Re: [bitcoindev] Major BIP 360 Update

Bitcoin Development Mailinglist
 help / color / mirror / Atom feed

From: Erik Aronesty <erik@q32.com>
To: Hunter Beast <hunter@surmount.systems>
Cc: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] Major BIP 360 Update
Date: Sat, 20 Dec 2025 21:05:45 -0800	[thread overview]
Message-ID: <CAJowKgK_kccO3SEfCZCJ6V2CCumE8+A5Ks5U31dgAoF_KcjP5A@mail.gmail.com> (raw)
In-Reply-To: <7edb8e8f-064b-4409-9c6d-b4361c1e7df7n@googlegroups.com>

[-- Attachment #1: Type: text/plain, Size: 3551 bytes --]

This is amazing!  I have always been concerned about the exposure of public
keys (mostly because of the greater potential for implementation bugs, not
quantum).

Between BIP360 and something like TXHASH, it's possible to make quantum
safe scripts and multi-step commit-reveal vaults that don't relay solely on
signatures at all.  And we can do so while closing broader security issues
(allowing people to more easily mine for implementation flaws), and
expanding capabilities with lightweight, proven tech.

I would personally love to move BIPs 360,119,346 forward as a comprehensive
"quantum-readiness" plan.

These can keep Bitcoin safe and vaulted behind commitments and hashes...
until the industry stabilizes on PQ signatures and an appropriately
hardened, efficient, proven and reliabile library, like libsecp256k1 is for
ECC.  That is likely to take much longer, especially considering how
recently SIKE was broken, and the structural correlations found in SPHINCS.


















On Fri, Dec 19, 2025, 6:32 PM Hunter Beast <hunter@surmount.systems> wrote:

> After reviewing community feedback, Ethan Heilman and I have enlisted the
> help of a third co-author, Isabel Foxen Duke
> <https://x.com/isabelfoxenduke>, in an editorial role to lead and execute
> a clean sheet rewrite of BIP 360.
>
> Because previous revisions introduced meaningful technical changes, we
> determined that a full rewrite, rather than incremental edits, was
> warranted to improve clarity, internal coherence, and to better articulate
> our intentions for managing potential quantum-related risks.
>
> Consistent with its previous version, this proposal does not introduce
> post-quantum signature schemes. Instead, BIP 360 proposes the addition of a
> new output type with the key path spend removed, which is thus protected
> from hypothetical breaks of Elliptic Curve Cryptography (ECC).
>
> We have renamed this proposed output type "Pay-to-Tapscript-Hash (P2TSH)"
> for clarity, and believe its adoption is an important first step in
> protecting Bitcoin from potential threats to ECC, via quantum computers or
> any other cryptanalytic advancements.
>
> Additionally, the proposal now includes test vectors in Python and Rust.
> With gratitude, we hope you’ll review these changes in the BIP Repo
> <https://github.com/bitcoin/bips/pull/1670> or at BIP360.org
> <http://bip360.org>. We look forward to ongoing community feedback, and
> new ideas in our efforts to Make Bitcoin Quantum Resistant.
>
> Thank you for your time,
> Hunter Beast
>
> --
> You received this message because you are subscribed to the Google Groups
> "Bitcoin Development Mailing List" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to bitcoindev+unsubscribe@googlegroups.com.
> To view this discussion visit
> https://groups.google.com/d/msgid/bitcoindev/7edb8e8f-064b-4409-9c6d-b4361c1e7df7n%40googlegroups.com
> <https://groups.google.com/d/msgid/bitcoindev/7edb8e8f-064b-4409-9c6d-b4361c1e7df7n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/CAJowKgK_kccO3SEfCZCJ6V2CCumE8%2BA5Ks5U31dgAoF_KcjP5A%40mail.gmail.com.

[-- Attachment #2: Type: text/html, Size: 10508 bytes --]

     prev parent reply	other threads:[~2025-12-23 18:27 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-12-19 20:45 Hunter Beast
2025-12-21  5:05 ` Erik Aronesty [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAJowKgK_kccO3SEfCZCJ6V2CCumE8+A5Ks5U31dgAoF_KcjP5A@mail.gmail.com \
    --to=erik@q32.com \
    --cc=bitcoindev@googlegroups.com \
    --cc=hunter@surmount.systems \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox