[oleganza]

As for mining, there are enough bits in SHA256 to allow billion-fold increase in difficulty. And if there is a danger of breaking it much quicker, all people holding bitcoins have huge incentive to change the protocol to fix the problem.

As for ECDSA, it can only be broken by quantum computers, but still most balances are protected by sha256*ripemd160 hash, so they are safe in the face of sudden QC attack or a weakness in ECC. People will want to protect their wealth and thus will change the protocol for other algorithms.

[darkmighty]

Cool info, thx!

But do you think it would actually be viable to make a protocol algorithm transition?

[oleganza]

When everyone's money is at stake, it'll be very quick. This March, when the network forked, miners with newer version 0.8 agreed to forego mining rewards and abandon their own branch (incompatible with v0.7) just to resolve the issue quickly to not shake the confidence in Bitcoin.

[nwh]

They got their money back anyway. A user paid every single missed bounty from blocks on the abandoned fork.

[oleganza]

v0.7 miners got those rewards, not v0.8 ones.

[nwh]

v0.8 miners were paid back for the lost funds from a private fund, leftover from the original Bitcoin Faucet.

[oleganza]

Yes, but this was not planned ahead. Miners did abandon their rewards even being on a longer chain just to maintain trust in the system. They did not know if they will ever get their money recovered.