A new proposal by Dan Robinson, a general partner at Paradigm, introduces a cryptographic method that would allow Satoshi Nakamoto to prove control over his Bitcoin fortune without moving any coins. The system, called Provable Address-Control Timestamps (PACTs), is designed to address the quantum computing threat to legacy Bitcoin addresses without forcing long-dormant holders to publicly reveal themselves.
The context for PACTs is the growing concern over quantum computers potentially deriving private keys from exposed public keys. Approximately 1.1 million Bitcoin attributed to Satoshi Nakamoto, currently worth around $84 billion, sit in old wallets with exposed public keys. A recent soft fork proposal, BIP-361 by Jameson Lopp and five other developers, suggested phasing out quantum-vulnerable addresses over five years and freezing coins that fail to migrate.
Robinson's PACT proposal offers an alternative: a holder generates a random salt, uses BIP-322 to sign a message proving ownership without spending, then bundles the salt and proof into an onchain commitment timestamped through OpenTimestamps. The salt, proof, and timestamp files remain private. If Bitcoin later activates a soft fork freezing quantum-vulnerable coins, the protocol could include a rescue path accepting a STARK proof — a zero-knowledge proof secure against quantum computers — showing the holder created the commitment before quantum hardware existed. The redemption process reveals no details about the address, amount, or original timestamp.
However, PACTs face significant limitations. They require Bitcoin to adopt a STARK verification protocol, which would need a separate soft fork and substantial community consensus. The verification infrastructure does not currently exist in Bitcoin and would require what Robinson calls "substantial new plumbing," including multisig wallets, complex scripts, and hardware wallet support. Most critically, PACTs can only protect Satoshi if Satoshi himself — or whoever controls those keys — makes the commitment. If Satoshi is genuinely gone, no PACT can be retroactively created, leaving the coins exposed to quantum theft or a community freeze.
