Quantum Computing On-Chain? Why Blockchain’s Kryptonite May Also Be Its Greatest Opportunity
In our previous technical deep-dive, we introduced the technology of homomorphic encryption and outlined its clear potential to kill, not two, but three birds with one stone by allowing for blockchains to simultaneously boast greater privacy, security and regulatory compliance — in other words, be the very implementation that finally removes the present-day conundrum of having to strike compromises between these three elements when building on-chain.
If, in light of the above, homomorphic encryption is blockchain’s magic bullet, today’s topic of focus, quantum computing, is more akin to a mighty double-edged sword. If harnessed with expertise and responsibility, it will be equally, if not even more instrumental to blockchain’s growth and adoption trajectory. If left to its own devices, however, it presents a number of challenges that blockchain developers will need to confront in order to secure blockchain from a number of existential attack vectors.
We’ve all heard it in passing that quantum computing is the ‘next big thing’ in the history of ever-growing computational power in the world, but few of us are intricately familiar with precisely how it sets to achieve its breakthroughs. Let’s begin with a quick recap on what exactly quantum computing is.
Quantum computing is a groundbreaking field that harnesses the principles of quantum mechanics to solve enormously complex problems in a small fraction of the time that regular computers can solve smaller problems. Their core features include:
Superposition: Unlike traditional computers, quantum machines use qubits, not bits. Whereas bits can only be 0 or 1, qubits can be both 0 and 1 at the same time, thanks to a concept called superposition. In other words, this means that qubits can be in any position between off and on, less like a light switch and more like a dimmer switch.
This parallelism leads to an exponential increase in processing power, as each additional qubit effectively doubles the theoretical processing power of a quantum computer. This is because each qubit added to the system doubles the total number of possible states that can be represented and processed simultaneously.
Entanglement: When two qubits become linked, changing one instantly affects the other, no matter how far apart they are. This “spooky action at a distance,” as Einstein playfully called it, allows for much faster information processing. This means that once qubits are entangled, they form a system where they can no longer be described independently of each other.
This interconnectedness allows quantum computers to process complex, multi-part problems more efficiently because the qubits can share information instantly.
Quantum Gates, Circuits: Just like regular computers have circuits and logic gates, quantum machines rely on quantum gates and circuits. These perform operations on qubits, guiding them through their dance of superposition and entanglement.
Thanks to these features, quantum computers hold the potential to crack problems that would take conventional computers centuries, like designing life-saving drugs or optimising complex systems. However, it’s still early days. Building and harnessing these machines has its challenges, like keeping those delicate qubits stable. Think of quantum computing as a powerful, uncharted territory waiting to be explored. It’s not just about replacing your laptop; it’s about pushing the boundaries of what’s possible with information processing, with immense potential to revolutionise various fields.
Quantum computing is still in its early stages of development, but it has the potential to revolutionise many fields, including:
Drug discovery: Simulating the behaviour of molecules and designing new drugs more efficiently.
Materials science: Designing new materials with enhanced properties, such as superconductors and semiconductors.
Financial modelling: Optimising financial portfolios and risk management strategies.
Artificial intelligence: Developing new AI algorithms that are more powerful and efficient.
But what does it mean for blockchain?
The rapidly evolving realm of blockchain technology has revolutionised the way we interact with value, empowering individuals and institutions to conduct secure, transparent, and decentralised transactions across the globe. However, despite its transformative potential, blockchains running on traditionally encrypted private keys — including Bitcoin — are existentially vulnerable on account of this reliance on simple cryptographic algorithms. They are vulnerable to attacks by quantum computers. As quantum computing capabilities continue to advance, the need to address this vulnerability becomes increasingly urgent.
This vulnerability, in a nutshell, is that quantum computers will almost certainly become powerful enough to break the cryptographic algorithms — namely Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC) — that currently secure transactions and protect sensitive data from unauthorised access. This would enable attackers to decrypt private keys, forge transactions, or even manipulate the blockchain itself. As it stands, this poses a significant threat to the integrity and security of blockchain-based systems, threatening their primary value proposition of trustless security.
The most notable example of a vulnerable blockchain is none other than the King of Crypto, Bitcoin. Bitcoin uses elliptic curve digital signature algorithm (ECDSA) for its public key cryptography, meaning that when a Bitcoin transaction is made, the public key associated with the sender’s address is exposed to the network. While the network currently relies on the computational infeasibility of deriving a private key from a public key, a sufficiently powerful quantum computer could theoretically perform this computation efficiently using Shor’s algorithm. So, if an attacker had access to a quantum computer, they could potentially derive the private key from the public key exposed in a transaction, allowing them to access and spend bitcoin tokens without authorisation.
We’re all familiar with the term ‘frontrunning’ in crypto — i.e. the act of pre-empting market movements to execute advantageous trades. Now, it’s time for the crypto industry as a whole to adopt a form of strategic ‘frontrunning’ — not in the markets, but against the looming threat posed by quantum computing. By proactively embedding quantum-resistant technologies and methodologies within blockchain infrastructure, the industry can effectively immunise itself against quantum computing’s potential to compromise its cryptographic security.
Ultimately, by leveraging quantum cryptography, blockchain technology can achieve a level of security that is unprecedented, ensuring that transactions and data remain protected even as quantum computing capabilities continue to grow. This will foster trust and confidence in blockchain-based systems, paving the way for their wider adoption and integration into various industries.
But incorporating this technology isn’t just about protecting blockchain from its menaces; it’s also a case of leveraging the very advances in quantum computing to reinforce and rejuvenate blockchain’s own capacities, propelling them to new heights once more. Here are some of the leading solutions currently in development with the aim of:
- Immunising blockchain’s cryptography against quantum attacks
- Leveraging quantum computing’s potential to bolster blockchain’s core offering
Let’s start by looking at two existing technologies that have bestowed elements of quantum resistance on Ethereum: account abstraction and zero-knowledge proofs, ZK-Stark + SNark.
Account Abstraction (AA)
Account abstraction in crypto refers to the ability to manage and use blockchain accounts with smart contracts instead of relying solely on private keys. AA essentially separates the control of funds from the execution of transactions. Instead of directly signing each transaction with a private key, users leverage smart contracts to define spending rules and permissions. This grants them greater control over their assets while simultaneously mitigating the security risk associated with private key exposure.
Ethereum currently uses Externally Owned Accounts (EOAs) as the main account model, relying on private keys for signing transactions. Although EOAs offer a simpler design, their behaviour is strictly defined by the underlying protocol, limiting their adaptability to meet various user needs. This rigidity often results in a subpar user experience (UX) and poses an obstacle to widespread acceptance. The core issue lies in the protocol’s reliance on a private and public key pair to control EOAs. The main challenges associated with using a key pair for transactions include, but are not limited to:
- Poor UX on account of needing to securely and discreetly store the private key as opposed to relying on six-digit passwords or facial recognition, prior to initiating transactions.
- The sole authentication method, which means that the protocol solely relies on the knowledge of the private key for transaction initiation and account ownership verification, creates a significant security risk as anyone with access to the key is indistinguishable from the rightful owner in the event of a compromise.
- Protocol dominance meaning that within the EOAs system, it is the Ethereum protocol, rather than the developers, that dictates the validity of transactions.
Now, the new ERC-4337 token standard enables “smart contract wallets” that offer the key benefits associated with AA. These wallets hold funds and execute transactions based on programmed logic, enabling features like:
- Gasless transactions: Protocols can sponsor transaction fees, offering users a seamless experience without requiring them to hold ETH.
- ERC-20 token payments: Users can pay transaction fees directly in ERC-20 tokens, increasing flexibility and potentially reducing costs.
- Enhanced security: Smart contract wallets can implement advanced security measures like multi-signature approvals and social recovery, mitigating the risks of single private keys.
However, it’s important to note that the security of these wallets heavily relies on the entry point contract, which acts as a central trust point for EIP-4337 compliant accounts. Smart contract developers also have a responsibility to implement proper verification functions, access control mechanisms, and minimise the attack surface by restricting sensitive operations to the entry point contract.
Beyond its immediate benefits, EIP-4337 holds significant potential for Ethereum’s future. It is considered a crucial step towards large-scale adoption by improving user experience through features like:
- Granular account permissions: Users can define more precise spending rules and access controls for their accounts, enabling more complex and secure financial management.
- Multi-signature support: EIP-4337 facilitates the creation and use of multi-signature accounts, where multiple parties need to approve transactions, enhancing security and trust for shared accounts.
Most importantly, though, EIP-4337 lays the groundwork for quantum-resistant transactions on Ethereum. By supporting alternative verification mechanisms beyond the traditional ECDSA, which could be vulnerable to future quantum computing advancements, it helps future-proof the network and its users’ assets.
So, while EIP-4337 represents a significant leap forward for rendering blockchain quantum-resistant, it’s a work in progress. The full integration of AA into the core Ethereum protocol is planned for future upgrades, with ongoing discussions and refinements regarding its implementation. Nevertheless, EIP-4337 marks a major step towards a more secure, user-friendly, and future-proof Ethereum ecosystem.
Even more revolutionary, secure and quantum-resistant than EIP-4337, however, is what Starknet have introduced — native account abstraction.
Starknet places AA at the forefront: every account is a smart account, eliminating the existence of EOAs entirely. This marks a transition to an environment where intelligence is embedded in every account. Starknet’s entire infrastructure, including wallets and block explorers, is specifically crafted for AA, setting it apart from other Layer 1 and Layer 2 networks. This positions Starknet as a pioneering smart ecosystem, where developers can create applications and tools with the assurance that AA is universally applicable, bypassing the need to accommodate non-AA accounts. Developers have the liberty to harness the full potential of AA in their applications, with the understanding that smart accounts are the sole medium for user interaction.
Starknet’s inherent AA architecture removes the complex requirements associated with ERC-4337. There’s no need to modify infrastructure and tools for compatibility. This streamlining is made possible by assigning the role of the Bundler to the Sequencer, simplifying the overall system by design. Here are two live applications of this quantum-resistant and user-friendly technology:
Braavos
Leveraging the native smart account feature of Starknet, the Braavos team developed a smart wallet that offers a user experience similar to Web 2.0, enabling access to your wallet through the biometric features of your mobile phone. This is interesting because the cryptographic technologies employed by most blockchains differ significantly from those used in mobile devices, often leading to expensive signature verification processes. However, this innovation may soon allow for transaction signatures via mobile phones, while still ensuring robust security.
Argent
Argent introduces a novel feature through signature abstraction, known as ArgentX’s guardian service, or Argent-Shield. This service provides users with an additional security layer for their accounts by appointing Argent as a guardian. Argent will approve transactions only after receiving email confirmation. This adds a two-factor authentication layer, a security measure widely recognised and used in numerous non-blockchain applications.
In addition to this, Visa has joined the list of legacy institutions queuing up to incorporate AA, having conducted significant research into ‘auto payments for self-custodial wallets’ on Starknet, further demonstrating the rapidly growing faith in AA as a solution to security and quantum resistance on-chain, that maintains a healthy user experience.
Zero-knowledge proofs (ZK-STARKs and ZK-SNARKs)
Zero-knowledge proofs, specifically ZK-STARKs and ZK-SNARKs, represent another pivotal advancement in enhancing blockchain technology’s security and privacy, while simultaneously providing a foundation for quantum resistance. These cryptographic techniques allow for the verification of information without revealing the information itself, a feature that not only bolsters privacy and security but also aligns with the push towards quantum-resistant blockchain solutions.
ZK-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) enable the proof of possession of certain information without revealing that information or any interaction between the prover and verifier. This technology has been instrumental in enabling privacy-oriented cryptocurrencies and applications by allowing transactions to be verified as valid without disclosing their contents.
On the other hand, ZK-STARKs (Zero-Knowledge Scalable Transparent Arguments of Knowledge) offer a similar capability but with a few key differences that address some of the limitations of ZK-SNARKs. Notably, ZK-STARKs do not require a trusted setup, which removes a potential vulnerability point and makes them more secure against certain types of attacks. Additionally, they are potentially more resistant to quantum computing attacks due to their reliance on different cryptographic assumptions.
However, while ZK-STARKs and ZK-SNARKs present promising solutions to enhancing blockchain security and privacy — including by way of quantum resistance — their implementation and optimisation remain complex. The computational intensity of generating and verifying zero-knowledge proofs poses challenges, particularly in terms of efficiency and user experience. Ongoing research and development efforts are focused on making these technologies more accessible and practical for widespread use within the blockchain ecosystem.
As blockchain technology evolves in response to the advent of quantum computing, the integration of quantum-resistant mechanisms like account abstraction and zero-knowledge proofs (ZK-STARKs and ZK-SNARKs) represents a forward-thinking approach to securing the blockchain against quantum threats. By addressing the dual challenges of privacy and security, these technologies not only mitigate the risks posed by quantum computing but also unlock new possibilities for blockchain applications, paving the way for a more secure, private, and scalable blockchain infrastructure.
Quantum Key Distribution (QKD)
Quantum Key Distribution (QKD) is a method that utilises quantum mechanics principles to securely distribute encryption keys between parties. The uniqueness of QKD lies in its security, based on the fundamental laws of physics, making it theoretically immune to any computational attack, including those from quantum computers. If an attempt is made to intercept the key, the quantum state of the particles would be altered, thus revealing the presence of an eavesdropper and ensuring the integrity of the key exchange process.
This secure key distribution is what enables QKD to enhance blockchain security. Whereas currently on blockchain, consensus and transaction validation rely solely on cryptographic protocols, QKD can provide an additional layer of security against quantum attacks by securely distributing keys that are theoretically immune to interception. In this way, QKD can protect the data integrity and communication channels within the blockchain network, making it more resistant to an attack powered by quantum computational power.
In Q1 of 2022, an experimental research project conducted by Toshiba, JPMorgan and Ciena demonstrated how a unique optical channel, protected by QKD, can instantly detect and thwart eavesdropping. This innovation was successfully trialled on Liink, the world’s first production-grade, peer-to-peer blockchain network led by a bank, representing the first-ever instance of QKD safeguarding a mission-critical blockchain application.
Yasushi Kawakura, VP and General Manager of Digital Solutions Division at Toshiba America heralded the success of the experiment by announcing that “we now have a proven and tested method for defending against quantum attacks on blockchain”, and at the time of writing, QKD remains the only solution currently offering mathematically proven guarantees to defend against potential quantum computing-based attacks, its security guarantees rooted firmly in the laws of quantum physics.
Whilst early iterations of QKD protocols such as BB84 and E91 have been successfully implemented since the turn of the century, it was previously thought that QKD is unscalable on account of the fact that ground-based key exchanges using optical fibres are limited to a few kilometres. The findings of this research study, however, have dwarfed those of past efforts by achieving an unprecedented 800-Gbps quantum-secured optical channel, integrating multiple DWDM channels with a QKD quantum channel over distances up to 100 km. It demonstrated a substantial secure key rate, suitable for real-world, high-capacity applications, a significant leap from prior experiments which were limited in scale and operational conditions. This marked a notable progression in practical, high-performance QKD application in real-world, mission-critical environments including and extending beyond blockchain.
Post-quantum cryptography (PQC)
Post-Quantum Cryptography (PQC) refers to cryptographic algorithms that, like QKD, are designed to be secure against the potential capabilities of quantum computers, namely quantum attacks.
PQC encompasses a range of cryptographic primitives, including post-quantum key exchange, digital signatures, and encryption algorithms. These primitives are typically based on mathematical problems that are believed to be resistant to quantum attacks, such as lattice-based cryptography, multivariate polynomial cryptography, hash-based cryptography, and code-based cryptography. The development of PQC is crucial, given that widely used cryptographic algorithms like RSA and ECC are vulnerable to quantum attacks, which could compromise the security of current communication systems and data.
Unlike QKD, which relies on the strange rules of quantum mechanics to securely share keys, PQC sticks to the realm of pure mathematics. It tackles much harder mathematical problems than traditional methods, making it incredibly difficult for even quantum computers to crack.
Think of it like building an intricate puzzle with many more pieces and complex rules. It becomes practically impossible for anyone, even a quantum computer, to break the code and unlock the information.
The focus of PQC research lies in crafting these ultra-secure asymmetric key pairs. These keys come in pairs: a public key for everyone to see and a private key kept secret. The magic lies in the fact that information encrypted with the public key can only be decrypted with the private key, and vice versa.
Conclusion
As the old saying goes, necessity is the mother of invention. With that in mind, studying the intricate dance between quantum computing and blockchain technology has elucidated the fact that the former presents both a formidable, potentially existential challenge and a pivotal opportunity for blockchain’s evolution. Blockchain will simply need to evolve in order to protect itself from quantum computing’s capacity to undermine traditional cryptographic defences, but with that evolution comes a more robust, usable and scalable iteration of blockchain.
The vulnerability of blockchain technology, exemplified by the potential for quantum computers to decrypt private keys and forge transactions, casts a shadow over its foundational promise of trustless security. Yet, in this vulnerability lies an opportunity for transformation. By strategically integrating quantum-resistant technologies such as account abstraction, zero-knowledge proofs (ZK-STARKs and ZK-SNARKs), and exploring the frontiers of Quantum Key Distribution (QKD) and Post-Quantum Cryptography (PQC), the blockchain industry can not only shield itself against the quantum threat but also leap forward in its capability to offer even more robust and sophisticated solutions.
The narrative of blockchain’s response to quantum computing is not one of mere survival but of proactive adaptation and growth. The adoption of account abstraction offers a glimpse into a future where blockchain transactions are not only quantum-resistant but also more user-friendly and versatile, enhancing the overall user experience. Similarly, the integration of zero-knowledge proofs and the exploration of quantum encryption methods like QKD illustrate the industry’s commitment to elevating the security and privacy of blockchain technology to unprecedented levels.
In conclusion, the journey towards a quantum-secured blockchain is a testament to the industry’s resilience and ingenuity. It reflects a broader commitment to not just addressing imminent threats but also to harnessing the full potential of these advanced technologies to enhance blockchain’s foundational strengths. As we venture into this uncharted territory, the focus on quantum protection and the exploration of new cryptographic frontiers are paramount. They not only ensure blockchain’s viability in the face of quantum advancements but also reinforce its role as a transformative force in the digital era. By embracing the challenges and opportunities presented by quantum computing, the blockchain industry is poised to redefine the boundaries of security, privacy, and trust in the digital world.