A Quantum Computer Could Drain Bitcoin in Minutes. Here’s the Plan to Stop It

TLDR

• Google research suggests a quantum computer could crack Bitcoin’s cryptography in under 9 minutes
• Around 6.5 million BTC sits in addresses vulnerable to a quantum attack
• Developers are proposing several fixes including BIP 360, SPHINCS+, and a commit/reveal scheme
• Venture capitalist Chamath Palihapitiya says Bitcoin has 5–7 years to fix the problem
• No quantum computer capable of breaking Bitcoin exists today, but the threat is no longer considered hypothetical

Quantum computing poses a growing threat to Bitcoin’s security, and developers are already working on ways to defend against it. While no quantum computer powerful enough to break Bitcoin exists today, recent research has moved the threat from theoretical to something the community is taking seriously.

Google published research this week suggesting a powerful quantum computer could crack Bitcoin’s core cryptography in under nine minutes. That’s faster than the average time it takes for a Bitcoin block to be confirmed. Some analysts believe this kind of machine could exist by 2029.

About 6.5 million bitcoin sit in addresses that a quantum computer could directly target. Around 1.7 million of those are in older address formats that have already exposed their public keys on-chain — including coins tied to Bitcoin’s anonymous creator, Satoshi Nakamoto.

Bitcoin’s security relies on elliptic curve cryptography. Modern computers would take billions of years to break it. A quantum computer could do it in minutes by reversing the math that links a public key back to a private key.

There are two ways a quantum machine could attack. The first is a long-exposure attack, targeting coins that have been sitting in vulnerable addresses for years. The second is a short-exposure attack, targeting transactions waiting in the mempool before they are confirmed.

What Developers Are Proposing

BIP 360 would remove the public key from being permanently stored on-chain. It introduces a new address format that gives a quantum attacker nothing to work from. It only protects new coins, not the 1.7 million BTC already exposed.

SPHINCS+, also known as SLH-DSA, is a post-quantum signature scheme built on hash functions rather than elliptic curve math. It was standardized by the National Institute of Standards and Technology in August 2024. The downside is that its signatures are around 8 kilobytes — much larger than Bitcoin’s current 64-byte signatures — which would raise transaction fees.

Lightning Network co-creator Tadge Dryja has proposed a commit/reveal scheme. It splits transactions into two phases, so a quantum attacker cannot steal funds by forging a competing transaction in the mempool. It is designed as a temporary fix while longer-term solutions are developed.

The Race Against Time

Developer Hunter Beast’s Hourglass V2 proposal targets the already-exposed 1.7 million BTC. It would limit spending from those addresses to one bitcoin per block, slowing any potential mass sell-off from a quantum attack. Some in the Bitcoin community oppose it, arguing it violates the principle that no one should be able to restrict how you spend your coins.

Venture capitalist Chamath Palihapitiya said on the All-In podcast that the timeline for a viable quantum threat has shrunk from 25 years to seven. He warned that non-state actors would target Bitcoin first, drain it, then crash the market.

None of these proposals have been activated. Bitcoin’s decentralized governance means any upgrade requires agreement across developers, miners, and node operators.

The post A Quantum Computer Could Drain Bitcoin in Minutes. Here’s the Plan to Stop It appeared first on CoinCentral.