I’ve noticed a dangerous trend in Sparrow Wallet tutorials: some content creators recommend skipping the password. This leaves your wallet file (.mv.db) unencrypted. If that file is accessed by a hacker, your xpub is exposed. This is a major risk because, theoretically, a quantum computer could eventually use the xpub to calculate your private key. Setting a password uses AES encryption, which is quantum-resistant. It’s an essential step for quantum-proofing, right alongside not spending your coins (which keeps your public key hidden).
1 Like
Interesting point. Presumably a quantum computer could crack the encryption password too if Sparrow is not using a quantum resistant algorithm. But why make it easier for them?
1 Like
It looks like Grover’s algorithm essentially reduces the effective security of AES by half. So as long as it is using a sufficient number of bits, it is quite quantum resistant (at least from Grover’s). AES-256 (which I think Sparrow uses) would be halved by Gover’s to 128 bits, which is still too huge of a search space to be cracked.
1 Like