistance from the underlying structure. Ethereum's most powerful feature is its dynamic upgrade capability even during flight, so once the direction is clear, enhancing quantum resistance is only a matter of time.
Bitcoin has chosen to introduce BIP-360, which will introduce post-quantum signature algorithms like FALCON or CRYSTALS-Dilithium. While the technology itself is not complex, the challenge lies in establishing consensus. It is worth noting that the Bitcoin community has argued for several years over a block size fork. Hoping that they will quickly compromise on a post-quantum hard fork is indeed hard to be optimistic about. However, once the threat becomes more "certain," even the most laid-back development community will grit their teeth and proceed with this self-rescue patch.
That's it.
Finally, an interesting point is that Google has used zero-knowledge proof (ZK) to disclose this potential quantum threat, consciously opting for a "soft landing" from the outset. After all, once it spirals out of control, not to mention blockchain, the entire Internet civilization would face a devastating impact. Additionally, within the Google Quantum AI team, there are researchers from the Ethereum Foundation. It's possible that resistance to quantum attacks will become a mainstream narrative in the blockchain community in the future. After all, the innate DNA is cryptographic technology, making this new mission very Crypto!
Welcome to join the official BlockBeats community:
Telegram Subscription Group: https://t.me/theblockbeats
Telegram Discussion Group: https://t.me/BlockBeats_App
Official Twitter Account: https://twitter.com/BlockBeatsAsia
