David Puell
David Puell|3月 12, 2026 00:53
In collaboration with @unchained, ARK Invest's new paper on Bitcoin and Quantum computing is live! ---- Bitcoin and Quantum Computing This paper assesses whether and how advances in quantum computing (QC) pose a risk to Bitcoin. Our two central arguments are as follows: 1. Quantum is a long-term risk but not an imminent threat. The community must continue to research and make plans for protecting the network as quantum computers improve. 2. If quantum computing were to affect Bitcoin’s cryptography, the process would be protracted and undertaken at a cost to the attacker. Today’s quantum systems lack the capabilities required to compromise Bitcoin. Meaningful breakthroughs would disrupt internet security first, triggering coordinated responses well beyond Bitcoin. In our view, quantum development will be a gradual technological progression—not a sudden “Q-day” event—giving markets and the Bitcoin network time to adapt. Quantum computers use qubits that can exist in superposition, enabling quantum algorithms to scale more quickly than classical algorithms. Their performance is measured by parameters like the number of logical qubits and the degree of logical depth, both of which must be high and error-corrected to have an impact on Bitcoin. Today’s systems operate in the so-called “NISQ era”—roughly 100 logical qubits and circuit depths in the hundreds—both well below the thresholds necessary to break Bitcoin’s elliptic curve cryptography (ECC). To do so would require at least 2,330 logical qubits and tens of millions to billions of quantum gates. Of the Bitcoin supply currently exposed to the quantum threat, ~1.7 million bitcoin (BTC) lie in vulnerable P2PK address types and are believed to be lost, and ~5.2 million BTC lie in migratable re-used or P2TR addresses—adding to ~35% of total outstanding supply. That said, quantum risk is unlikely to surface as an event but as a protracted sequence of observable milestones, as follows: Stage 0: Quantum computers exist but are not commercially useful. Today’s quantum computers operate with limited logical qubits and high error rates, presenting no threat to Bitcoin. Stage 1: Quantum computers become commercially useful in fields like chemistry and materials simulation, well before cryptographic applications manifest. Stage 2: Quantum computing becomes powerful enough to break weak keys or deprecated cryptosystems. Stage 3: Quantum computers can break elliptic curve cryptography of the kind used for bitcoin keys, but they take a long time to do so. Quantum-vulnerable bitcoin is now at risk. Stage 4: Key-breaking occurs more quickly than Bitcoin’s 10-minute block time, network viability requiring protocol-level, post-quantum cryptography upgrades. Against that backdrop, the most important investment-related questions are: 1. When will quantum computing break an elliptic curve key for the first time, and when will the subsequent break take place? 2. Who will control early quantum capability, and what will be their incentives? 3. What will quantum attacks cost relative to other more profitable or rewarding efforts? 4. How effectively will the Bitcoin community coordinate governance decisions and implement post-quantum cryptography? This paper argues that quantum risk will evolve over an extended period of time, with many intermediate warning signals and decision points. An abrupt single point of failure is unlikely.(David Puell)
+4
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads