EarthBucks Is Already Quantum Resistant

2026-04-29 · Ryan X. Charles

Google Quantum AI recently published a whitepaper called “Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities: Resource Estimates and Mitigations”. The paper makes the quantum threat to cryptocurrency much more concrete. The main point is that a sufficiently powerful quantum computer could use Shor’s algorithm to derive the private key from a public key on elliptic curve systems such as secp256k1.

EarthBucks uses secp256k1 today. EarthBucks also uses Blake3 hashes, proof-of-work, and ordinary classical cryptography. Nevertheless, EarthBucks is already quantum resistant against the practical theft attacks described in the paper.

The reason is simple: EarthBucks was designed to avoid exposing public keys.

This was not an accident. Before working on EarthBucks, I was a physicist from 2007 to 2013 and studied quantum physics for many years. Although I have not previously written much about quantum computers or quantum cryptography, I was well aware of both when designing EarthBucks. One of the reasons EarthBucks hides actual public keys as much as possible is that exposed public keys are the part of classical cryptocurrency systems that quantum computers threaten most.

What Quantum Computers Actually Break

Quantum computers do not magically break all cryptography. Shor’s algorithm is a serious threat to public key cryptography based on the elliptic curve discrete logarithm problem. If an attacker knows your secp256k1 public key and has a large enough quantum computer, then the attacker can derive your private key.

That is the real threat.

Hash functions are different. Blake3 is not broken by Shor’s algorithm. Grover’s algorithm can give a quadratic speedup for brute-force search, but that is not the same kind of catastrophic break. A 256-bit hash remains an enormous security barrier.

This distinction matters. A blockchain where funds are locked directly to public keys is much more exposed than a blockchain where funds are locked to hashes of public keys.

EarthBucks Hides Public Keys

EarthBucks does not put ordinary public keys in transaction outputs. Under the hood, EarthBucks uses public key hashes in the same basic way as Bitcoin’s best classical patterns.

I wrote about this in “Private Keys, Public Keys, and Public Key Hashes”:

  • A private key is a 32 byte random number.
  • A public key is a 33 byte secp256k1 public key.
  • A public key hash, or PKH, is a 32 byte double Blake3 hash of the public key.

Transaction outputs contain the public key hash, not the public key. The public key itself is revealed only when the output is spent, because the input includes the public key and the signature.

This means EarthBucks coins at rest are not sitting behind exposed public keys. They are sitting behind hashes of public keys. A quantum computer cannot use Shor’s algorithm on a hash. It needs the actual public key.

That already places EarthBucks in the highest tier of security for classical blockchains.

EarthBucks Does Not Re-Use Keys

The next rule is just as important: do not re-use keys.

I explained this in “Maximizing Privacy on a Transparent Blockchain Like EarthBucks”. EarthBucks users do not normally pay to raw public key hashes. Users pay to EBX addresses, such as:

ryan@earthbucks.com

The EBX address is not stored on the blockchain. It is an application-layer address used to query the recipient’s wallet server for a fresh public key hash. That fresh public key hash is then used in the transaction output.

This was originally designed for privacy. It also turns out to be excellent quantum-resistance design.

On many blockchains, users re-use the same address over and over again. That is bad for privacy, but it is also bad for quantum safety. Once a public key has been revealed by spending from that address, any coins later sent back to the same address are now protected by a public key that is already public.

EarthBucks avoids this. The earthbucks.com wallet already does key management correctly: each payment uses fresh derived keys. Once a key has been used, it is done. It should not receive money again.

So when a public key finally appears on the blockchain, it is already too late for an attacker. That key has already been used. The corresponding output is already being spent. Cracking that key after the fact does not let the attacker steal future funds, because future funds are sent to different keys.

The On-Spend Attack Does Not Fit EarthBucks

The Google paper focuses heavily on “on-spend” attacks. In an on-spend attack, a user broadcasts a transaction to a public mempool. The transaction reveals the public key. A quantum attacker sees that public key, derives the private key, creates a competing transaction, and tries to get the attacker’s transaction confirmed first.

That attack depends on a timing window. The public key must be visible before the transaction is settled.

EarthBucks was designed to make that window useless.

As I described in “EarthBucks Transaction State Machine, Part 2: Instant Blocks Globally”, an EarthBucks transaction moves through these states:

  • received
  • validated
  • voted
  • merkled
  • synchronized
  • block

The purpose of this design is that mines validate and agree on transactions before block inclusion. Transactions are not supposed to sit around in a public mempool for many minutes while attackers inspect them. Mines receive the transaction, validate it, lock the spent outputs, and proceed through the state machine.

By the time the public key is revealed to the mines, the correct transaction is already the transaction the mines are processing. There is no useful opportunity for a quantum attacker to learn the public key, derive the private key, and replace the transaction with a double spend.

This is exactly the right architecture for a world with quantum computers: hide public keys while coins are at rest, reveal them only when spending, and settle the spend immediately.

Permissioned Mines Are a Security Feature

There is another major difference between EarthBucks and most blockchains: EarthBucks will never have permissionless mining.

This is intentional. Many blockchains treat permissionless mining as an unquestioned virtue. EarthBucks does not. EarthBucks separates miners from mines, as I explained in “Mines vs. Miners”. A miner is a user who performs proof-of-work calculations. A mine is a professional web service that validates transactions, creates blocks, connects to other mines, and operates under the rules of the EarthBucks network.

Anybody can be a miner. Not anybody can operate a mine.

This matters for quantum resistance. On a permissionless blockchain, the entity that receives your transaction may be an anonymous adversary. If your transaction reveals a public key before settlement, a malicious miner or mining pool can try to abuse that information. In a quantum world, that means a miner could try to crack the public key before the transaction is safely recorded.

EarthBucks avoids this risk by design. Mines are permissioned, known, and accountable. A mine is not an anonymous adversary waiting to exploit your transaction. The mine’s job is to validate the correct transaction and move it through the state machine.

That means EarthBucks does not merely reduce the public mempool attack window. It also removes the assumption that anonymous miners might abuse privileged access to transaction data. Permissioned mining is not a compromise in EarthBucks. It is part of the security model.

Proof-of-Work Is Not the Problem

EarthBucks proof-of-work is also not a realistic quantum theft vector.

Quantum computers do not let someone forge an EarthBucks signature without the public key. They do not let someone reverse a Blake3 public key hash. They do not let someone steal coins from a fresh, unspent, hash-protected output.

Could quantum computers affect proof-of-work mining economics someday? Maybe. But that is a mining and difficulty-adjustment question, not a private-key theft question. The Google paper makes the same basic point about proof-of-work: quantum computers are not a magic shortcut to rewriting ownership of coins.

EarthBucks uses Pow5, which is based on classical computation, including Blake3 hashing and GPU-oriented work. Pow5 does not expose user private keys, and it is not the weak point in the system.

Why Not Switch to Post-Quantum Cryptography Immediately?

None of this means EarthBucks will never switch to post-quantum cryptography. We probably will.

But post-quantum algorithms have tradeoffs. The biggest practical issue is that post-quantum public keys and signatures are often much larger than secp256k1 public keys and signatures. Larger keys and signatures mean larger transactions, larger blocks, more bandwidth, more storage, and more complexity.

Those tradeoffs may be worth it eventually. But EarthBucks has no reason to rush.

EarthBucks already has the most important quantum-resistance properties:

  • public keys are hidden behind hashes;
  • keys are not re-used;
  • public keys are revealed only when the corresponding output is being spent;
  • transactions are designed to settle quickly;
  • mines are permissioned, known, and accountable;
  • proof-of-work is not a coin-theft vulnerability.

Because of this, EarthBucks can safely wait and watch the post-quantum cryptography ecosystem mature. Post-quantum algorithms may improve. Standards may evolve. Implementations may become smaller, faster, simpler, and more battle-tested.

When the right post-quantum signature scheme is ready, EarthBucks can add it. But we do not need to panic. We do not need to bloat the protocol today just to solve a problem that EarthBucks has already largely avoided by design.

Classical Cryptography, Used Correctly

EarthBucks is not formally a post-quantum blockchain today. It still uses classical secp256k1 signatures.

But EarthBucks is already quantum resistant in the practical sense that matters most: a quantum computer cannot look at the blockchain and steal coins from ordinary EarthBucks users, because ordinary EarthBucks coins are not protected by exposed public keys.

The correct design is simple:

  • Hide public keys behind hashes.
  • Never re-use keys.
  • Reveal public keys only when spending.
  • Settle transactions quickly.
  • Upgrade to post-quantum signatures when the tradeoffs make sense.

EarthBucks already does the first four. That means EarthBucks is already in a strong position, even before switching to post-quantum algorithms.

Quantum computers are a real threat to badly designed or carelessly used classical blockchains. EarthBucks was designed differently. EarthBucks is already quantum resistant.

Earlier Blog Posts

EarthBucks Joins the Astrohacker Family
2026-04-19 · Ryan X. Charles
TermSurf, KeyPears, and EarthBucks
2026-03-18 · Ryan X. Charles
EarthBucks 2.0, KeyPears, and Texas
2025-12-07 · Ryan X. Charles
One Year Anniversary of the Genesis Block
2025-11-04 · Ryan X. Charles
EarthBucks AI Summary: Complete Technical Overview and Transition to AI Development
2025-10-08 · EarthBucks AI Agent
Back to Blog
Home · About · Blog · Privacy · Terms
Copyright © 2024-2026 Astrohacker