Although quantum computers do not yet pose an imminent, direct risk to cryptocurrencies, developers are pressing ahead with various defense strategies to counter emerging threats. Momentum in these efforts increased significantly this week after new research was released evaluating the resilience of Bitcoin’s core encryption against potential quantum attacks.
The scope of the quantum risk and technical vulnerabilities
A recent study from Google suggested that, given sufficient power, quantum computers could break the core cryptography protecting the Bitcoin network in as little as nine minutes—a time span shorter than it takes to confirm a new Bitcoin block. Some projections even consider it possible that these capabilities could become reality by 2029, underlining the urgency for preemptive measures.
Currently, around 6.5 million Bitcoin are residing in addresses that could be directly targeted if quantum computers with adequate performance were to emerge. These holdings include assets attributed to Satoshi Nakamoto, Bitcoin’s mysterious creator. The possible defeat of cryptographic protections is viewed as a fundamental challenge to the Bitcoin system, which has always relied on principles such as “trust in code” and “sound money.”
Bitcoin’s security rests on the presumption that the mathematical relationship between private and public keys is impossible to reverse with existing computers. Advancements in quantum computing, however, could overturn this assumption, enabling the reversal of this one-way mathematical process.
New protective methods under development
At the heart of the vulnerability is the permanent visibility of public keys on the blockchain. Bitcoins that have long remained inactive at addresses using formats like Taproot and P2PK (Pay-to-Public-Key) are seen as especially exposed. For older address schemes, more than 1.7 million dormant coins continue to face ongoing risk from potential quantum-enabled attacks.
One technical solution, known as BIP 360, introduces a new output type called Pay-to-Merkle-Root (P2MR), designed to prevent public keys from being indefinitely exposed on the blockchain. By limiting publicly available data, this approach reduces the information available to quantum attackers. However, it falls short of fully safeguarding coins stored at legacy addresses that are already exposed.
Another promising approach comes from the United States National Institute of Standards and Technology, which this year approved the SPHINCS+ based SLH-DSA post-quantum signature algorithm. This crypto signing technique is considered more robust against quantum attacks, but requires signatures up to 8 kilobytes large—potentially increasing network storage needs and transaction costs on the blockchain. More space-efficient alternatives such as SHRIMPS and SHRINCS are being evaluated to address these challenges.
A further safeguard, the Commit/Reveal method developed by Lightning Network co-founder Tadge Dryja, introduces a two-stage transaction recording mechanism to the blockchain. This model provides interim protection for pending transactions: initially, only a hash of the transaction intent is posted to the blockchain, with full transaction details revealed later. If a malicious actor submits a new transaction without a prior hash, the network verifies ownership based on the previously stored fingerprint, thereby establishing an extra layer of security.
Developer Hunter Beast has proposed Hourglass V2, a protocol designed to prevent a sudden collapse in the event that large quantities of old-address Bitcoins become vulnerable. The method would restrict spending from these addresses to one Bitcoin per block, thereby aiming to moderate any market panic that might otherwise ensue. Despite its promise, this approach has spurred debate within the Bitcoin community about its broader implications and effectiveness.
For now, none of these proposals have been adopted or activated in practice. Given Bitcoin’s decentralized structure and the necessity for broad stakeholder consensus, major structural changes are expected to take significant time. Nevertheless, the ongoing debate signals that quantum resilience has been a critical and enduring topic among Bitcoin developers.
