比特币橙子Trader|Dec 23, 2025 05:04
Many people believe that after the emergence of quantum computers, the difficulty of mining Bitcoin will collapse. Actually, this completely misses the point. Even with the emergence of quantum computers, mining is still relatively safe (just switch to a hash algorithm), and the real danger is your signature.
Recently, there has been a heated discussion in the English community about Bitcoin Quantum, with only one core focus: the Shor algorithm's impact on reducing the dimensionality of ECDSA signature systems.
Simply put, as long as your public key is exposed on the chain, in front of a quantum computer, your private key is equivalent to being written directly on your forehead. In order to understand the extent of the threat, I have compiled the five most core viewpoints, especially the third point about the ethical debate of 'destruction or theft', which is very exciting:
What does Bitcoin quantum attack mean?
Core threat: It is not mining through quantum computing power (Grover algorithm only weakens hash cracking at the root level, upgrading hash algorithm is sufficient), but rather deducing private keys from public keys (Shor algorithm's devastating blow to ECDSA signature system).
Consequence: Once a computer with enough quantum bits appears, any public key exposed on the chain can have its corresponding private key calculated instantly. This means that attackers can transfer funds directly without signature authorization.
2. Which addresses are at risk?
High risk group (naked running area): addresses whose public keys have been directly exposed in blockchain data.
P2PK (Pay to Public Key): Early mining reward addresses from the era of Satoshi Nakamoto in 2009-2010.
Address Reuse: A P2PKH address that has previously transferred funds (even if only a portion). Because in Bitcoin, the public key is only exposed when a transaction is initiated, and once exposed, the remaining UTXO of that address is in danger.
Data scale: Approximately 4-9 million BTC are estimated to be in this' instantly stolen 'state (including Satoshi Nakamoto's dormant coins).
Relatively safe: P2PKH (and more modern P2SH, SegWit, Taproot) addresses that have never sent transactions to the outside world are still under hash protection for their public keys (quantum computers find it difficult to reverse hash). But as long as a transaction is initiated, the public key will be exposed. If there is quantum computing power monitoring at this time, funds may be intercepted before confirmation.
3. Focus of Community Debate and Core Team Attitude
Debate focus:
Time urgency: Should we hard fork and upgrade now (causing the block size to increase and efficiency to decrease), or wait until the quantum threat approaches before taking action?
Burn vs Steal (Destroy or Allow Theft): For old coins that have not been migrated before the upgrade deadline (such as Satoshi Nakamoto's coins), should hackers be allowed to steal them (market crash), or should they be forcibly frozen/destroyed through consensus (violating decentralization and private property principles)?
Core team perspective (such as Jameson Lopp, Pieter Wuille):
Pragmatism: Reject FUD (panic marketing). Believe that quantum computing is a 'slow disaster' with sufficient warning time.
Waiting standards: unwilling to introduce immature cryptographic schemes too early, inclined to wait for NIST's (National Institute of Standards and Technology) Post Quantum Cryptography Standard (PQC) to mature and be validated in other fields before introducing Bitcoin.
4. Time nodes of attack
Prediction: It is generally believed to be between 2030 and 2040.
Current situation: The strongest quantum computers currently have only a few hundred qubits, while cracking Bitcoin ECDSA requires thousands of logical qubits (corresponding to millions of physical qubits).
Risk: Nonlinear breakthroughs in technology. If there is a sudden engineering leap, the "migration window" left for Bitcoin may be less than 5 years.
5. Response methods
Soft fork upgrade: Introducing new transaction types (such as quantum security scripts under discussion) and supporting anti quantum signature algorithms (such as Lamport signatures or hash based signatures).
Asset migration: Users need to manually transfer Bitcoin from the old address to the new quantum resistant address.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink