Citi Warns Bitcoin Faces Unique Quantum Computing Vulnerability Due to Slow Upgrades

BitcoinWorld

Citi Warns Bitcoin Faces Unique Quantum Computing Vulnerability Due to Slow Upgrades

Bitcoin, the world’s largest cryptocurrency by market capitalization, faces a unique and potentially severe threat from the rise of quantum computing, according to a new analysis from Citigroup. The report, covered by CoinDesk, highlights that Bitcoin’s conservative governance structure and slow protocol upgrade speed make it particularly susceptible to attacks that could compromise a significant portion of its circulating supply.

The Core Vulnerability: Exposed Public Keys

Citi analyst Alex Saunders identified that the primary weakness lies in public keys that have already been exposed on the blockchain. Unlike modern best practices where public keys are only revealed when a transaction is spent, older Bitcoin addresses and transaction types have their public keys permanently visible. This includes early pay-to-public-key (P2PK) addresses and the wallet widely believed to belong to Bitcoin’s pseudonymous creator, Satoshi Nakamoto.

According to recent estimates, between 6.5 million and 6.9 million Bitcoin have already had their public keys exposed. This represents roughly one-third of the total circulating supply, currently valued at approximately $450 billion. In a future where sufficiently powerful quantum computers exist, an attacker could theoretically use Shor’s algorithm to derive the private key from a public key, allowing them to forge transactions or steal funds from those addresses.

The ‘Harvest Now, Decrypt Later’ Threat

Saunders also warned of a more immediate and insidious tactic: ‘harvest now, decrypt later’ attacks. In this scenario, malicious actors collect encrypted data or on-chain transaction information today, storing it until quantum technology matures enough to decrypt it. This means that even transactions that are secure by today’s standards could become vulnerable in the future, posing a long-term risk to privacy and asset security.

The report underscores that while quantum computing is not yet a practical threat to Bitcoin, the window for proactive defense is narrowing. The timeline for when a quantum computer capable of breaking Bitcoin’s Elliptic Curve Digital Signature Algorithm (ECDSA) will exist remains uncertain, with estimates ranging from a decade to several decades. However, the sheer value at stake and the slow pace of Bitcoin’s governance make preparation critical.

Why Bitcoin’s Governance Matters

Bitcoin’s decentralized and conservative upgrade process, while a strength for security and stability, is a weakness in this context. Implementing quantum-resistant cryptographic algorithms, such as Lamport signatures or lattice-based cryptography, would require a soft fork or hard fork, demanding broad consensus among miners, node operators, and the community. This process can take years, as seen with past upgrades like SegWit or Taproot. The report suggests that Bitcoin’s governance structure may not be able to react quickly enough once a quantum threat becomes imminent.

Conclusion

The Citi analysis serves as a sobering reminder that even the most established blockchain networks are not immune to future technological disruptions. While quantum computing remains a nascent field, the potential for catastrophic financial loss is real. The report calls for the cryptocurrency industry, and Bitcoin in particular, to begin planning and testing quantum-resistant upgrades now, rather than waiting for a crisis. For Bitcoin holders, the key takeaway is to be aware of the risks associated with old, exposed addresses and to consider moving funds to more secure, modern wallets that minimize public key exposure.

FAQs

Q1: What makes Bitcoin vulnerable to quantum computers?
Bitcoin uses the Elliptic Curve Digital Signature Algorithm (ECDSA) for security. A sufficiently powerful quantum computer could run Shor’s algorithm to derive a private key from a public key, allowing an attacker to forge signatures and steal funds. Bitcoin’s slow upgrade process makes it difficult to implement quantum-resistant cryptography quickly.

Q2: How much Bitcoin is at risk?
Approximately 6.5 to 6.9 million BTC have already exposed their public keys, representing about one-third of the total supply, valued at roughly $450 billion. This includes coins in early P2PK addresses and the wallet of Satoshi Nakamoto.

Q3: What is a ‘harvest now, decrypt later’ attack?
This is a strategy where attackers collect encrypted data or on-chain transaction information today, storing it until quantum computers become powerful enough to decrypt it in the future. This means that even current, secure transactions could become vulnerable later.

Q4: When will quantum computers actually threaten Bitcoin?
Estimates vary widely, but most experts believe a quantum computer capable of breaking Bitcoin’s cryptography is at least 10 to 20 years away. However, the threat is considered credible enough that the industry should begin preparing now due to the long lead time required for protocol upgrades.

Q5: What can Bitcoin holders do to protect themselves?
Users should avoid using old addresses that have already spent from them (which exposes the public key). Best practices include using modern wallets that generate new addresses for each transaction and not reusing addresses. Moving funds from legacy P2PK addresses to newer SegWit or Taproot addresses is also recommended.

This post Citi Warns Bitcoin Faces Unique Quantum Computing Vulnerability Due to Slow Upgrades first appeared on BitcoinWorld.