SIP6-PQC

From Snowblossom Wiki
Revision as of 20:26, 4 January 2024 by Fireduck (talk | contribs)
Jump to: navigation, search

Overview

One of the major concepts behind Snowblossom in 2018 was that when quantum computers had become better and started to threaten traditional elliptic curve cryptography, we would be able to switch to new quantum resistant algorithms. See Quantum Tough

Well, we might be there. The NIST Post Quantum Cryptography (PQC) contest has proceeded to some finalists and quantum computers are getting more powerful.

So in this Snowblossom Improvement Proposal we will be adding three new signing algorithms:

  • Dilithium
  • Falcon
  • SPHINCS+

These will be supported by the network in additional to the existing signing methods (ECDSA, DSA, RSA, DSTU4150). It will continue to be up to users to decide which signing algorithms they use to generate their wallets.

Voting

  • Passes when 1000 blocks pass containing 25% voting and >50% agreement
  • Pools will represent their miners.
  • Set in your miner or pool configuration file either
    • vote_yes=6
    • vote_no=6

Status

This has been tested on testnet and has been running there for several weeks. It is currently in the https://github.com/snowblossomcoin/snowblossom/tree/pqc-keys branch.

Risks

We are still early in the PQC world. While all the algorithms are defined enough that the Bouncycastle devs have included them in the standard versions of Bouncycastle cryptography library (which we use) they could still change. Also, these are also relatively new. Unexpected vulnerabilities could be found.

Timeline

If this SIP is adopted, the roll out will be scheduled roughly 90 days from the vote. At that time, new binaries, source code and docker images will be available. This means node operators will need to update within those 90 days.

Node Operator Actions Required

Node operators will need to update or risk forking the network.