Quantum-safe transactions with ERC-4337

Push Protocol, a communication protocol built for web3, recently completed phase 1 of its Billion Reasons to Build (BRB) developer tour in India.

One of the hackathon participant successfully solved a challenge brought forth by our team: quantum proofing Ethereum accounts.

The effect of quantum computing on public keys

Ethereum uses Elliptic Curve Digital Signature Algorithm (ECDSA) for signing its transactions. Transactions hashes are public on the blockchain, which means anyone can retrieve the public key corresponding to the private key used to sign that transaction. In a post-quantum world this becomes a serious issue, as it is proven that ECDSA is vulnerable to a modified Shor’s algorithm for solving the discrete logarithm problem on elliptic curves and thus can be broken by a sufficiently strong quantum computer. That would mean the public key would be as sensitive as the private key, since revealing your public key would lead to leaking your private key as well.

Account abstraction to the rescue

Since ERC-4337 lets accounts abstract their signature validation schemes, a possible solution (using also ZK STARKs) has been presented by Aditya Bisht, one of the hackathon participants, and the winner of our bounty. We recommend reading Aditya’s excellent post explaining their submission, as well as the problem breakdown and proposed solution by researcher Aayush Gupta.

As the world of technology rapidly evolves and the dawn of quantum computing approaches, the need for innovative solutions to protect our digital assets becomes paramount. This recent hackathon submission is a testament to the proactive steps being taken within the blockchain community to safeguard against these emerging threats.

Cover photo by Daniels Joffe on Unsplash
Subscribe to erc4337
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.