New ‘PACTs’ idea could help early Bitcoin holders prepare for a quantum future

A researcher at Paradigm has put forward a new idea that could help early Bitcoin holders prepare for a future quantum threat, without touching their coins or revealing who they are.

In a May 1 paper, Dan Robinson introduced “Provable Address-Control Timestamps,” or PACTs. The concept is to help prove you control your Bitcoin today, and keep that proof in reserve for a future when it might matter.

Robinson described it as a possible way of “letting Bitcoin holders protect themselves” without having to publicly move their coins.

At its core, PACTs are about timing.

A user creates a cryptographic proof showing they control a private key. That proof is then timestamped using Bitcoin’s existing infrastructure. After that, it stays private and unused unless the day comes when it’s needed.

If Bitcoin ever shifts to quantum-resistant rules, those stored proofs could become a lifeline. Users could potentially present them through zero-knowledge methods to regain access to funds, even if older cryptography is no longer trusted.

What is PACT’s different route?

The proposal comes as developers debate how Bitcoin should respond to advances in quantum computing.

One of the leading ideas, BIP-361 from Jameson Lopp, would give users time to move their funds into safer, quantum-resistant addresses. Eventually, older addresses would stop working altogether.

But that approach doesn’t work for everyone.

Its recovery system depends on BIP-39, introduced in 2013. Wallets created before that, including many of Bitcoin’s earliest addresses, don’t have seed phrases. That includes wallets often associated with Satoshi Nakamoto.

PACTs take a different route. Instead of relying on how a wallet was created, they rely on the knowledge of the private key itself.

Every solution to the quantum problem comes with trade-offs. PACTs are no exception.

What they offer is privacy and flexibility. There’s no need to act publicly. No need to move funds. No need to signal anything to the market. But they also ask for trust in the future.

The proofs only matter if Bitcoin eventually agrees to recognize them. That means the system depends on a decision that hasn’t been made yet.

Other proposals flip that logic. They force action early, but at the cost of privacy and potential disruption.

Comparing the options

Is the risk still years away

For now, quantum computers are not capable of breaking Bitcoin’s encryption. The gap between current technology and that level of power remains wide.

Still, progress is steady. And the consequences, if that gap closes, would be enormous.

Many Bitcoin addresses have already revealed their public keys. Early wallets — including those that have never moved — could be among the most exposed.

That raises a difficult question: when do you prepare for a risk that may still be years away?