Why $54 billion of BTC is at risk

A centralised fortune under threat

Satoshi has over 1 million BTC. This horde of cryptocurrency is under threat, and it's not alone. Our best guess is 3.7M or 20% of all BTC has been lost.

But who cares? Unless you're one of the unfortunate people who've lost it, the limited supply of BTC simply makes the coins you hold more valuable. Those coins couldn't come back, could they?

How your Bitcoin is secured

This blog isn't going to explain how Bitcoin works. You'll find that all over the internet. What I want to talk about is the original crypto. - Cryptography - You see the only way to prove you own your bitcoin is with a private key that matches the public key associated with your coins. Private and public keys form the basis of Public Key Cryptography. If you don't have a strong understanding of Public Key Cryptography, this explainer is awesome.

BUT for the purposes of this article, you only need to understand 1 thing. To generate public and private keys we rely on some extremely difficult problems. The most important characteristic of these problems is that they are asymmetric. This means it's extremely easy to calculate an answer to the problem from some input numbers, but really hard to figure out what input numbers gave that specific answer.

So no one can spend your Bitcoin because although they may have your public key, they can't figure out your private key to authorise a transaction. This is because they would have to solve one of these really hard problems in reverse.

So what's wrong?

Scalable quantum computers can solve these hard problems.  With access to your public key, an entity with a scalable quantum computer can figure out what your private key is. They now own your BTC. Some people will argue that public keys aren't always exposed and that only the hash of the public key is exposed (P2PKH). BUT some transactions have exposed their public keys (like Satoshi's). If at any point a key has been exposed on the public blockchain it will be vulnerable to a quantum attack.

The good news

We have a solution! Quantum resistant algorithms have been developed. Although they haven't been approved for use by the likes of NIST, they are well on the way. Quantum computers are also not scalable yet. Our best guess is that the technology will pose a threat in the next decade. This gives us plenty of time to prepare.

The transition

Over the next decade blockchains will need to begin the transition to quantum resistant algorithms. Since the private keys we all use rely on this old algorithm we will need to move our BTC to addresses that are quantum resistant. We will all have new private keys and our BTC will be safe.

What about all that unclaimed Bitcoin?

3.7M BTC waiting to be hacked. As an advanced technology, the most likely threat to public key encryption will be state actors, or quantum computing researchers. By the time quantum computers are scalable some addresses will not have migrated to quantum resistant addresses. Before that happens we will have to decide on the approach the community takes - A passive choice that weakens the currency, or an active one that strengthens it.

First come, first served.

What happens if we do nothing? If we allow quantum computers to reclaim lost bitcoin it will have a huge centralising effect on the currency. We are effectively handing out a huge amount of this distributed currency to one entity. At current market rates this $54 Billion will also have a huge diluting effect. Effectively we would make one entity richer at the expense of all others on the network.

What's the alternative?

A phased approach.

Another option is setting a timeout. Some time well before scalable quantum computers are available, but when quantum resistant algorithms are accepted, we set a date. If your BTC is in a quantum resistant address by this time, nothing changes. However, if it's not, the community invalidates it. We agree it can not be spent. This is the only effective way we can ensure the integrity of the currency.

The choice is ours to make

We have plenty of time to get prepared. There need not be a rush to transfer coins to a new address. Many coins will be transferred to new addresses as they are spent when the protocol is updated. BUT to avoid this centralising and diluting effect - I believe a phased approach is the best course of action we can take.

I'd love to hear your thoughts on the issue, and learn something new.
DM me on twitter.