Most active commenters
  • acdha(3)

←back to thread

Willow quantum chip demonstrates verifiable quantum advantage on hardware

(blog.google)
429 points AbhishekParmar | 14 comments | 22 Oct 25 15:16 UTC | HN request time: 0.65s | source | bottom
Show context
andy_ppp ◴[22 Oct 25 23:11 UTC] No.45676328[source]
I would be quite worried about advances in quantum computers if I had any Bitcoin after watching this DEFCON talk: https://www.youtube.com/watch?v=OkVYJx1iLNs
replies(5): >>45676454 #>>45676591 #>>45677387 #>>45677519 #>>45678889 #
1. vayup ◴[22 Oct 25 23:47 UTC] No.45676591[source]
Quantum is a known threat. There is enough time to fix it. Folks are working on the fixes.

Cryptocurrencies would be the last thing I worry about w.r.t Quantum crypto attacks. Everything would be broken. Think banks, brokerage accounts, email, text messages - everything.

replies(4): >>45676899 #>>45676916 #>>45678230 #>>45678285 #
2. acdha ◴[23 Oct 25 00:37 UTC] No.45676899[source]
I think that’s backwards: most of the stuff you mentioned is using TLS and can switch to post-quantum algorithms with a config change, and do so incrementally with no user-visible impact - e.g. right now I’m already using PQC for many sites and about half of the traffic Cloudflare sees is using PQC:

https://radar.cloudflare.com/adoption-and-usage

In contrast, cryptocurrencies have to upgrade the entire network all at once or it’s effectively a painful fork. That effort appears to just be getting talked about now, without even starting to discuss timing:

https://github.com/bitcoin/bips/pull/1895

replies(3): >>45677105 #>>45677249 #>>45677624 #
3. snailmailman ◴[23 Oct 25 00:40 UTC] No.45676916[source]
The world has already migrated through so many past now-insecure cryptography setups. If quantum computers start breaking things, people will transition to more secure systems.

In HTTPS for example, the server and client must agree on how to communicate, and we’ve already had to deprecate older, now-insecure cryptography standards. More options get added, and old ones will have to be deprecated. This isn’t a new thing, just maybe some cryptographic schemes will get rotated out earlier than expected.

replies(1): >>45677309 #
4. ziofill ◴[23 Oct 25 01:12 UTC] No.45677105[source]
Is this a purely server side migration? Do browsers/OSs need updating too?
replies(1): >>45677471 #
5. wahern ◴[23 Oct 25 01:37 UTC] No.45677249[source]
> In contrast, cryptocurrencies have to upgrade the entire network all at once or it’s effectively a painful fork

Bitcoin is much more centralized than the popular imagination would have you believe, both in terms of the small number of controlling interests behind the majority of the transaction capacity, and just as importantly the shared open source software running those nodes. Moreover, the economic incentives for the switch are strongly, perhaps even perfectly, aligned among the vast majority of node operators. Bitcoin is already dangerously close to, if not beyond, the possibility of a successful Byzantine attack; it just doesn't happen precisely because of the incentive alignment--if you're that large, you don't want to undermine trust in the network, and you're an easy target for civil punishment.

replies(2): >>45677498 #>>45679326 #
6. Barrin92 ◴[23 Oct 25 01:50 UTC] No.45677309[source]
> If quantum computers start breaking things, people will transition to more secure systems.

that's not really the issue, the real interesting part is existing encrypted information that three letter agencies likely have dutifully stored in a vault and that's going to become readable. A lot of that communication was made under the assumption that it's secure.

replies(1): >>45677585 #
7. acdha ◴[23 Oct 25 02:21 UTC] No.45677471{3}[source]
Clients need to be updated, too, since what's happening is that the server and client need to agree on a common algorithm they both support, but that's been in progress for years and support is now pretty widespread in the current versions of most clients.

Stragglers are a problem, of course, but that's why I thought this would be a harder problem for Bitcoin: for me to use PQC for HTTPS, only my browser and the server need to support it and past connections don't matter, whereas for a blockchain you need to upgrade the entire network to support it for new transactions _and_ have some kind of data migration for all of the existing data. I don't think that's insurmountable – Bitcoin is rather famously not as decentralized as the marketing would have you believe — but it seems like a harder level of coordination.

8. acdha ◴[23 Oct 25 02:24 UTC] No.45677498{3}[source]
I definitely agree that the major players will want to move forward, but it seems like there's a legacy system kind of problem where it can stall if you get some slackers who either don't update (what happens to cold wallets?) or if some group has ideological disagreements about the solution. None of that is insurmountable, of course, but it seems like it has to be slower than something where you personally can upgrade your HTTPS servers to support PQC any time you want without needing to coordinate with anyone else on the internet.
9. hoppp ◴[23 Oct 25 02:37 UTC] No.45677585{3}[source]
Yeah, all the encrypted messages collected when illegal markets got seized will be decrypted. Many of them uses RSA 2048 so by 2030 its gonna be broken according to the timelines.

Its actually something we will notice. Arrests will be announced.

10. __MatrixMan__ ◴[23 Oct 25 02:43 UTC] No.45677624[source]
I can't remember which chain it was but I'm sure I've seen stats on in-progress rollouts of protocol changes where the network took something like weeks or months to all get upgraded to the new version. You can design for tolerating both for a time.
11. germandiago ◴[23 Oct 25 04:43 UTC] No.45678230[source]
Like everything else that is a new invention, it can be a threat.

Anyways I am against stopping evolution on those grounds. What we need to do is learn and fix as you say. Not regulation and forbid. :)

12. irjustin ◴[23 Oct 25 04:58 UTC] No.45678285[source]
> Everything would be broken. Think banks, brokerage accounts, email, text messages - everything.

Wonder if this would become the next "nuclear proliferation".

Since it's so hard to manufacture it gets controlled at state level and then becomes a technology that the general public are never allowed to have.

replies(1): >>45678434 #
13. vayup ◴[23 Oct 25 05:29 UTC] No.45678434[source]
No, it is a known problem. It will get fixed in time.
14. tennysont ◴[23 Oct 25 07:49 UTC] No.45679326{3}[source]
(I know that you understand this, but just highlighting it)

In fairness, the original Bitcoin white paper referenced both (1) distributed compute and (2) the self-defeating nature of a Byzantine attack as the means of protection. It's not as though (2) is just lucky happenstance.

Hence, why proof of stake can exist.