Dive! Dive! Dive!
The blockchain as a shipwreck.
Dateline: Woking, 28th December 2023.
The San José was a 62-gun, three-masted galleon that was sunk by the British with 600 people on board during the War of Spanish Succession (1701-1714). The British were at the time trying to prevent Spanish galleons from returning to Europe loaded with bullion and jewels that could be to fund the war. The San José was sailing from Portobelo, Panama as the flagship of a treasure fleet of 14 merchant vessels and three warships. It was tracked near Cartagena by the English Commodore (later Admiral) Charles Wager and attacked on 8th June 1708. Wager intended to capture the ship and the loot, but the galleon's gunpowder supplies blew up and it sank in deep water, where it has remained untouched for more than 300 years.
Davy Jones’ Cyberlocker
The story of the San José fascinates me. A few years ago the Colombian navy discovered the wreck, thanks in part to the Woods Hole Oceanographic Institution (WHOI), which used its REMUS 6000 autonomous underwater vehicle (AUV) to locate the remains at a depth of about 2,000 feet. They were not doing this purely out of curiosity, because the San José was carrying a couple of hundred tons of gold, silver, emeralds and such like that are worth an estimated $17 billion in today's money. Yep, that's not a misprint. It is the world's richest shipwreck. Right now there are billions of dollars worth of 18th-century Latin American fungible tokens laying on the sea floor waiting to be picked up.
The Colombian government has said that it will attempt to raise objects from the shipwreck. They estimate it will cost about $70 million to salvage what it calls a "national treasure” and it wants it put on display in a museum to be built in Cartagena. However, there is an international dispute emerging around the wreck, which is in Colombian waters. Spain insists that the treasures are theirs, since they were aboard a Spanish ship, while Bolivia's indigenous Qhara Qhara nation say the Spanish forced the community's people to mine the precious metals, so the treasures should belong to them.
(The story of the Bolivian silver mines, as told in Kris Lane’s excellent Potosi: The Silver City That Changed the World, is horrifying, by the way.)
I was thinking about the fate of this seabed fortune because I read a story of yet another crypto-chaos-mixup that occurred recently when someone typed in the wrong destination address for a token transfer and sent $36m-worth of frictionless digital money of the future into oblivion.
There must be a lot of cryptocurrency that has sunk below the waves of the web because the USB stick/hard disk/post-it note with the key on has been destroyed (remember the poor chap searching through Welsh rubbish dumps to find his hard drive) or because the value was transferred to a wallet for which no private key exists or because the only person who knew the pass phrase has died in a swimming accident or been overcome by Alzheimer’s.
Those gold coins spread over the South American seabed remind me of all of those bitcoins that have gone to crypto-heaven, or perhaps crypto-purgatory, because the relevant private keys have been lost. In time, new technology will come along to mean that they can be recovered, except in this case it will be a quantum computer rather than a submarine. When quantum computers break the encryption, people will be able to spend each others’ money with impunity.
Setting Sail
It won’t be archeologists looking for these quantum computers, of course, because a great many other people (e.g., organised crime, unscrupulous “whales” and the tax authorities of many nations) are searching for them too. The code-cracking quantum computers that will be needed to find them are under development but they won't happen tomorrow. Professor John Martinis, who used to be the top scientist in the Google quantum computing team, says that Google's plan in this field is to build a million-qubit system with a sufficiently low error rate that error correction will be effective enough to make execution reliable about a decade from now. Such a system will have enough logical qubits that the system will be able to execute powerful algorithms to attack problems that are beyond the capability of classical supercomputers.
One of these problems is, of course, breaking the asymmetric cryptography at the heart of cryptocurrency. For technical reasons to do with the way that public keys and things work, the accountants Deloitte reckon that about four million Bitcoins will be vulnerable to such a quantum attack. With Bitcoin hovering around $30,000 or so, that means a pot of more than a hundred billion dollars is at the end of the quantum rainbow.
And that’s just for the lost or abandoned vulnerable wallets. A further and much bigger risk to Bitcoin is the attack on unprocessed transactions. When you spend Bitcoin, you broadcast your public key. An attacker with a quantum computer can find the corresponding private key and recreate the transaction to send the money (for example) to themselves. They then would need to get their bogus transactions processed before the original transaction (by paying a bigger fee). All of this would need to be well-timed and finished in a relatively small time window, which sounds hard but it is worth doing because it puts every Bitcoin transaction at risk.
That’s just Bitcoin. In a paper from the University of Surrey in the UK last year, Stephen Holmes and Liqun Chen explain the risk to different cryptocurrencies are not the same. They share a common quantum vulnerability through use of non-quantum safe Elliptic Curve Digital Signature Algorithm (ECDSA) digital signatures but the specific risks of a successful quantum attack depend on many factors, such as the block interval time, the vulnerability to an attack that delays the time for an unprocessed transaction to be completed and the behaviour of a cryptocurrency user to increase the cost of a quantum computer attack.
Fishing for Bitcoin
Mark Webber and his team at the University of Sussex in the UK recently calculated that breaking the cryptography in a 10-minute window would require a quantum computer with 1.9 billion qubits, while cracking it in an hour would require a machine with 317 million qubits. Even allowing for a whole day, this figure only drops to 13 million qubits. In other words, the working quantum computer that can search Davy Jones’ cyberlocker is some way off, and it will cost a lot more than $70 million. Nonetheless, it's coming.
The recent news that IBM has used a quantum computer to solve a specific problem beyond the reach of classical methods is another step on the road to what has become known as “quantum advantage”, where a quantum system solves a problem that cannot be solved by any amount of classical computation.
The quantum version of that AUV is an inevitability and the treasure will be discovered. And there is plenty of laying around. The legendary Satoshi Nakamoto had in the region of a million bitcoins that he mined during the cryptocurrency’s development phase. Those coins should now be considered a treasure trove as Satoshi disappeared a few years after Bitcoin’s launch. Estimates vary but somewhere between a fifth and quarter of Bitcoin is already lost like this — or at least lost until a quantum computer comes along to collect it — and never coming back into circulation.
The use of a quantum computer in this way would have enormous ramifications. Getting hold of public keys (from the mempool, for example) would open up the blockchain to attacks and if even a fraction of the Bitcoins out there are stolen, then Bitcoin would probably tank and everyone (including the unexposed) loses as well.
In time, value will migrate to currencies built on quantum-resistant algorithms, or to quantum computers themselves. But right now it might be well worth spending a few billion to build a device that will dredge up a hundred billion or so. Who’s up for a crowdfunding?
Are you looking for:
A speaker/moderator for your online or in person event?
Written content or contribution for your publication?
A trusted advisor for your company’s board?
Some comment on the latest digital financial services news/media?
Shipwreck, trainwreck. Take your pick!
Speaking of losing Bitcoin private keys, I think that's the best explanation for the mystery of why Nakamoto has never spent any of their enormous BTC account. Nakamoto might have been a genius but one of the blind spots of the whole Bitcoin project for many years was private key safety. The importance of keeping private keys in hardware was well known by smartcard systems designers since c. 1990 but it took the Bitcoin world four or five years to reinvent that wheel (I count Trezor as the first hardware Bitcoin wallet, coming out in 2014).
I think there's a very interesting history-of-technology story to explore: Why didn't the Bitcoin pioneers pay more attention to private key safety? And was Nakamoto themselves a victim of frying their own private key or throwing the hard drive out in the trash?
PS. It's a bit arcane but I think the reason they overlooked private key safety for so long is they were fixated on public keys. One of the strongest (albeit most subtle) strengths of Bitcoin and the like is these are the only public key cryptographic security systems I can think of that have no public key lifecycle management. That is, there is no assignment or binding of public keys to users. The system works even though no one knows which public key goes with which user. That's magic.