Paradigm's Quantum Proof System Could Let Satoshi Verify Identity Without Moving Coins

Imagine proving you own something valuable without ever showing it to anyone. That's essentially what Paradigm researcher Dan Robinson proposed on May 1, 2026, with a system called Provable Address-Control Timestamps, or PACTs.

The timing matters. Quantum computing advances throughout 2026 have reignited debates about Bitcoin's long-term security, particularly for addresses where public keys have been exposed. Among the most scrutinized: Satoshi Nakamoto's estimated 1.1 million BTC, worth roughly $75 billion at current prices.

PACTs offer something genuinely novel. A dormant holder could privately timestamp proof of wallet control today, then use that proof later if Bitcoin's community ever implements quantum-resistant verification. No coins move. No transaction appears on-chain. The owner reveals nothing about their identity while establishing they had control at a specific moment in time.

How the System Actually Works

The technical approach combines several existing tools in a clever way. A holder creates a BIP-322 signature (a standardized message-signing format), mixes in a secret salt value, and timestamps the result using OpenTimestamps. This service anchors data to Bitcoin's blockchain without requiring fees or revealing content.

Here's the key insight: the timestamp proves you controlled the keys at that moment, but only you know it exists. The proof stays private until you choose to reveal it.

If quantum computers eventually threaten exposed addresses and the community agrees to freeze vulnerable coins, PACT holders would have a rescue path. They'd submit a STARK zero-knowledge proof demonstrating they controlled the wallet before the freeze, all without exposing the actual private keys that quantum computers might crack.

STARK proofs are a form of cryptographic magic that lets you prove you know something without revealing what you know. In this case: "I controlled this address on this date" becomes verifiable without handing over the keys.

The Satoshi Question

The proposal's most intriguing implication involves Bitcoin's pseudonymous creator. Over the years, various individuals have claimed to be Satoshi, but none have provided cryptographic proof by signing a message with Satoshi's known keys or moving even a fraction of those early coins.

PACTs change the calculus. Satoshi (if alive and still holding keys) could create a timestamp now, keep it completely private, and only reveal it if circumstances demand. This preserves the mystique while establishing a verifiable claim.

Of course, this cuts both ways. Anyone with access to those keys could create a PACT. The timestamp proves key control, not original ownership. It doesn't solve the mystery of who Satoshi is; it just provides a mechanism for whoever controls those wallets to prove it without the irreversible act of moving coins.

Limitations and Counterarguments

PACTs aren't a complete solution. The current proposal doesn't fully address multisig wallets or complex scripts, which represent a meaningful portion of Bitcoin's ecosystem. Robinson acknowledges this requires further work.

More fundamentally, the system requires a future soft fork to enable STARK verification on Bitcoin. That means community consensus, developer implementation, and the usual contentious process of upgrading Bitcoin's rules. Creating a PACT today is essentially a bet that the community will eventually validate them.

Adam Back, one of the few people cited in Satoshi's original whitepaper, has advocated for opt-in quantum upgrades rather than mandatory freezes. The debate centers on a genuine tension: protect holders who may have lost keys (or died) from quantum theft, versus honor Bitcoin's promise that coins remain forever accessible to whoever holds the keys.

Robinson's proposal threads this needle by giving holders who can prove pre-freeze control a path to recovery, but it requires proactive action. Truly lost coins would stay frozen.

The Bigger Picture

Approximately 1.7 million BTC sit in quantum-exposed addresses, according to analysis cited alongside BIP-361 (Jameson Lopp's April 2026 proposal for phased migration and potential freezing of unmigrated coins). That's real money at potential risk, though the timeline for cryptographically relevant quantum computers remains disputed.

For those following Bitcoin's technical evolution, these discussions happen regularly at developer meetups and Socratic seminars. Bitcoin Park in Nashville hosts NashBitDevs sessions where proposals like PACTs get dissected in detail. If you want to understand the tradeoffs beyond surface-level coverage, showing up to these conversations beats reading Twitter threads.

The quantum threat timeline is genuinely uncertain. Some researchers warn of near-term breakthroughs; others argue we have decades. PACTs represent a hedge: a low-cost action today that creates optionality for an uncertain future.

Whether Satoshi ever uses such a system, or whether it even gets implemented, the proposal itself marks an interesting evolution in how Bitcoiners think about proving ownership. The default assumption has always been "move coins or sign a message." PACTs suggest a third path: prove control silently, reveal proof selectively, and let time itself become part of your cryptographic toolkit.