Key Takeaways:
Venture fund Paradigm has proposed a new method to protect the estimated 1.1 million bitcoin held by Satoshi Nakamoto from future quantum computing threats without requiring the coins to be moved.
"This does not require Bitcoin to decide today whether a sunset is necessary," Dan Robinson, a general partner at Paradigm who authored the proposal, said in a May 1 paper, giving users a way to "plant a seed now" in case protections are needed later.
The proposal, called Provable Address-Control Timestamps (PACTs), would let holders create a private, timestamped proof of ownership. If the network later freezes vulnerable addresses, a quantum-resistant STARK proof could be used to reclaim the funds, a method that contrasts with a competing proposal, BIP-361, which would force a migration over five years.
The PACTs model offers a privacy-preserving alternative for the roughly $84 billion in bitcoin sitting in long-dormant wallets, but it depends on a future Bitcoin soft fork to add STARK verification infrastructure, which does not currently exist. Furthermore, the owner of the keys must create the proof before any attack or network freeze occurs.
The debate centers on millions of bitcoin in early wallets where public keys are exposed, making them theoretically vulnerable to a sufficiently powerful quantum computer. A proposal from developer Jameson Lopp, BIP-361, suggests phasing out these vulnerable address types over five years, freezing any coins that fail to migrate. However, this would force dormant holders like Satoshi to move their coins, a public act they may wish to avoid.
Robinson's PACTs proposal offers a workaround. A holder would use a standard for signing messages (BIP-322) to create a proof of ownership, bundle it with a random salt, and timestamp it on the Bitcoin blockchain using a service like OpenTimestamps. The proof and its components would remain private. Should the Bitcoin network later adopt a "quantum sunset," this pre-committed proof could be revealed within a STARK proof—a type of zero-knowledge proof secure against quantum computers—to regain access to the funds.
This method avoids the public broadcasting of activity required by BIP-361 and provides a potential rescue path for very early, pre-2012 wallets that other proposals might not cover. However, the solution is not without its own significant hurdles. Robinson notes the plan requires "substantial new plumbing" for Bitcoin, including a soft fork to implement a STARK verification protocol, something Ethereum has integrated but which would be a major undertaking for the Bitcoin network.
Crucially, the PACTs system is not a magic bullet. It only works if the holders of the private keys, including whoever controls Satoshi Nakamoto's wallets, act to create the timestamped commitment before a quantum threat materializes or the community freezes the addresses. If Satoshi is truly gone, the coins remain vulnerable.
This article is for informational purposes only and does not constitute investment advice.
