|
|
|
|
|
|
by glerk
78 days ago
|
|
|
Even if Q-day means there is a way to deterministically retrieve any private key from a public key (is that what it means? or is the blast radius of q-day contained? This is a bit above my level of cryptography), I’m sure we could come up with something to minimize the damage. In the worst case, it might involve a claim process with an authority or consensus mechanism to prove who the rightful owner of the funds is and revert the unauthorized transactions on the new chain. Yes, this is not ideal! But if the wallet conversion requires active participation, preemptive measures are also not ideal. |
|
|
That's exactly what it means. (Note also that under ECDSA you can retrieve a public key from a valid signature).
How do you prove anything, after the key material is compromised?