Hunter Beast 🕯️

Okay, so here's the deal with quantum. @Snowden leaked in 2013 the existence of a program called Penetrating Hard Targets. The NSA was working with defense contractors and the University of Maryland to build a quantum computer for the purposes of breaking public key cryptography. They've likely spent billions on this program in all its years of existence, though we can't know if that's true unless we have more patriots like Snowden step forward to call out the deep state on their evil shenanigans. NIST has also been working on post-quantum cryptography. The shield against the sword. No cryptography gets published by NIST that doesn't also get approval from the NSA. They're joined at the hip. It's possible that the NSA spent billions breaking cryptography just to give us cryptography to replace it. They want to create the disease and sell the cure. This is your deep state tax dollars at work. The spooks are at it again fellas. And quantum computing is not sovereign computing, they cost billions to make and millions to run, so good luck with that "don't trust, verify" principle. What does this mean? Well, for one, Bitcoin will be under threat someday. Could be that one day PsiQuantum or someone like them will be approached to fill the SBR with Satoshi's coins. Or maybe China wants to get in on the action after being late to the party. The NSA is infamous in Bitcoin circles because Satoshi famously used the lesser-known and less popular secp256k1 curve despite the existence of the more widespread secp256r1, aka P256. P256 turns out to use hardcoded "random" constants that may have been suspiciously chosen. We can't prove they were randomly chosen. secp256k1 used the Koblitz curve as its starting constant, which is just simple multiplication and doesn't look suspiciously chosen. This is part of a larger concern around kleptography, where cryptography is introduced that deliberately compromises secrets. They have in the past supported the distribution of a deliberately flawed RNG (Dual_EC_DRBG) and as far as I'm concerned, as a result, NIST has zero trustworthiness. So what do we do? Well, we can't cargo cult NIST cryptography, for one. I think SLH-DSA is better because we can base it on SHA-256, which is not what the NSA recommends but Bitcoiners know it works perfectly fine and isn't anywhere near being broken, either cryptanalytically or via Grover's algorithm (@dallairedemers says we would need a quantum computer bigger than the Moon to run Grover's over a 256 bit hash). So, it makes sense to base signatures on them using hash-based cryptography approaches like SLH-DSA. Fortunately we've had people like @n1ckler, @roasbeef, and @conduition_io have done deep dives into SLH-DSA and have found it to be solid. Also, it's worth noting that it was partly designed by the goat, DJB, @hashbreaker, who also built the curve used to secure Monero and Signal, and lots of other good and useful stuff. Anyway, that's why I think the good "gold standard" case for cryptography we understand well and can use to our advantage is for SLH-DSA (also known as SPHINCS) to be used with BIP 360 in a tapleaf, along with a hybrid approach where we do not stop using secp256k1. We would base it on SHA-2 because we know that works well. We would probably not modify other security parameters in order to maintain hardware compatibility and acceleration. For NIST I level security, which is the same level of security that secp256k1 offers (@_weidai says it offers only 128 bits of security, despite its name), if used with BIP 360 and accounting for the witness discount, pk+sig size in the witness will be about 2,000 vB. For comparison, pk+sig for Schnorr is about 25 vB. Yes, this will reduce the throughput of Bitcoin. We are actively planning how to handle the problem of scaling post-quantum cryptography on Bitcoin, but that's a separate problem, and judging by the mempool these days, I'm certain Bitcoin can handle that for some time. Besides, there's no reason to select a PQC option before Q-day is confirmed. Long exposure attacks will occur before short exposure attacks, and PQC is only necessary to protect against short exposure attacks. (For more on these definitions, please see the glossary for BIP 360 on bip360.org) I think we have a solid strategy around this and we will be working hard to execute and communicate it next year. Basically we want to get BIP 360 finalized, then come up with an SLH-DSA BIP, and deploy that to secure real money on the Anduro sidechain that leverages a specially designed quantum resistant bridge. We will also work on what to do about coins held in exposed public keys, fleshing out the Hourglass BIP more, also linked on bip360.org. There's a ton of work left to do, but we have a solid and talented team and have received a lot of support from the community and among Core devs. If you want to help now, please read the recently rewritten version of BIP 360 that now has a third co-author, @isabelfoxenduke. You can find it on bip360.org. More updates and info coming soon! Thanks to everyone involved for their help and support and please enjoy the holidays! Merry Christmas, everyone! Also, I realize there are lots of conspiratorial claims in this post that don't always have a lot of evidence. Consider it part of a threat model with plausible incentive structures and reasoned speculation. Also remember, the spooks probably know a lot more than we know. That's just how spooks are. Additionally, it's also fair to disclose that I now earn a living working on solving this problem that the NSA had a part in creating. I work for @andurobtc, which is incubated by @MARA. They have 5% of the hashrate and run Slipstream, which is essential for the design of a quantum resistant sidechain bridge, which is why I joined them a year ago. They've been incredibly supportive of my work so far, I even lead a small team of devs to help build all these solutions. I remain a contractor and not an employee so that I can speak up if I see something I disagree with and I do not have a stake in the company itself so that I can maintain neutrality. Stocks are a boomer meme anyway (although I do appreciate the enthusiasm of the "MARA pigs" who sometimes pop up in my mentions). I'm a Bitcoin only guy and if I ever want to retire, then Bitcoin must surmount this threat, and the next. Bitcoin is antifragile and a civilizational imperative. Stay prepared, not scared, my friends.

@CatoTheElder17 @BitcoinMagazine By the way I have to step out for something important tonight so please take your time in reviewing and preparing a thoughtful response. Thanks in advance, and much respect.

@CatoTheElder17 @BitcoinMagazine It does not require large signatures. Have you read the version that got merged? Please, I invite your suspicion. Read the BIP as it was approved through the review process and then voice your concerns. github.com/bitcoin/bips/b…

JUST IN: A testnet for Bitcoin Improvement Proposal 360 has been deployed, which aims to strengthen Bitcoin against quantum 👀

@CatoTheElder17 @BitcoinMagazine First of all, it's a spec. I'm not asking you to read the code. I'm not mocking you. I'm asking if you have any concerns about the BIP aide from authorship. I agree that anyone who cares about bitcoin should worry about attackers, especially as the fear ratchets up.

@cryptoquick @BitcoinMagazine Trust is important. Devs mock plebs for our lower code expertise, but many don’t get that BTC is valuable only because we save in it, run nodes & fight on the social layer. Quantum-proofing gone wrong is lethal for BTC, nobody wants to trust their life to an antisocial surgeon

@CatoTheElder17 @BitcoinMagazine fwiw, that was trolling See who I was responding to. Any issues with the changes proposed in the BIP itself or are we going to keep taking past tweets out of context?

@cryptoquick @BitcoinMagazine I did read the BIP. Your redemption ark is very conveniently timed - obviously I don’t buy your sudden change. This is from just three months ago. People don’t change that fast.

@grok @secsovereign @CatoTheElder17 @BitcoinMagazine 💯

No solid surveys exist to quantify it precisely, but community anecdotes on X, Reddit, and Bitcoin forums suggest a majority—likely 60%+ of long-term Bitcoiners—started in altcoins or "shitcoins," lost money in cycles like 2017/2021, then pivoted after seeing the pattern. It's the classic "scars make the maxi" path. Many never touch alts again.

@_pretyflaco @CatoTheElder17 @BitcoinMagazine Thank you for the feedback

@cryptoquick @CatoTheElder17 @BitcoinMagazine I agree technical changes need to be thoroughly explained so node operators can make educated decisions. The BIP does an OK job in that, but nothing extraordinary tbh. Not worth adding the baggage of a person that has obvious other agendas than just improving bitcoin technically

@cryptoquick @BitcoinMagazine My proof of work was complete as soon as I saw you have eagerly facilitated spam on Bitcoin with no regard for the future consequences. Not to mention partnering with an MIT DCI guy and a likely intelligence asset.

@CatoTheElder17 @BitcoinMagazine Have you read the BIP? What you are falling into is an ad hominem fallacy. For what it's worth, I regret my previous work in Ordinals. Do you believe in redemption? Free will? Deciding to do the right thing once you know what's wrong?

@_pretyflaco @CatoTheElder17 @BitcoinMagazine I brought her on as a technical communicator to better explain the consensus changes necessary so that you can understand them. I believe every change requiring soft fork consensus should have a dedicated technical communicator in order to explain it. Have you read it?

@cryptoquick @CatoTheElder17 @BitcoinMagazine Come on @cryptoquick – optics matter. Your co-author seems indeed a propagandist / marketer with repulsive biases. It's quite a tall ask to look past all the bs she publishes.

Greetings from Alamosa upon the eve of the Vernal Equinox. Whatever happens tonight... If I don't return, don't worry. I've gone home. 🏔️🐧👑

@BitcoinMagazine I would not trust the BIP-360 devs with a houseplant. The overlap between the BIP devs, (and their propagandist Isabel Foxen Duke), with support of the hugely damaging ordinals ecosystem is 100%. They’ve proven to have no concern for the long term health of BTC.

@CatoTheElder17 @BitcoinMagazine Frankly, you don't sound like a particularly self-sovereign bitcoiner. You shouldn't trust anyone. Don't trust. Verify. Think for yourself. Don't be lazy. It's not the devs, it's the work, the code, the spec, the protocol. Do the work to understand. Show your Proof of Work.

👏🏽 @cryptoquick

Today, @galaxyhq published a report on the quantum threat to Bitcoin. It maps the problem across three layers: - Attack surface - Mitigation pathways - Deployment challenges The conclusion aligns with what we’ve been seeing: The risk is real, and work is already being done🧵

@IanSmith_HSA @LundukeJournal Fine by me I use a VPN already It goes to Texas

@LundukeJournal we should add GeoIP blocks against Brazil, California, Colorado

I’m compiling together a list of which Open Source Operating Systems (Linux, BSD, etc.) do (or do not) plan to comply with new Age Verification laws. I need to track these for the purpose of reporting on the story, and I figured others would find having a list handy as well. If you’d like to contribute, feel free. Will be adding to the list as more systems are confirmed as either implementing or opposing Age Verification. github.com/BryanLunduke/D…

Elijah Wood is DJ’ing a ‘Lord of the rings’ middle earth themed rave in Denver on 5/31

"Take this, this will help you escape from this place"

@Brohonatron @AshtonForbes From what I've heard, they want stuff we have (cattle mutilations, abductions) I've also heard we've been able to shoot some of them down, something about "psychic link loss" So why make war when we can trade?

@AshtonForbes Lol. Nah. You're getting aliens only. 😆

Told yall we're going to get all the aliens. What we really care about is their technology. Give us fusion and warp drives.