Will Quantum Computing Break Bitcoin?
In this article:
For the past 16 years, the mainstream media has tried every trick in the book to scare you away from using and learning about Bitcoin.
Fortunately, no matter how much they twist the facts and misrepresent the people who use Bitcoin, their efforts continue to be in vain. Bitcoin this week surpassed 2.043T in market capitalisation overtaking Amazon to become the 5th most valuable asset on the planet.
The smear campaign didn’t work. The journalists will just have to cry harder….
You’d think that after 16 years, these hacks might accept defeat, show some humility, and approach Bitcoin with genuine curiosity to try and understand it better. But no… Instead, they have chosen to cry harder. They are once again pushing a narrative about the next big ‘existential threat’ to Bitcoin in an attempt to try and convince people that it’s too risky to go anywhere near it.
The ‘existential threat’ they want you terrified of this time? Quantum Computing.
For those of you who have been in Bitcoin for a long time, you’ll already recognise this as recycled FUD. This isn’t the first time we’ve heard about Quantum Computing ‘killing’ Bitcoin, and it certainly won’t be the last.
The reason coverage of the ‘quantum threat to Bitcoin’ resurfaces time and time again is because there is some truth to it. Quantum computers do theoretically pose some security risks for Bitcoin users and their wallets. But like most media FUD, the truth about the threat of Quantum computing is misrepresented, sensationalised, and leads people away from the real truth. Bitcoin is the system that is most likely to remain secure in a quantum world.
So this week, let’s try to combat the FUD by taking a more objective view of the challenges Quantum computing will pose to Bitcoin security, and more importantly, how those threats can be mitigated.
What is Quantum Computing?
First, let’s explore what quantum computing is.
Today’s computers work with binary bits that act like light switches. They are either on (1) or off (0). They crunch data step by step, one thing at a time, where every process boils down to various combinations of these 0s and 1s.
Instead of binary bits, quantum computers use something known as qubits, which harness the bizarre principles of quantum mechanics. Unlike binary bits, qubits can be either on (1), off (0), or in both states (on and off) at the same time. This allows qubits to exist in multiple states simultaneously through a phenomenon called superposition.
This ability to be in multiple states at once means that quantum computers can explore countless possibilities in parallel, rather than sequentially like binary machines, which gives them the potential to become exponentially faster at solving complex problems compared to the traditional computers we use today.
Beyond just superposition, Quantum computers possess another interesting property known as entanglement, where the state of one qubit can instantly influence the state of another, no matter the distance between them. This interconnectedness amplifies their computational power, enabling quantum systems to perform operations that would take current supercomputers billions of years to process.
While quantum computing is extremely complex, the potential benefit it offers is quite simple: an exponential increase in computational power.
The implications of this are significant. From simulating molecular interactions for faster drug discovery, optimizing logistics for global supply chains, or modelling climate systems with pinpoint accuracy, quantum computing has the potential to revolutionize almost everything.
Quantum computing isn't just faster computing; it's a new paradigm that mirrors the probabilistic nature of reality itself, inviting us to completely reevaluate what's computationally possible.
Is Quantum Computing a Threat to Bitcoin?
Now we have a sense of what quantum computing means, let’s explore the claim that it poses an existential threat to Bitcoin’s security model.
This claim mainly hinges on the idea that quantum computers will one day be able to crack the ECDSA (Elliptic Curve Digital Signature Algorithm) that Bitcoin uses to generate private and public key pairs. The argument is that quantum computers will be powerful enough to take your public key and reverse engineer it to determine the associated private key, providing access to the wallet’s funds.
This is not a spurious claim. Algorithms like Schor’s Algorithm, named after mathematician Peter Schor, are quantum algorithms designed to efficiently factorise large composite numbers. Once powerful enough, quantum computers will be able to use algorithms like this to crack ECDSA and eventually compromise Bitcoin wallet security.
So, is it time to panic? Are Bitcoin’s days numbered?
In short, the answer is no. While the threat of quantum computers being able to one day crack current Bitcoin wallet security is credible, those capabilities are still a long way off.
Building quantum machines isn't easy. They operate by manipulating qubits with precise laser pulses or electromagnetic fields, and to be effective, must operate in ultra-cold environments to prevent “noise” from the outside world from interfering with their delicate states. These challenges mean that, to date, even the most advanced quantum chips like Google’s Willow can only currently operate at a rate of 105 qubits.
Given that it’s estimated it would take millions of qubits to break ECDSA, your Bitcoin wallet isn’t at risk of being compromised anytime soon. So you can climb back down off the ceiling.
That isn’t to say that Bitcoiners should completely dismiss the threat of quantum computing. Given the speed at which technology advances, most experts believe that quantum machines will have the capability to break ECDSA in the next ten to twenty years.
If Bitcoin wants to overcome this threat, we will need to develop and migrate to more secure quantum-resistant algorithms while we still have time.
Quantum Computing – Bitcoin Isn’t the Biggest Target
Let’s suppose for a minute that some government agency somewhere does already have a powerful quantum computer capable of breaking ECDSA. Surely, it wouldn’t take them long to use it to start breaking into people’s Bitcoin wallets and start taking their funds. They could even use it to access Satoshi’s untouched stash of BTC!
It’s a compelling narrative, but not a particularly plausible one. The media often frames quantum computing as a security threat to Bitcoin, but this is a subtle form of misdirection. If they were more intellectually honest, they would highlight that quantum computing is a security threat to absolutely everything that makes use of digital signature algorithms. And that’s a lot of things…
Quantum computing poses a security threat to far juicier targets than Bitcoin. You could potentially topple nations with it. If quantum computers can crack ECDSA, then attackers could compromise central banks, private corporate communications, government intelligence agencies, and even military communications.
Nuclear missile codes are going to be a higher priority than your Bitcoin wallet. Not to mention, it makes far more sense to target large, centralised honeypots like Bank of America before targeting people’s personal Bitcoin wallets one by one.
The point is, despite how it’s often represented, quantum computing poses a threat to cybersecurity at large; it’s not a problem that Bitcoin faces alone. If quantum computing can successfully break ECDSA, then Bitcoin will be the least of our worries.
What this all means is that, should someone suddenly develop a quantum computer capable of breaking digital signature algorithms, they are unlikely to start using it to target Bitcoin first. It’s more likely that any threat actor in possession of such a superweapon would keep it quiet. When the British developed Enigma in WW2 to break encrypted Nazi messages, they didn’t use their newfound power indiscriminately; their top priority was not letting the enemy know they had it, lest they lose their hidden advantage.
Quantum Computing – Bitcoin Isn’t the Softest Target
Not only is Bitcoin not the biggest target for quantum computing, it’s also not the softest.
Bitcoin is programmable money, a technology that can evolve and adapt to new threats like quantum computing. Cybersecurity is an arms race. For every new potential threat being developed, someone somewhere is working on a way to mitigate it. Bitcoiners have known for years that quantum computing might someday pose a threat, and people are already working on ways to mitigate it.
Bitcoin is always adapting and improving, and there are already various draft BIPs (Bitcoin Improvement Proposals) circulating discussing potential upgrades to digital signature algorithms that would make Bitcoin wallets quantum resistant. Bitcoin is not static, and that’s one of its greatest strengths.
In the early days, we started with P2PK (pay-to-public-key) addresses that left your public key completely exposed. Then we upgraded to P2PKH (pay to public key hash) addresses that obfuscate your public key. And now it would appear that in the next 5 to 10 years we will migrate again to P2QRH (pay to quantum resistant hash) style addresses to overcome threats from quantum computing. This isn’t an existential threat; it’s business as usual.
What this demonstrates is that the threat quantum computing poses to Bitcoin has been hugely overstated. There’s a very strong case to say that Bitcoin is likely to adapt to the threat far quicker than traditional systems. If quantum computing is a threat to almost everything, then do you think Bank of America is going to do a better job of securing its systems than the Bitcoin network?
Making Your Bitcoin Stack Quantum Resistant
While quantum computing doesn’t pose a threat today, it almost certainly will in the next couple of decades. This means it’s prudent to start preparing now, and depending on your situation, there are steps you could already be taking.
For example, if you’re a Bitcoin OG who hasn’t touched their coins since 2010, you might already be leaving yourself more exposed than you need to. If your early wallets use P2PK (pay to public key), then your public key is fully exposed, and an attacker with a quantum computer would already have the information they need to start trying to reverse engineer your private key. You should be upgrading to more modern address types to both reduce this attack vector and increase your privacy.
(Incidentally, a lot of Satoshi’s wallets are still P2PK, so if we do one day start seeing those coins moving, that might be the canary in the coal mine that lets us know that quantum computing has arrived.)
Another way you can make yourself more secure is to follow best practice and never reuse the same Bitcoin addresses to receive payments. Modern address types like Native SegWit are better than P2PK because they hash your public key and obfuscate it. BUT whenever you spend from them, the public key will be revealed as part of the transaction. So, if you’re always storing your funds at the same address and have spent from it previously, your public key becomes just as exposed as if you had used P2PK. To mitigate this, it’s essential you know how to use your wallet properly, follow best practices, and never reuse addresses.
You should also make sure you are using the best hardware and software wallets to manage your Bitcoin. Not all of them follow best practice, and some of them can leave you exposed to a potential quantum attack in the future. For example, some hardware and software wallet setups create brand new change addresses whenever you make a transaction. Whereas some hardware and software wallets just send your change back to your original wallet. As discussed in the previous paragraph, once you have spent from an address, you have revealed your public key, so sending your change to that same address compromises both your privacy and security. It’s essential to make sure you’re using only the best hardware and software options that follow best practice by default.
Finally, you should consider learning and making use of different address types based on your different needs.
For example, Native SegWit addresses, as mentioned above, don’t reveal your public key when you send funds to them but do reveal it when you spend from them. This makes them a great option for cold storage funds that you’re holding for the long term and don’t plan on spending any time soon.
Conversely, Taproot addresses don’t reveal your public key when you spend from them, but do reveal your public key when you receive to them. This means they are less appropriate for long-term cold storage for large amounts, as the public key is compromised, but makes them a great option for a ‘hot’ spending wallet because they enhance your privacy when making day-to-day transactions.
The best way to improve your Bitcoin security is to improve your knowledge. By just learning the different address types and their use cases, using the right tools, and learning best practices, you can make yourself more resistant to quantum attacks right now. It also means that when the time comes and we need to migrate to quantum-resistant addresses, you’ll be well prepared to take it in your stride with zero drama. Just another day at the office…
Stay Up to Date, Stay Secure – The Bitcoin Way
Technology is always evolving, and quantum computers will inevitably continue to improve. Thankfully, so will Bitcoin.
The best way to protect yourself, as always, is to invest in your skills and become a capable and confident Bitcoiner. You can’t rely on anyone else to protect you because, as we alluded to above, even some of the most popular hardware and software wallets still don’t follow best practice. If you want to be as secure as possible, you have to take things into your own hands.
Fortune doesn’t favour the bold; it favours the prepared. When a mass migration to quantum-resistant addresses does take place, the network is likely to become congested as people rush to protect themselves. Fees will spike, people will panic, and a lot of people will wish they took the time to learn about UTXO management!
Our experts can help you be one of the few people who navigate these changes completely unphased. Not only will our training keep you secure and up to date, but it will also give you the cool, calm confidence that only people who truly know what they are doing get to enjoy. If that sounds preferable to running around like a headless chicken, then book a free 30-minute call with us, and let’s get your training scheduled today.