From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Wed, 15 Apr 2026 09:52:03 -0700 Received: from mail-oa1-f56.google.com ([209.85.160.56]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1wD3T9-0008E5-AJ for bitcoindev@gnusha.org; Wed, 15 Apr 2026 09:52:03 -0700 Received: by mail-oa1-f56.google.com with SMTP id 586e51a60fabf-40ad1c724dasf11039515fac.3 for ; Wed, 15 Apr 2026 09:52:03 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1776271917; cv=pass; d=google.com; s=arc-20240605; b=dHHmsA5IyP80Up2yhZcKM6xHK6R2EGxAsYbjTJl0tAw+tQEs767IcB2ERzBdhchwi8 N/q7oRIoDxFVJqeWYaL4wwjw6i3iIENUIwu3+WO+/A4x8zGtGv1YEmI6Ee4HobhKppPS lHX5rVlA4kHGILeSubP2MpRZorYYbuPfVuGwOdy/flEUphTkYexxiTGidg+mvcl43+Do w6Q3PGeSSdbkb59FEMwUF6kaqGQX0e4WZphqiET+bR3z7Kto5fkH20SzLViJOfkDzE2e oI65lQk2n5DoxiuS65PfsHSbhX56DX9zT5RSogipcIOhRlkKfcORE/ICPUAWeR9mulL/ jnew== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:to:message-id:subject:date :mime-version:from:content-transfer-encoding:sender:dkim-signature; bh=AfdLPl6afT3sdRXwfvSwcfYkLN0xsRNF1Iyb6+rvldc=; fh=/ojsV3+PC4L6tAxGWut3LitVDLev92dQwEo7QdIhrBA=; b=VPey3OzdMpXWo87Z7o6V2+fm76RiT2q0jUjozspDgJFIKXMLcb45wtNY4fSjPpt0y8 7O/XLVIa5rWPGy5kbS32QiUTgtCr8bwMTNlm+DHlbt7rBoOIqPlFzU3aUsKxuxMBBcYy vZZeeGd78bcJQBBjg8fz+NpKhrqoxAogxBU3iEW5Op39YmZRFaSw4mmPEfXuK8Jt9Wnh h7sqQA9m3BDpO/LN6bhCXm0ToGrOD0y4+z/4mnvpA8xej9utwalZaI3FoViAjmPQInFI kQIjqvHIRGZvy2Xd4YWGMPjyAMJ0zAO8reFcjvk646DDDtaDzsY5V4+MhTfh4EAj4w8q hyrw==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@mattcorallo.com header.s=1776268862 header.b=OHQmwDDb; dkim=pass header.i=@clients.mail.as397444.net header.s=1776268865 header.b=FFGeO65x; spf=pass (google.com: domain of lf-lists@mattcorallo.com designates 69.59.18.99 as permitted sender) smtp.mailfrom=lf-lists@mattcorallo.com; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=mattcorallo.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20251104; t=1776271917; x=1776876717; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:to:message-id:subject:date:mime-version:from :content-transfer-encoding:sender:from:to:cc:subject:date:message-id :reply-to; bh=AfdLPl6afT3sdRXwfvSwcfYkLN0xsRNF1Iyb6+rvldc=; b=GWWW8+TzEuimAQpQwCFkhlP41BjcqSlB19XdKszQ9+pafrzzOJ843wD5DcZ7GNBRhp Pb/HxewAd+sxmGJV8Oi9LznbV3hEpkeaYA6d12/R7+TvARV72EmAFRnrWQcNRStej8iq 8GWviWV8Evy8XmSPVff5ynFblNdPlBYIfKKB80d9H5gSi+/JNdm7PrzLReOqcqOgs0Z2 v9O77ZN/lKeAXKq43VbRWjJJz9z/R/suOL+r/LUEO4sfJngh/QB4cRpQyKuSBdQrDkHM ZCKuufeifYOMyLe+jTQU+Sb7jhNm3wFmD+tDq1er92Kvmg1Swa7JftkUWSuIWdeVznmc gw+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776271917; x=1776876717; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:to:message-id:subject:date:mime-version:from :content-transfer-encoding:x-beenthere:x-gm-message-state:sender :from:to:cc:subject:date:message-id:reply-to; bh=AfdLPl6afT3sdRXwfvSwcfYkLN0xsRNF1Iyb6+rvldc=; b=dqKpb7ZiNdUghUFBibvgfpKyyOLFSt4dQk7cgKhakKz5xvAiKEWIvLxCL1YaO4lkN5 VS9laU/k4Hm76tYQhl3Kwr0rEWHDJDXyhS+4hMmMHfqGDgSwTD6+NRsxhD8XrxA+uV7D vKZHgv2M8DSI7awlUyRJa0Bd2jfu1OXZQSRMhU6tctfzZgMEldZj1Q/K9tUROqLaMLIp wvoiOnDYw6WOoO7HHJJcZ2WM74WVXkPppqAOQCo5X8i8A4SO9odnqC0+GezA2CIAkZuy 80SW2TrBu7VeyKVaiTBcSTZVzv5iLF33g99KihVcqMu5mQyj257oK+cZ+R/x/Ey8njUS CLXA== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=2; AFNElJ+zati5epAwqQfNUE81DDGu17G9E7mT6PTZtGh5vyINXPhmyW3CmgTdsY4W42NNMxFFwuQNQsKQwFW4@gnusha.org X-Gm-Message-State: AOJu0YyyN6DYg6ri0kZVMv+osDn+/dAvNh5tTTUevgPdNa5jq4G7hISd Uc+fmXXzEA2+jkzPcin/KFzWBKgLyApZCUR5n1DHDV4mN6ouNmA6Y13E X-Received: by 2002:a05:6870:c256:b0:41b:ff2c:de25 with SMTP id 586e51a60fabf-423e0d96b14mr12491063fac.9.1776271917156; Wed, 15 Apr 2026 09:51:57 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com; h="AYAyTiJqsuyr0jNz9n3svLIwxlk7GTeOxhq+DFzK34ozNQIX4A==" Received: by 2002:a05:6871:295:b0:417:5927:12e9 with SMTP id 586e51a60fabf-4280c660f3dls8333fac.2.-pod-prod-01-us; Wed, 15 Apr 2026 09:51:51 -0700 (PDT) X-Received: by 2002:a05:6808:c2bf:b0:466:f57b:2ae5 with SMTP id 5614622812f47-4789fa06325mr11419594b6e.47.1776271911291; Wed, 15 Apr 2026 09:51:51 -0700 (PDT) Received: by 2002:a05:6808:6189:b0:467:e362:ec8e with SMTP id 5614622812f47-47974686444msb6e; Wed, 15 Apr 2026 09:38:14 -0700 (PDT) X-Received: by 2002:a05:6830:258b:b0:7dc:283:89a6 with SMTP id 46e09a7af769-7dc280313b3mr13772965a34.30.1776271093997; Wed, 15 Apr 2026 09:38:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1776271093; cv=none; d=google.com; s=arc-20240605; b=a5w8WvO97jOU+RiLo0wLJzNs+HBKPeCusYogoEthWEBTQFV8v6t/EG3AXiUtuJeQVc ChfLzFk1pgX1x5IZ0EahpH7JwvmvyUU8qdqRCijJ9P8PjpqbInaFcreO4efW+NLhkMhU l/03aAfuRTbmh/yQbxaSuY0yNo47XCEIYxrWQwXr8+E7FdZebnEC8CsTMatmmx3TxRcR vZKj8gmpnM59rmCpJlPVGf4IByydAJNjJyXSEkIMTANw9ddXqSGM2OIyMuYbgwYQWY20 YIUDhTOGucoZEtsEqtD6QIUIRfZf4q0/DPha8KZTnsw0AOQ2H+f7FDRhv45TVEd6MU9y CwCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=to:message-id:subject:date:mime-version:from :content-transfer-encoding:dkim-signature:dkim-signature; bh=VBqwpDQw/75Iu4GiEpMBgwrymK7tXi40C1+c0t6K06A=; fh=VcGcg+Zjs9gw1uDcHbxsAILhBAcecnbJzZRdxgKVDIc=; b=Fh7koONZ+Jlpf7phCK5qnc3LKDyHzpM/Sclt8PlH2HI2N999Aj1StisKG/SkOc2Ynn cGUiXEiRc0mj+ttprileEwNq3dy5fY8crSnLGfoWIDTRROqLoFDNMYNCGAOAjginTFNg 5Dbt3NHMfZrqVAEgxi67xAvvVuBmEFknFUGTCIk/WLTg7xoQq5yJDAn5eegpuj0RzmAE VentmHrLlgZcsAjZu8RteSrhcMxxeOk9i+1g5h/mvoK99Q64tt2lJlbgNSI8gwWcOyky AlrYEEldsvKv/XH4QF1QUWLhmuttsXiJcdrj/9SmKIsuWqM2V1OQx+YjcKDS7NCI89sU Q24w==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@mattcorallo.com header.s=1776268862 header.b=OHQmwDDb; dkim=pass header.i=@clients.mail.as397444.net header.s=1776268865 header.b=FFGeO65x; spf=pass (google.com: domain of lf-lists@mattcorallo.com designates 69.59.18.99 as permitted sender) smtp.mailfrom=lf-lists@mattcorallo.com; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=mattcorallo.com Received: from mail.as397444.net (mail.as397444.net. [69.59.18.99]) by gmr-mx.google.com with ESMTPS id 46e09a7af769-7dc76b745desi84437a34.8.2026.04.15.09.38.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Apr 2026 09:38:13 -0700 (PDT) Received-SPF: pass (google.com: domain of lf-lists@mattcorallo.com designates 69.59.18.99 as permitted sender) client-ip=69.59.18.99; X-DKIM-Note: Keys used to sign are likely public at X-DKIM-Note: https://as397444.net/dkim/mattcorallo.com and X-DKIM-Note: https://as397444.net/dkim/clients.mail.as397444.net X-DKIM-Note: For more info, see https://as397444.net/dkim/ Received: by mail.as397444.net with esmtpsa (TLS1.3) (Exim) (envelope-from ) id 1wD3Fl-00000005ytj-0fiv for bitcoindev@googlegroups.com; Wed, 15 Apr 2026 16:38:13 +0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable From: Matt Corallo Mime-Version: 1.0 (1.0) Date: Wed, 15 Apr 2026 12:37:34 -0400 Subject: [bitcoindev] PQC - What is our Goal, Even? Message-Id: To: bitcoindev@googlegroups.com X-Original-Sender: lf-lists@mattcorallo.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@mattcorallo.com header.s=1776268862 header.b=OHQmwDDb; dkim=pass header.i=@clients.mail.as397444.net header.s=1776268865 header.b=FFGeO65x; spf=pass (google.com: domain of lf-lists@mattcorallo.com designates 69.59.18.99 as permitted sender) smtp.mailfrom=lf-lists@mattcorallo.com; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=mattcorallo.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.8 (/) Its become obvious in recent discussions that a large part of the PQC discu= ssion has people coming at it from very different fundamental goals, and as= a result the conversations often talk past each other without making real = progress. So instead of doing that more I'd like to write down what I think= the actual, short-term goal *is*, what it it is not. Fundamentally, it seems to me the most reasonable goal is that we should be= seeking to increase the number of coins which are reasonably likely to be = secured by the time a CRQC exists. Put another way, we should be seeking to= minimize the chance that the Bitcoin community feels the need to fork to b= urn coins by reducing the number of coins which can be stolen to the minimu= m number [1]. This naturally means focusing on the wallets which are the *least likely* t= o migrate or otherwise get themselves in a safe spot. Focusing on those who= are the most likely to migrate does almost nothing to move the needle on t= he total number of coins protected, nor, thus, on the probability of a futu= re Bitcoin community feeling the need to burn coins. Sadly, this probably m= eans the "top wallets" that are generally terrible at adopting Bitcoin stan= dards. Wallets which are the top listing on app stores like (currently in t= he top few in my app store): Bitcoin.com, Trust Wallet, Coinbase Wallet, Bl= ockchain.com, etc. These wallets generally use a single static address (bec= ause anything else confuses their users and they get additional support tic= kets for it!) and put very little time into Bitcoin, focusing instead on ot= her tokens and integrations. A few non-goals: * To ensure that advanced setups have the absolute best in post-quantum sec= urity. I don't see how this moves the needle on the above goal, and in fact= in many cases detracts from the above goal. Of course if we can accomplish= this without detracting from the top-line goal above, great. * To ensure we have the best possible design for the signature scheme bitco= in will be using in a world where a CRQC exists and we've gotten past the m= ess. We'll almost certainly know a lot more about the security of various s= chemes and have more options for how to approach the problem by the point w= e're dealing with the mess of a CRQC being imminent, so it seems like a foo= ls errand to try to predict what we should build for this. But even if we k= now no more then than we do today, likely ending up with hash-based signatu= res as the scheme everyone uses, we'll almost certainly be having conversat= ions about additional witness discounts or increased block sizes to compens= ate for the sudden increase in transaction sizes. Maybe we would decide aga= inst such an increase, but there's no question such a conversation would ha= ppen and it would be premature to have it today. Matt [1] Of course I believe that the lost coin pool is large enough that the Bi= tcoin community will, almost without question, fork to disable insecure spe= nd paths and burn some coins in the process, but reducing the number of coi= ns burned to the absolute minimum is of course best for everyone. --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/= CF7A554D-EE6F-4E6B-A670-1D6F72170539%40mattcorallo.com.