There’s been a question circling the Bitcoin world since it’s inception but recently the question has only grown more in prominence, especially in the last few months.
“What happens to Bitcoin if quantum computers crack the encryption?”
So let’s actually walk through it. The promise. The threat. The timeline. The fixes. And what it all means for the long-term thesis.
Why Quantum Computing Is Such a Big Deal
Before we get to Bitcoin, it’s worth understanding why the world is pouring billions of dollars into quantum research in the first place. Because this isn’t just about breaking encryption. That’s a side effect — not the point.
Classical computers, the kind running everything from your phone to the world’s largest supercomputers, process information as bits. Each bit is either a 0 or a 1. A classical computer solves problems by trying combinations sequentially, one after another, however fast the hardware allows.
Quantum computers operate on entirely different physics.
They use qubits, which can exist as 0, 1, or both simultaneously — a property called superposition. They can also entangle qubits so that the state of one instantly influences another, regardless of distance. And they can interfere with themselves mathematically to cancel out wrong answers and amplify correct ones.
What quantum computers are built for is a specific class of problems that are, practically speaking, unsolvable at the scale we need them solved. Problems where the number of variables is so large that a classical supercomputer running for the age of the universe couldn’t find the answer.
The applications being pursued right now are genuinely significant.
Drug discovery. Designing a new drug requires simulating how molecules interact at the atomic level — how they fold, bind, and react. Classical computers can approximate this, but only for small molecules.
There’s even an interesting project called Folding at Home (https://foldingathome.org/) that allows you to donate your computing power to help discover new drugs and therapies.
Quantum simulation can model molecular interactions with far greater fidelity, potentially compressing the decade-long drug development pipeline into years. Google’s quantum algorithm ran 13,000 times faster than classical supercomputers on a molecular structure problem in 2025.
Climate modeling. The atmosphere is an almost impossibly complex system. Quantum computing could enable simulations of climate dynamics, carbon capture chemistry, and new battery materials that are well beyond classical reach.
Materials science. Designing better solar panels, stronger alloys, more efficient superconductors — these all require understanding matter at the quantum level. It’s fitting that the best tool for designing quantum materials is a quantum computer.
The geopolitical stakes are high enough that quantum capabilities have become a national security priority. The U.S., China, and the EU are all treating quantum supremacy as a strategic asset — similar to how they treat artificial intelligence or semiconductor manufacturing.
All of which is context for what follows.
Because the same properties that make quantum computers extraordinary at simulating molecules and optimizing routes also make them capable of attacking certain mathematical problems that modern cryptography depends on. Including the cryptography that secures Bitcoin.
What Is the Threat to Bitcoin?
Bitcoin’s security depends on something called elliptic curve cryptography, or ECC. When you send Bitcoin, you sign the transaction with a private key. The signature proves you own the coins without revealing the private key itself and this entire system rests on one mathematical assumption: that figuring out a private key from a public key is computationally impossible with classical computers.
Quantum computers is a different story.
Back in 1994 — before Bitcoin existed — a mathematician named Peter Shor published an algorithm showing that a sufficiently powerful quantum computer could reverse-engineer a private key from an exposed public key. It’s called Shor’s Algorithm and in theory, it turns Bitcoin’s “impossible to crack” into a solvable puzzle.
The key phrase: sufficiently powerful.
That’s where the whole debate lives.
Is All of Bitcoin At Risk?
Nope.
The vulnerable ones are addresses where the public key has already been revealed on-chain which happens in a few specific situations such as… early Bitcoin transactions that directly embedded public keys in outputs (called P2PK), wallets where addresses have been reused across multiple transactions, and Taproot addresses using the “key path” spend — which is part of why Taproot usage has quietly dropped from 42% of all Bitcoin transactions in 2024 to around 20% today.
Researchers from Project Eleven and Coinbase’s security team have estimated that roughly 6 to 7 million Bitcoin fall into these vulnerable categories. At current prices, that’s somewhere around $470 billion sitting in potentially exposed wallets.
That number includes Satoshi Nakamoto’s estimated 1.1 million coins — early P2PK outputs from the first months of Bitcoin’s existence, never moved, public keys fully exposed on the blockchain since 2009.
So yes. The threat is real. There are real coins with real exposure. Anyone who tells you this isn’t worth taking seriously hasn’t looked at the data.
But there are already solutions being proposed such as BIP 360 (https://bip360.org/) designed to help shore up those coins and many accounts no longer even have their public keys exposed anymore.
So does this effect the Bitcoin network in and of itself? No.
Does it effect the wallets of Bitcoin holders who are not prepared? Yes. 100%.
How Close Is “Q-Day”?
This is where honest people genuinely disagree.
At the end of 2024, Google’s Willow quantum chip demonstrated scalable quantum error correction for the first time. That’s a meaningful milestone — error correction has long been one of the hardest unsolved problems in quantum computing. Microsoft followed with its Majorana 1 chip. The hardware is accelerating faster than most 2020-era projections anticipated.
The most capable quantum computer built to date has around 6,100 physical qubits (Caltech, 2025). Breaking Bitcoin’s elliptic curve cryptography would require millions of stable logical qubits — a very different thing. Physical qubits are error-prone. Logical qubits are error-corrected and reliable. The gap between where we are and where we’d need to be is still enormous.
Estimates on timing break down roughly like this:
Antonio Sanso, who works on Ethereum’s post-quantum security team, puts the likely window around 2035. He’s noted that the key theoretical obstacles have already been cleared — what remains is engineering. NIST, the U.S. federal standards body, has called 2035 a realistic prospect for cryptographically relevant quantum computers.
Adam Back, Blockstream CEO and one of Bitcoin’s most respected technical voices, says the threat is “decades away” and argues that the fear is being systematically overstated.
One BIP-360 co-author put the reasonable planning window at 10 to 20 years.
Very recently Google released this paper stating that the amount needed to break Bitcoin’s keys would actually need 95% of the computing power as estimated and that we could see this happen before 2030.
Here’s what I take away from all of this: no credible expert is saying the threat arrives tomorrow. And no credible expert is saying it never arrives. The debate is about when — not whether.
Now here’s the other thing… this is just for coins that are not protected.
This will not lessen or increase the supply of Bitcoin - 21 Million is still 21 Million.
This does not break the network either, our wallets will just have to quantum resistant so for me nothing about the thesis has changed.
What Is Being Done About It?
More than most people realize.
In March 2026, Bitcoin Improvement Proposal 360 — known as BIP-360 — was officially merged into Bitcoin’s proposal repository. It’s the first concrete step toward quantum resistance at the protocol level.
BIP-360 introduces a new output type called Pay-to-Merkle-Root, or P2MR. The key change: it takes the standard Taproot model but removes the “key path” spending route — the specific mechanism that exposes public keys on-chain. New P2MR addresses will start with bc1z, and they can be created via soft fork without breaking existing Bitcoin nodes.
Think of it as patching the specific hole before the threat requires you to rebuild the whole building.
BTQ Technologies has already deployed BIP-360 on a Bitcoin Quantum Testnet — more than 50 miners, over 100,000 blocks processed, 100+ open-source contributors actively testing it. The testnet also integrates post-quantum signature schemes like Dilithium, which produces signatures that can withstand Shor’s Algorithm.
But BIP-360 isn’t the finish line. It’s the starting line.
There are real limitations to understand honestly. BIP-360 doesn’t automatically upgrade existing coins — users have to move funds manually to the new address type.
It doesn’t address “short-exposure” risk, where a public key appears briefly in the mempool during a transaction and could theoretically be exploited before the transaction confirms.
The full post-quantum upgrade for Bitcoin — replacing the underlying signature schemes with lattice-based or hash-based cryptography — is estimated to take between 5 and 10 years of coordinated development, testing, and deployment. That’s not a comfortable margin.
It’s workable, but only if the work accelerates.
The U.S. government isn’t waiting. Federal agencies face an April 2026 deadline to submit post-quantum cryptography transition plans under National Security Memorandum 10.
The government has mandated phasing out ECDSA cryptography entirely by 2035. The EU has set a quantum-resistance target for critical infrastructure by 2030.
In other words: the people whose job it is to protect national security infrastructure are treating this as a serious, near-term planning problem.
Bitcoin developers should too.
So What Happens to The Leftover Supply?
Here’s where it gets genuinely complicated.
When a quantum-resistant upgrade arrives, active users will migrate their Bitcoin to new quantum-safe addresses. Exchanges, custodians, institutional holders — they’ll move their coins.
But what about the coins that can’t move?
Satoshi’s 1.1 million Bitcoin. Wallets where people lost their private keys years ago. Early adopters who died without passing on their seed phrases. All of the “lost” Bitcoin that has never moved.
Some estimates put the total permanently lost or dormant Bitcoin supply at 3 to 4 million coins, and much of that supply lives in exactly the old address formats that would be most vulnerable under a quantum attack.
If those coins cannot be migrated — because no one holds the private key to authorize a move — they face one of two outcomes: they get stolen by whoever gets to Q-Day with sufficient hardware, or the Bitcoin community takes the difficult governance step of freezing or burning them as part of the transition.
Charles Edwards of Capriole has suggested penalizing coins that don’t migrate to BIP-360 addresses by 2028.
Others argue that’s a form of confiscation and would be a governance nightmare.
There’s no clean answer here.
But one thing is worth noting: if quantum-vulnerable dormant coins do get permanently locked out of circulation during the transition, the effective supply of spendable Bitcoin shrinks further. In a fixed-supply asset, that has one direction of effect on price.
Michael Saylor framed it bluntly: the quantum threat could trigger the largest supply reduction event in Bitcoin’s history.
He believes it’s a tailwind, not a headwind which may be too optimistic about the governance challenges involved. But the underlying arithmetic isn’t wrong.
Bitcoin Has Been Upgraded Before And With Enough Incentive Will Do So Again
It’s worth stepping back and looking at the track record.
Bitcoin has been upgraded before. SegWit in 2017. Taproot in 2021. Both required years of debate, careful coordination, and broad ecosystem support. Both happened without breaking the network.
Compared to Ethereum, Solana, or most other blockchains, Bitcoin actually faces a smaller quantum exposure problem. Bitcoin — because it uses hash-based receiving addresses and most users don’t reuse addresses — has a third or less of its supply in vulnerable positions.
Bitcoin’s Proof-of-Work consensus mechanism also faces a much more distant quantum risk than signature cryptography does. SHA-256, the algorithm that underlies Bitcoin mining, is far more resistant to quantum attack than other cryptographic algorithms.
The developers who work on Bitcoin’s protocol are not naive about this. BIP-360 being merged is a signal that the work is actively underway. The testnet deployment is a signal that real engineering is happening, not just academic discussion.
What This Means for You
A few things worth taking away from all of this.
If you hold Bitcoin in modern wallet formats — SegWit (bc1q) or newer — and you don’t reuse addresses, your exposure is minimal under current timelines. Good key hygiene today means less to worry about tomorrow.
If you hold Bitcoin in very old wallet formats, or in addresses you haven’t moved in years, it’s worth understanding what type of address you’re holding. Not to panic-sell. To plan.
And if you’re evaluating Bitcoin as a long-term asset — which is what this newsletter is fundamentally about — the quantum story is not a reason to exit. It’s a reason to pay attention.
Bitcoin faces a real technical challenge. The community knows it, is working on it, and has the track record to suggest it can solve it.
The threat has a realistic window of 5 to 10 years.
The fixes are in development now. The governance debate is messy, but it’s happening.
That’s not a fatal flaw. That’s a protocol evolving in public — which is exactly how trustworthy systems are supposed to work.
The $1M thesis is built on Bitcoin’s ability to adapt, not on the assumption that nothing will ever challenge it. Quantum computing is the next challenge on that list.
Given the track record... it’s not the one that ends the story.
Anthony
If you want to go deeper on the full case — the scarcity, the institutional adoption, the geopolitical dynamics, and yes, the risks like this one explained plainly — “The Million Dollar Bitcoin... And How You Can Profit” lays it all out. Available now on Amazon.