Bitcoin developers are grappling with the potential risks posed by quantum computing, even as they devise strategies to mitigate these threats. A recent commentary by Guillaume Girard, a venture associate at UTXO Management, highlights the urgency of the situation, framing it as more of a political challenge than a technical one. Although a cryptographically relevant quantum computer (CRQC) is not yet a reality, Girard emphasizes that the Bitcoin community must act swiftly to prepare for the possibility, as protocol changes can be slow and tedious, akin to legislative processes.
Bitcoin’s security hinges on elliptic curve cryptography, which safeguards the private keys essential for accessing wallets. Should a powerful quantum computer exploit Shor’s algorithm, it could easily derive private keys from exposed public keys, enabling wide-scale theft. A recent study by Google’s Quantum AI team suggests that as few as 500,000 physical qubits might be sufficient to break Bitcoin’s encryption, considerably lowering previous estimates of 10 million. Google has set a target for achieving post-quantum readiness by 2029. Alarmingly, around 1.7 million Bitcoin currently reside in legacy Pay-to-Public-Key (P2PK) addresses, where public keys are permanently exposed on-chain, rendering them particularly vulnerable to such threats.
Bitcoin Improvement Proposal 360 (BIP-360), put forward by developer Hunter Beast, proposes a new transaction output type known as Pay-to-Merkle-Root (P2MR) to eliminate the risk of public key exposure. This proposal has been integrated into Bitcoin’s development repository for active review. Alongside this, a companion proposal, BIP-361, devised by Jameson Lopp, outlines a phased strategy to migrate away from outdated signature schemes. However, the second phase could potentially lead to frozen coins in wallets that do not adapt within a defined five-year timeframe. Another concept, termed Hourglass, aims to mitigate the impact of quantum attacks by limiting the transfer of stolen coins to manageable batches, allowing for controlled economic damage while directing transaction fee revenue to miners.
Yet, the profound issue remains: what about the coins that cannot migrate? Lost wallets, inactive holders, and an estimated 1.1 million Bitcoin thought to belong to Satoshi Nakamoto pose significant challenges. Girard cites two potential solutions, both of which carry substantial drawbacks. The first would entail burning coins in quantum-vulnerable addresses post-deadline, a proposal some critics argue would establish a dangerous precedent for a protocol founded on neutrality. The second, Hourglass, acknowledges inevitable theft but attempts to limit the flow of stolen assets to mitigate negative market effects.
Achieving consensus on any of these solutions is an uphill battle, requiring agreement from users, miners, developers, and increasingly, institutional stakeholders like BlackRock. This discussion extends beyond mere developer circles; significant financial institutions are also weighing in. For example, Jefferies recently removed its entire 10% Bitcoin allocation from its pension model, citing quantum risks as a long-term threat. Other institutions, like Citi, have pegged the potential cost of the quantum threat to the broader cryptocurrency market at trillions of dollars.
Girard’s assessment underscores the stakes of the situation: the urgency lies in aligning the community’s preparedness with the evolving quantum threat. While the general consensus among experts is that a viable quantum threat is still several years away, the ambiguity surrounding this timeline complicates planning. As Girard articulates, the concern is that if the Bitcoin development community appears to lag in responding, sovereign and institutional stakeholders may seek alternatives outside the established framework, potentially disrupting the market.
In this evolving landscape, the marginal buyer of Bitcoin is no longer just individual retail investors but increasingly encompasses governments and asset managers, who are poised to act should inaction prevail. As the discourse surrounding quantum preparedness intensifies, the imperative to address these vulnerabilities has never been more pressing.
