Olaoluwa Osuntokun, core developer of the Lightning Community protocol, revealed a proposal on the Bitcoin-Dev mailing listing on Could 5 to replace BIP324, the protocol that encrypts communications between community nodes.
In line with Osuntokun, This protocol presents a vulnerability to quantum computer systems which may compromise the privateness of Bitcoin customers earlier than any assault on the consensus layer happens.
BIP324, adopted in 2023, launched transport encryption for Bitcoin peer-to-peer (P2P) connections. The protocol makes use of the ECDH algorithm, a variant throughout the elliptic curve signature household, in order that two nodes derive a shared secret with which they encrypt all their site visitors. In line with Osuntokun, a sufficiently superior quantum pc may derive the non-public keys from that trade and decrypt the communications. The developer warns that attackers may already be accumulating that site visitors right this moment, with the intention of decrypting it sooner or later, a technique identified in cryptography as harvest now, decrypt later (harvest now, decipher later).
This warning is framed in a context of technical escalation relating to the quantum menace to Bitcoin. A Google Quantum AI examine estimated in March 2026 {that a} quantum pc may crack a Bitcoin public key in lower than 9 minutes, with lower than 500,000 bodily qubits. Subsequently, French researcher André Schrottenloher managed to reconstruct and surpass the effectivity of the quantum assault circuits that Google stored underneath business secret, which revealed that the window to behave is narrowing.
Osuntokun is likely one of the most acknowledged names in Bitcoin infrastructure improvement. He’s co-founder of Lightning Labs, the corporate liable for LND, essentially the most used Lightning Community shopper on the community. Its place throughout the ecosystem provides it technical weight and visibility on the Bitcoin developer mailing listing.
Why BIP324 and never the consensus layer
The Osuntokun proposal states that upgrading BIP324 doesn’t require broad market settlement that requires a change of consensus, akin to a smooth fork. Not like modifying digital signatures or Bitcoin addresses—which might contain coordinating miners, exchanges, and wallets globally—transport encryption will be up to date incrementally and with out protocol interruption. In line with the developer, this makes BIP324 an achievable first step in the direction of Bitcoin quantum resistance.
To interchange ECDH, Osuntokun proposes two essential routes. The primary would maintain BIP324 unchanged in its exterior layer and would execute ML-KEM—the important thing encapsulation mechanism standardized by NIST in 2024 with confirmed quantum resistance—throughout the already encrypted channel, in a second part. The second choice would use a hybrid combiner known as OEINC (Outer Encrypts Interior Nested Combiner), which merges classical and post-quantum encryption right into a single preliminary trade, albeit with a bigger quantity of information within the first message.
Osuntokun additionally identifies a related operational variable: ML-KEM requires the receiving node to course of a 1,184-byte encapsulation key earlier than finishing the trade, up from ElligatorSwift’s present 64 bytes. In a permissionless P2P community, that enhance expands the denial-of-service assault floor and, in keeping with the developer, may require stricter byte limits and shorter handshake timeouts.
The proposal doesn’t embody a proper BIP or implementation code. Osuntokun presents it as a name to first outline the design parameters—KEM sort and randomness requirement of the preliminary trade— earlier than writing a particular specification. Not like adjustments to the digital signature layer, which require community-wide coordination to achieve Q-Day, Osuntokun maintains that BIP324 represents a decrease political friction replace, and that addressing it now would enable sensible expertise with post-quantum cryptography to be gained earlier than going through the extra advanced adjustments to the protocol.
