Quantum Safety in QSBitcoin
QSBitcoin implements NIST-standardized post-quantum cryptographic algorithms to protect Bitcoin against future quantum computer attacks, while maintaining full backward compatibility with the existing network.
The Quantum Threat
The security of many current cryptocurrencies, including Bitcoin, relies on mathematical problems that are extremely difficult for classical computers to solve. Specifically, the Elliptic Curve Digital Signature Algorithm (ECDSA) used to sign transactions relies on the difficulty of the Elliptic Curve Discrete Logarithm Problem (ECDLP).
However, theoretical large-scale quantum computers, using algorithms like Shor's algorithm, could potentially solve ECDLP efficiently. This means:
- Private Key Exposure: A quantum computer could potentially derive a user's private key from their public key (which often becomes public when they spend funds). This would allow an attacker to steal funds associated with that key.
- Signature Forgery: An attacker could potentially forge signatures, allowing them to spend funds they don't own.
While such powerful quantum computers don't exist yet, their development is an active area of research. Waiting until they arrive to upgrade cryptographic systems would be too late, as past transaction data could become vulnerable.
QSBitcoin's Implementation: NIST-Standardized Algorithms
QSBitcoin implements two NIST-standardized post-quantum signature algorithms via liboqs v0.12.0+:
ML-DSA-65 (Module-Lattice Digital Signature Algorithm)
- Security Level: NIST Level 3
- Public Key Size: 1,952 bytes
- Signature Size: ~3,309 bytes
- Use Case: Standard transactions (recommended for 99% of users)
- Algorithm ID: 0x02
- Fee Structure: Standard fees based on transaction size
SLH-DSA-192f (Stateless Hash-Based Digital Signature Algorithm)
- Security Level: NIST Level 3
- Public Key Size: 48 bytes
- Signature Size: ~35,664 bytes
- Use Case: High-value cold storage
- Algorithm ID: 0x03
- Fee Structure: Standard fees based on transaction size
Key Technical Features
- Unified Opcodes: Uses OP_CHECKSIG_EX and OP_CHECKSIGVERIFY_EX for all quantum signatures
- Soft Fork Activation: Implemented via BIP9 deployment (bit 3)
- Address Format: Standard P2WSH bech32 addresses (bc1q... for mainnet)
- Weight Calculation: ML-DSA uses 3x weight factor, SLH-DSA uses 2x
- Transaction Limits: Up to 10 quantum signatures per transaction, 1MB max weight
Migration Path and Security
QSBitcoin provides a flexible migration path from ECDSA to quantum-safe signatures:
- No Forced Migration: Users control when to switch to quantum signatures
- Mixed Transactions: Support for both ECDSA and quantum signatures in the same transaction
- Immediate Protection: Quantum addresses are quantum-safe from creation
- Backward Compatible: ECDSA addresses continue to work normally
Implementation Status
- Testnet/Regtest: Fully active and operational
- Mainnet: Awaiting activation parameters
- Test Coverage: Comprehensive unit and integration tests
- Code Base: Built on Bitcoin Core v28.0
- License: MIT (open source)
Learn More
For technical implementation details, see the Developer Documentation.
To start using quantum-safe addresses, visit our Getting Started guide.
View the complete source code and specification at github.com/qsbitcoin/qsbitcoin.