Comment by BillTthree
9 hours ago
so the risk to the wallet holder is the exact same risk that exists for every single HTTPS connection right now?
Post quantum algorithms have been available. You can do it today. Why not for bitcoin?
In reality, there are very few current real world implementations. This article makes it seem that RSA is under active exploitation. If it is, bitcoin is not the first target IMO
Yes, TLS encryption has similar potential risks, quantum and other elliptic curve vulnerabilities.
Quantum resistant algorithms are under heavy discussion in bitcoin dev mailing list, and have been for awhile. I think the signature sizes for leading algorithms are still too large to be practical within existing block size limits, but of course lots of things would probably have to change in a quantum emergency. Bitcoin devs tend to be extremely conservative with making new changes (in part because it attracts a lot of contrarians) so it's going to take a long time for people to agree on the right architecture for a quantum resistant scheme in bitcoin, but it will happen, BIPs are in the works like BIP-360 which outlines some potential structure for it.