Forward Security

FailSafe defense-in-depth approach is forward-looking - it lays the groundwork for safeguarding the user’s crypto against newly-emerging threats.

Advances in quantum computing hardware have made significant strides, propelled by the nation-state quantum computing race with a number of different R&D centres reaching significant computing benchmarks and milestones (see: Google’s Quantum Supremacy & IBM Quantum System One).

When viewed from the lens of cryptography, it presents a unique problem. While Shor’s algorithm published in 1994, could theoretically break certain algorithms used for digital signatures (i.e., ECDSA), it requires a sufficiently powerful quantum computer to do it. With recent advances, the time window to reach this milestone has been shrinking (see Global Risk Institute’s 2022 report).

The situation is especially dire for the Ethereum ecosystem (this includes EVM compatible networks, like Polygon, Binance Smart Chain, Avalanche and many others). The current version of Ethereum lacks cryptographic agility. Externally owned addresses (user wallets) use ECDSA with no other option built in (see the quantum threats section for a more in-depth discussion). Furthermore, according to a recent Deloitte study, 65% of all addresses on Ethereum are re-used, giving an attacker with future quantum hardware a longer time window to derive the private key via the earlier record of transaction signatures.

Once wallet signatures are no longer cryptographically trustworthy, the inability to establish rightful custody over Web3 assets will pose a barrier to bridging assets to a quantum safe network (e.g., QRL) or future versions of quantum-safe, EVM-based blockchain.

As part of the FailSafe project, the Quantum Migration Tool (qMig) was developed to future-proof against this outcome. Prior to the quantum inflection point, qMig enables users to construct and record a future intent to transfer tokens, in case the quantum inflection point occurs and ECDSA signature by itself can not be trusted. The security of this intent is rooted in cryptography that is not susceptible to quantum attacks. The integration of FailSafe with qMig, records the necessary proofs automatically, requiring no additional effort by the end user.