Bitcoin PACTs proposal lets Satoshi prove control without moving BTC

Paradigm researcher Dan Robinson on May 1, 2026 published a design called Provable Address‑Control Timestamps (PACTs) that aims to give long‑dormant Bitcoin holders a way to prove prior control of vulnerable keys without broadcasting an on‑chain spend. The construct uses commitment and timestamping primitives so a holder can later demonstrate they knew a private key before cryptographically relevant quantum computers existed.

In the PACTs workflow a holder generates a 256‑bit secret salt, signs a PACT‑formatted message with BIP‑322 full message signing to produce an address control proof, hashes the proof with the salt into a commitment and anchors that commitment using OpenTimestamps on Bitcoin. The salt, BIP‑322 proof and OTS attestation are kept offline; only an opaque commitment is publicly timestamped. If Bitcoin later activates a sunset for quantum‑vulnerable address types, a rescue protocol could accept a post‑quantum zero‑knowledge proof (for example a STARK) that ties the privately stored artifacts to the earlier timestamp and authorizes a specific spend.

The proposal addresses a core dilemma in the quantum‑migration debate: forcing holders to move funds publicly to avoid theft versus preserving privacy and dormant ownership. Competing ideas such as BIP‑361 propose a multi‑year migration window and potential freezing of unmigrated coins; PACTs offer a way to avoid immediate on‑chain migration while preserving a possible rescue path for certain address types, notably those predating BIP‑32. Implementation, however, requires substantial new verification plumbing in Bitcoin and broad community agreement.

From a market perspective, the announcement did not trigger an immediate price shock but intensifies structural discussions around supply security and institutional custody of early coins. Estimates that millions of BTC sit in quantum‑vulnerable outputs, including roughly 1.0–1.1 million BTC associated with Satoshi‑era addresses, underline why protocol‑level solutions and custodial practices are under scrutiny. Public demonstrations of quantum key‑breaking at research events have increased urgency in the debate.

The broader economic implication is that Bitcoin’s long‑term resilience may depend on careful coordination between developers, custodians and hardware vendors to introduce post‑quantum verification methods while protecting dormant owners’ privacy. Analysts say PACTs are a technically plausible mitigation that could complement, rather than replace, migration proposals; key near‑term signals will be whether Bitcoin developers accept STARK verification work and whether standards for PACT commitments are formalized. If those steps progress, PACTs could become part of a layered defense against a future quantum threat.