Lightning fee channels require sharing public keys with service suppliers.
BIP-360, probably the most mentioned anti-quantum proposal, doesn’t resolve the Lightning downside.
Lightning Community has a structural downside with quantum computer systems that no quantity of excellent consumer observe can resolve, warns developer and researcher Udi Wertheimer
For the Lightning community to work, each events of a fee channel should trade their public keys. That trade doesn’t stay within the blockchain, but it surely does stay within the arms of the service supplier that manages the channel. A quantum laptop with ample capability (CRQC) can calculate the non-public key if it acquired the general public key, which might give it full entry to the consumer’s steadiness, because the developer argues.
The Lightning community, adopted by platforms akin to Coinbase, Binance and Money App, at the moment strikes greater than 5,000 bitcoin in locked capability distributed throughout greater than 50,000 lively nodes.
No want for velocity, simply time.
The developer highlights that in contrast to the quantum assault on the Bitcoin mempool—intercepting a transaction within the minutes it takes to substantiate—, the assault vector in Lightning doesn’t require appearing in actual time. The general public keys are already saved. They solely have to be processed when quantum capability permits it. Google estimated at a paper latest {that a} CRQC might decrypt a key in transit in simply 9 minutes, however within the case of Lightning that velocity isn’t even wanted.
Udi factors out that the usual “do not reuse addresses” protection would not apply right here. Public keys in Lightning are shared by design, not by inadvertence. The issue additionally extends to different factors within the ecosystem: {hardware} wallets that had been as soon as linked to compromised gadgets, customers who handed over their public keys to tax accounting platforms for automated pockets monitoring, and provider shoppers.
Nevertheless, Wertheimer factors out that in Ethereum and Solana the publicity is even higher. Many good contracts have keys with full management over locked funds. An attacker with a CRQC wouldn’t want weeks of social engineering or oracle manipulation: he would merely take the general public keys of the contract, calculate the non-public ones, and empty the funds.
The hack of Drift Protocol final week, which resulted in losses of $285 million, required weeks of preparation. With quantum capabilities, that course of can be decreased to hours.
Proposals akin to BIP-360, introduced as an answer to quantum danger in Bitcoin, don’t think about the case of Lightning. In response to Wertheimer, the issue can solely be solved by incorporating post-quantum cryptography into the bottom layer of the protocol. Till then, Lightning builders haven’t any instruments to guard their customers, and the migration—which includes analysis, software program redesign, deployment, and mass adoption—might take years as soon as the technical debate in Bitcoin is lastly resolved.
