You are viewing a single comment's thread from:

RE: Steem Quantum Vault

in #deutsch10 days ago

Though I'm not a cryptographer either, I'd like to present a couple of points which might be of interest to you:

  • SHA-256 hash is relatively safe against quantum attack, at least for the foreseeable future. So if you're interested in quantum resistance, it would be better to focus on ECDSA for now.

  • STEEM doesn't employ hashing competition for block confirmation/mining like bitcoin, which results in relatively lower quantum risk. Quantum attack might damage bitcoin's block confirmation/mining process, but as for STEEM's DPoS, the attacker would need to compromise all the top witnesses to damage the chain. So, I agree that STEEM has its advantages over bitcoin in this respect.

  • If anyone's interested in parking asset on STEEM chain now, convert your asset to STEEM POWER and receive real-time security alert via telegram/discord with STEEM Security. Power-down delay combined with real-time notification would provide an effective protection.

By the way, good luck with your experiment!

10 days ago in #deutsch by
$0.10
  • Past Payouts $0.10
  • - Author $0.05
  • - Curators $0.05
1 vote
Reply 1
Sort:  
  • Trending
    • [-]
     9 days ago 

    Hi joviansummer,
    thanks for the substantive input and also thanks for STEEM Security — I wasn't aware of the bot, it actually solves part of what I had planned in the concept as "real-time notifications for sensitive transactions". Will definitely take a look at it and link it in the project.
    You're completely right about SHA-256 and DPoS — hashing holds up well against quantum attacks (Grover halves it to effectively 128 bit at best, still beyond any foreseeable hardware), and Steem doesn't have a mining race that could be attacked thanks to DPoS. The actual weak spot really is ECDSA on the account keys — and even that more as a long-term risk than an immediate threat.

    Honestly, the quantum angle is more of a hook for me. What interests me conceptually much more: which additional security layers can actually be implemented at the application level, without waiting for a hardfork? Time-locked recovery, Shamir-based recovery across multiple trustees, multi-factor for large transfers. Your bot already covers an important building block of that — detection and fast response capability. Power-down delay combined with real-time notification is actually a pretty strong combination.

    Published with Welako

    $0.00
      Reply