Although quantum computers have not yet reached a stage that poses a direct risk for cryptocurrencies in the near term, developers are working on various defense plans against potential threats. In particular, new research on Bitcoin’s basic encryption structure revealed this week has accelerated preparations against a possible quantum attack.
The extent of quantum risk and technical vulnerabilities
In the latest research published by Google, it is claimed that sufficiently powerful quantum computers can break the core encryption used by the Bitcoin network in as little as nine minutes. This period stands out as being even shorter than the verification interval of Bitcoin transactions in a block. According to some estimates, such a threat may become a reality by 2029.
Currently, approximately 6.5 million Bitcoins are sitting in addresses that can be directly targeted by a quantum-enabled computer. Among these, there are assets known to belong to Satoshi Nakamoto. Cryptographic breakage is considered a development that threatens the foundations of Bitcoin, which is based on the principles of “trust in the code” and “sound money”.
Bitcoin’s security is based on the fact that the one-way mathematical relationship between the private and public key is practically impossible to break according to current computers. But advanced quantum computers may be capable of reversing this relationship.
New protection methods developed
The root of the problem is a vulnerability caused by the public keys being permanently visible in the chain. Bitcoins that have been dormant for years, especially at addresses such as Taproot and P2PK, are considered risky in this respect. Over 1.7 million Bitcoins in old addresses remain under constant threat in a similar way.
BIP 360, one of the technical solution proposals, offers a new output type called Pay-to-Merkle-Root (P2MR) that will prevent public keys from being permanently located on the blockchain. Thus, the data that could be obtained by potential quantum attackers is taken away. It is stated that such updates alone will not be sufficient for Bitcoins in old addresses that are currently unprotected.
On the other hand, the SPHINCS+-based post-quantum signature algorithm called SLH-DSA, approved by the US Institute of Standards and Technology in 2024, stands out as a new signing method that is more resistant to quantum computers. Due to the signature size of up to 8 kilobytes compared to existing Bitcoin signatures, such solutions may result in additional space costs on the chain and an increase in transaction fees. More efficient signing suggestions such as SHRIMPS and SHRINCS are also being evaluated against this problem.
The Commit/Reveal method, developed by Tadge Dryja, one of the founders of the Lightning Network, and which brings a two-stage transaction record to the blockchain, aims to temporarily protect pending transactions, especially against quantum attacks. In this model, only the hash value of the transaction intent is recorded on the chain first; Afterwards, the actual transaction is explained. When attackers create a new transaction that has not been committed to the chain before, the network provides protection by verifying with the owner’s previously registered fingerprint.
The Hourglass V2 proposal, signed by developer Hunter Beast, allows a single Bitcoin to be spent per block to prevent the market from experiencing a sudden collapse, especially by quickly seizing Bitcoins that have been waiting for a long time in old addresses. Thus, a possible wave of panic is restrained. However, this proposal raises an important debate within the Bitcoin community.
None of the suggestions presented have been implemented yet. Bitcoin’s decentralized structure and approval processes of internal stakeholders show that such radical changes will take time. However, ongoing discussions among developers show that this issue has been on the agenda for a long time.
