Bitcoin's quantum computing threat has a Satoshi problem. Millions of bitcoin in old wallets with exposed public keys could be stolen by quantum computers, including the roughly 1.1 million BTC attributed to Satoshi Nakamoto. A recent proposal, BIP-361, would phase out vulnerable addresses over five years, but it would force holders to move their coins or lose them. Now Paradigm's Dan Robinson proposes PACTs, or Provable Address-Control Timestamps. The idea is to timestamp proof of ownership without moving coins, keeping it private until a spend is needed.
A holder generates a random salt, uses BIP-322 to sign a message, bundles the proof with the salt, and timestamps it on Bitcoin via OpenTimestamps. Later, if a soft fork freezes vulnerable coins, the holder can submit a STARK proof to redeem them without revealing the address or amount. However, PACTs require Bitcoin to adopt a STARK verification protocol, needing broad consensus and new infrastructure. The system only works if Satoshi makes the commitment; if gone, the coins remain exposed.
PACTs offer a middle ground in the quantum debate, preserving dormant property rights while protecting against theft. Whether Satoshi will use them remains unknown.