To proactively address potential future vulnerabilities, cybersecurity company Naoris has initiated a substantial “bug bounty” program focused on examining the resilience of cryptographic algorithms essential to blockchain technology. Announced in early May, the challenge offers a total prize pool of $120,000 – approximately equivalent in value to one Bitcoin – for successfully demonstrating exploits against the cryptographic standards that underpin major cryptocurrencies and blockchain systems like Bitcoin, Ethereum, and Solana. This initiative is designed to rigorously test these critical security mechanisms ahead of potential breakthroughs in quantum computing, which could one day present a significant threat to digital security.
The largest single reward, valued at $50,000, is specifically earmarked for anyone who can successfully compromise the secp256k1 algorithm. This algorithm forms the foundational cryptographic basis for both Bitcoin and Ethereum. A $30,000 bounty awaits anyone who can break Ed25519, an algorithm currently utilized by Solana and encrypted communication platforms, including Signal and WhatsApp. Further rewards, although smaller in value, are also on offer for demonstrating vulnerabilities within the NIST P-224, P-384, and P-521 elliptic curves. The value of these secondary rewards is scaled based on the complexity of each algorithm and its prevalence in usage.
The ramifications of a successful compromise of these algorithms would be significant. A breach of secp256k1 could compromise the security of Bitcoin, the Lightning Network, and numerous Layer-2 protocols built on Ethereum. Likewise, a successful attack targeting Ed25519 would potentially disrupt secure server access methodologies, undermine the integrity of Git version control systems, and expose weaknesses in DNS security infrastructure. The NIST P-224 curve, already considered less robust, is scheduled for deprecation by 2030 due to its relative susceptibility to compromise.
Despite current estimations indicating that breaking the secp256k1 algorithm would require approximately 10 billion trillion years using contemporary GPU computing capabilities, the potential for future quantum computing advancements is driving proactive measures. Notably, a new Bitcoin Improvement Proposal (BIP) aims to gradually phase out older signature schemes to mitigate risks associated with quantum computing. This proposal underscores the fact that a successful quantum attack could destabilize Bitcoin’s economic framework and diminish the capabilities of miners to effectively safeguard the network.
Adam Back, CEO of Blockstream and a referenced individual in the Bitcoin whitepaper, has theorized how advancements in quantum computing could indirectly reveal insights into the activities of Bitcoin’s pseudonymous creator, Satoshi Nakamoto. Back suggests that if quantum attacks were to threaten Nakamoto’s digital assets, it might compel them to transfer their holdings to more secure storage solutions, potentially confirming their continued involvement and oversight of the Bitcoin network.
Parallel research efforts are underway to develop blockchain-agnostic solutions. Sui Research recently unveiled a cryptographic framework designed to protect multiple blockchains against quantum threats, without necessitating disruptive hard forks or address modifications. However, this approach does not currently extend its protective capabilities to Bitcoin or Ethereum, emphasizing the technical challenges associated with deploying universally applicable quantum-resistant solutions.
The Naoris bounty program exemplifies a growing awareness within the cryptocurrency community concerning the potential long-term risks posed by quantum computing. Although experts generally concur that quantum computing does not currently pose an immediate threat, the initiative highlights the critical importance of proactive preparedness for future technological advancements. The program not only provides an incentive for researchers to evaluate the robustness of existing cryptographic standards but also contributes to the broader effort of enhancing the overall resilience of digital infrastructure in the face of emerging technological challenges.
Source:
[1] Bitcoin’s quantum threat: Naoris offers bounty to break crypto encryption (https://cointelegraph.com/news/bounty-to-be-paid-to-whoever-breaks-bitcoin-s-cryptography-by-naoris)