Technology and Innovation Community

https://bitwiseinvestments.eu/blog/crypto-research/is-quantum-computing-a-threat-to-bitcoin/

• Bitcoin’s network is overwhelmingly secure, with a hash rate equivalent to more than a million El Capitan-class supercomputers - far beyond the reach of both classical and today’s quantum machines. The primary long-term quantum risk lies not with the network itself, but with individual wallets whose public keys become exposed.
• The Bitcoin ecosystem will need to take challenging steps to mitigate individual wallet risk, but it has a pathway to do this and we believe it will succeed.
• A cryptographically relevant quantum computer (CRQC) capable of breaking Bitcoin’s elliptic-curve signatures would require 5,000–10,000 logical qubits - orders of magnitude beyond today’s 105-qubit devices like Google’s Willow. Estimates for “Q-Day” vary widely, but Bitcoin has ample time to implement quantum-resistant upgrades, while millions of dormant legacy coins remain the only meaningful point of vulnerability.
• Traditional financial institutions face quantum risk much earlier.

Hope you find this research interesting and insightful - would be great to hear feedback

------------------------------
Ray Dillet
Head of Financial Institutions
------------------------------

Great article. I think there can be two debates with regards QC as a threat to Crypto, particularly BTC:

1. Is QC a threat to the security of the BTC blockchain network? (what the text and article above refers)
2. Is QC a threat to BTC mining using traditional computing?

With regards the first debate, I think the article makes very good points but probably overstates BTC's safety by relying on uncertain qubit estimates, assuming slow progress in quantum hardware, and overlooking major coordination challenges in upgrading BTC. For instance, advances in algos, error correction, and alternative qubit architectures could drastically reduce the qubit threshold. Pointing to today's 105-qubit devices as evidence of long timelines ignores the rapid scaling happening in other architectures like neutral atoms and photonics. Moreover, dormant coins aren't the only risk since any exposed public key is vulnerable to harvest-now, decrypt-later attacks. Last but not least, BTC slow governance means "ample time" is quite a leap of faith as far as assumptions are concerned. I am not an expert in cybersecurity so I will appreciate if other members can add value by issuing an opinion on this first question on security.

If we shift the conversation to the second debate on whether QC may pose a threat to BTC miners, I have read a bit more on this matter to understand that QC is much less of a threat to BTC mining than to Bitcoin's signatures. For the time being, QC does not seem to be able to outpace ASIC (Application-Specific Integrated Circuits aka brute force) miners since there are specialized BTC-specific ASICs hardware built solely for SHA-256 hashing, the core operation in PoW (Proof-of-Work) mining; whereas best-known quantum algo for this kind of brute-force search is Grover's algorithm, which gives a quadratic speedup, not an exponential one. In fact, a QC running Grover's algorithm would need:

• Millions of error-corrected logical qubits, not thousands.
• Billions of coherent gate operations performed without interruption.
• Extremely high clock speed and near-zero error.

As far as I am aware of, current and near-term QCs are nowhere near this.

Some interesting articles on these topics:

• https://chaincode.com/bitcoin-post-quantum.pdf
• https://www.sciencedirect.com/science/article/pii/S1574013725001224

I'm keen to hear the tech community's perspective, especially since QC is advancing so rapidly. It's likely that some members have seen new developments I'm not yet familiar with.

------------------------------
Carlos Salas
Portfolio Manager & Freelance Investment Research Consultant
------------------------------