2023-06-07T01:52:37Z https://yabu.me Karl-Johan Alm [ARCHIVE] https://yabu.me/npub17cwk7hm623dm5npjzu8cvv994h43k2keanegs8w78xyvlez8hqqsqqmtzy https://yabu.me/nevent1qqsw7eau4dvexn49h6r0qrgps6cpdkvm4mwmyskeak5am7yzwusy5vgzyrmp6m6l0f29hwjvxgtslp3s5kk7kxe2m8k09zqamcuc3nlyg7uqzrpxtg5 In reply to <a href='/nevent1qqspu4tz6ksc4kgqh53kwdqcnrayrzeetgcr5689gmulcpmmnff7d8qyv6wr9'>nevent1q…6wr9</a><br/>_________________________<br/><br/>📅 Original date posted:2021-03-15<br/>📝 Original message:On Tue, 16 Mar 2021 at 07:48, Matt Corallo via bitcoin-dev<br/>&lt;bitcoin-dev at lists.linuxfoundation.org&gt; wrote:<br/>&gt;<br/>&gt; Overall, the tradeoffs here seem ludicrous, given that any QC issues in Bitcoin need to be solved in another way, and<br/>&gt; can&#39;t practically be solved by just relying on the existing hash indirection.<br/><br/>The important distinction here is that, with hashes, an attacker has<br/>to race against the spending transaction confirming, whereas with<br/>naked pubkeys, the attacker doesn&#39;t have to wait for a spend to occur,<br/>drastically increasing the available time to attack.<br/><br/>It may initially take months to break a single key. In such a<br/>scenario, anyone with a hashed pubkey would be completely safe* (even<br/>at spend time), until that speeds up significantly, while Super Secure<br/>Exchange X with an ultra-cold 38-of-38 multisig setup using Taproot<br/>would have a timer ticking, since the attacker need only find a single<br/>privkey like with any old P2PK output.<br/><br/>(* assuming no address reuse) 2023-06-07T18:30:52Z