Bitcoin faces quantum computers: The real issue isn’t technical

Bitcoin can block quantum computers. Probably.

But first, the network must agree on how to do it. And that’s where the problem lies. Guillaume Girard, a partner at UTXO Management, says that the quantum threat isn’t really a question of code. It’s a matter of policy. In his article “Bitcoin and the Quantum Threat: A Non-Technical Guide,” Girard notes that a quantum computer powerful enough to break Bitcoin’s cryptography does not yet exist. But waiting could be costly. The process to change Bitcoin takes time. A lot of time.

Technical Solutions Already Exist

Bitcoin uses elliptic curve cryptography to secure transactions. A truly powerful quantum computer, using what is known as Shor’s algorithm, could steal private keys. Google has stated that a machine with fewer than 500,000 qubits could threaten Bitcoin. Their post-quantum readiness target is set for 2029. Not far off.

Currently, about 1.7 million BTC are vulnerable to quantum attacks. These coins have their public keys exposed, making them easier to target. The BIP-360 proposal introduces a new type of transaction called Pay-to-Merkle-Root. This system eliminates public key exposure. Simple in theory.

BIP-361 accompanies this proposal with a three-phase migration plan. But there’s a catch. Wallets that do not adapt within a five-year timeframe could see their funds frozen. Not ideal. Another proposal, Hourglass, takes a different approach. It would limit the theft of BTC to a single unit per block. This would slow attackers and reduce the economic impact. The fee revenue would go to miners, which might convince them to support the change.

What to Do About Lost Coins

Lost wallets pose a big problem. No one can migrate them to a new security system. Two options are on the table: burn the vulnerable BTC after a deadline, or accept that they could be stolen while limiting the damage. Burning the coins is controversial. It would set a precedent for censorship in a protocol that aims to be neutral. Bitcoin has always operated on the principle that no one can confiscate or destroy coins.

But leaving these coins vulnerable creates another risk. A quantum attacker could steal them all at once, destabilizing the market. Girard notes that these solutions require broad social consensus. Not just from developers. Major institutional players must also be on board. And that’s where it gets complicated.

Institutions have a limited tolerance for inaction. They possess the financial power to influence the market. They can push for quick solutions, even if it disrupts the traditional Bitcoin community. This dynamic could shift power from developers to these new players. Not everyone likes that.

The debate now extends well beyond developer forums. Jefferies has removed its Bitcoin allocation from its model pension portfolio. Their reason? The quantum risk threatens Bitcoin’s cryptographic foundation. Michael Saylor has launched a security program to assess the threat. Citi estimates that the quantum risk to crypto could reach several trillion dollars.

These reactions show that institutions take the threat seriously. Probably more seriously than many in the Bitcoin community. The lack of quick consensus could push some players to take independent measures. Governments and asset managers might act alone to protect their investments. This could upset the traditional balance of power in Bitcoin.

Bitcoin has always been committed to its decentralized governance. No one controls the network. But the quantum threat tests this principle. If institutions start dictating changes, the nature of Bitcoin could change. Girard says the real challenge is not to create a technical solution. It’s to activate an update before truly dangerous quantum computers, the CRQC, arrive.

Time is running out. Especially for institutional players who have invested billions in Bitcoin. Waiting for absolute certainty that quantum computers are coming is a risk in itself. If the community waits too long, it might not have time to migrate all vulnerable coins. And then, 1.7 million BTC could be at risk.

The Hourglass proposal attempts to limit the damage by allowing only one stolen BTC transfer per block. This would slow attackers, giving them less time to move large amounts of coins. Miners would benefit from transaction fees, which could incentivize them to support this approach. But again, it requires consensus.

BIP-361 proposes a three-phase migration, but the risk of freezing funds remains. Wallets that do not adapt within five years would lose access to their coins. It’s a tough compromise. Protecting the network from quantum attacks might mean sacrificing some coins. Not an easy decision.

Bitcoin’s ability to adapt quickly becomes a test of its resilience. Not just as a technology, but as a system governed by consensus. The pressure to act keeps growing. Institutions want answers. Developers want time to do things right. And in between, the quantum risk grows.

The outcome of this challenge could redefine the fundamental principles of Bitcoin governance. If the network can agree on a solution and deploy it in time, it will show that Bitcoin can evolve in the face of new threats. If consensus fails, it could open the door to more centralized governance, led by those with the most to lose.

Google aims for 2029 for post-quantum readiness. That leaves about five years for Bitcoin to agree and act. Five years may seem long, but in the world of Bitcoin governance, it’s a blink of an eye. Major changes take years to be accepted and deployed. The quantum threat won’t wait.