Bitcoin
$12,973.99 -0.18%
BTC · 1w

Thoughts on using sect571k1 as a "emergency break glass" fallback to a formal PQC sig?

Going over the `secp256k1` spec, I was reading through to the `sect571k1` secion (3.7.1). Might it be a good PQC stop-gap upgrade to `secp256k1`? It is still defined on a Koblitz curve giving the higher level of efficiency compared to random parameter selection and offers 15360 bit DSA equivalency compared to the current 3072 bit equivalency (5x increase). Agreed the signatures are twice (2.23) as large and and would require twice the (witness) block space as well as much heavier load on verifying nodes, but perhaps it is a viable alternative given that it would require 5x as many qubits (in theory) to factor. If QC arrives in the next 50 years, might it be convenient to have a PR ready to deploy to simply "kick the can" down the road another century?
Go to self.Bitcoin
Recent news
BTC -0.18% · twitter.com · 21h

Video of COLDCARD secure boot

It’s not too late to get a real hardware wallet to store your #Bitcoin- Secure PIN- Anti-phishing- Physical security- Anti-duress features- Encrypted backup- Multisig- Dice EntropyAll in a true air-ga...
14