Bitcoin was built on a promise that no one can touch your coins without your private key. No government, no bank, nobody.
That promise is now, for the first time in Bitcoin’s 16-year history, being challenged from the developer community itself, as a part of measures to build defenses against future quantum computers that could compromise Bitcoin’s blockchain and steal your coins.
The proposal
Jameson Loop, one of the outspoken bitcoin contributors, and other cryptographers, have proposed a move that could force bitcoin holders to migrate their coins to new quantum-resistant addresses or face having their coins frozen permanently by the network itself. In that scenario, holders would technically still “own” the coins, but lose the ability to move them.
It is called Bitcoin Improvement Proposal (BIP)-361 and was updated in Bitcoin’s official proposal repository Tuesday with the title “Post Quantum Migration and Legacy Signature Sunset.”
This comes as a recently released Google report warned that a sufficiently powerful quantum machine could require significantly less firepower to compromise the Bitcoin blockchain than initially estimated. This prompted some observers to cite 2029 as the quantum deadline for bitcoin.
To understand the need to freeze coins, you need to know what it is protecting against.
Every Bitcoin wallet is secured by a form of cryptography called ECDSA, or Elliptic Curve Digital Signature algorithm. Think of it as a lock on your wallet. When you set up a wallet, two keys are generated: Private key, which is a unique password used to prove that you own the coins you are spending. Then there is a public key derived from the private key. This public key helps receive funds, verify transaction signatures, and ensure security without revealing the owner’s private key.
Here is the problem: your public key is revealed on the blockchain, permanently for anyone to see when you send funds. A sufficiently powerful quantum machine can use it to reverse engineer your private key and drain your funds.
As of March, the sum of all BTC in vulnerable addresses was approximately 6.7 million BTC, according to the Google study.
BIP-361 builds on the proposal put forward in February under BIP-360, which introduced a soft fork—a network upgrade—designed to enable a new transaction type called pay-to-Merkle-root (P2MR). The approach borrows from Bitcoin’s Taproot (P2TR) framework, but strips out the key-based spending path, removing an element widely viewed as exposed to potential quantum-era risks.
Three phases
The BIP 361 proposal structures the migration in three phases. The Phase A kicks in three years after potential activation, blocking anyone from sending new bitcoin to old-style, quantum-vulnerable addresses. You can still spend from these addresses, but cannot receive anything.
The Phase B, to kick in five years after activation, will render old style signatures (ECDSA and Schnorr) completely invalid such that attempts to spend from quantum-vulnerable wallets will be rejected by the network. In essence, your coins will be frozen.
Finally, Phase C, is a proposed rescue, still under research, where holder with frozen wallets could potentially prove ownership using a zero-knowledge proof, a way of proving the knowledge of a secret without revealing the secret itself. If it works, coins frozen by Phase B could be recovered.
Community backlash
The idea of freezing coins as a defense against quantum threats cuts directly against one of Bitcoin’s most fundamental promises: sovereign, permissionless control over funds.
At its core, Bitcoin is designed to ensure that whoever holds the private keys controls the coins – without exception. Introducing a mechanism that allows coins to be frozen, even under extraordinary circumstances like a quantum attack, implies that this principle can be overridden.
The community, therefore, is not happy with the proposal.
“This quantum proposal is highly authoritarian and confiscatory, but of course, it’s from Lopp. There is no good rationale for forcing the upgrade and rendering old spends invalid. Upgrade should be 100% voluntary,” one X user said.
“This reeks of central planning with the deadlines, behavior coercion, and forced migration,” another user said.
Developers, however, called it a defensive measure.
“This is not an offensive attack, rather, it is defensive: our thesis is that the Bitcoin ecosystem wishes to defend itself and its interests against those who would prefer to do nothing and allow a malicious actor to destroy both value and trust,” they said.
Be the first to comment