Mastodon
January 4, 2025

Bitcoin and Quantum Computing: A Real Threat or Just Alarmism?

Bitcoin and Quantum Computing: A Real Threat or Just Alarmism?

Since its creation in 2009, Bitcoin has symbolized innovation and resilience. However, from time to time, alarmist narratives arise about emerging technologies that could "break" its security. Among these, quantum computing stands out as one of the most recurrent. But does quantum computing truly threaten Bitcoin? And more importantly, what is the community doing to ensure the protocol remains invulnerable?

The answer, contrary to sensationalist headlines, is reassuring: Bitcoin is secure, and the community is already preparing for a future where quantum computing becomes a practical reality. Let’s dive into this topic to understand why the concerns are exaggerated and how the development of BIP-360 demonstrates that Bitcoin is one step ahead.

What Is Quantum Computing, and Why Is Bitcoin Not Threatened?

Quantum computing leverages principles of quantum mechanics to perform calculations that, in theory, could exponentially surpass classical computers—and it has nothing to do with what so-called “quantum coaches” teach to scam the uninformed. One of the concerns is that this technology could compromise two key aspects of Bitcoin’s security:

  1. Wallets: These use elliptic curve algorithms (ECDSA) to protect private keys. A sufficiently powerful quantum computer could deduce a private key from its public key.
  2. Mining: This is based on the SHA-256 algorithm, which secures the consensus process. A quantum attack could, in theory, compromise the proof-of-work mechanism.

Understanding Quantum Computing’s Attack Priorities

While quantum computing is often presented as a threat to Bitcoin, not all parts of the network are equally vulnerable. Theoretical attacks would be prioritized based on two main factors: ease of execution and potential reward. This creates two categories of attacks:

1. Attacks on Wallets

Bitcoin wallets, secured by elliptic curve algorithms, would be the initial targets due to the relative vulnerability of their public keys, especially those already exposed on the blockchain. Two attack scenarios stand out:

  • Short-term attacks: These occur during the interval between sending a transaction and its inclusion in a block (approximately 10 minutes). A quantum computer could intercept the exposed public key and derive the corresponding private key to redirect funds by creating a transaction with higher fees.

  • Long-term attacks: These focus on old wallets whose public keys are permanently exposed. Wallets associated with Satoshi Nakamoto, for example, are especially vulnerable because they were created before the practice of using hashes to mask public keys.

We can infer a priority order for how such attacks might occur based on urgency and importance.

Bitcoin Quantum Attack: Prioritization Matrix (Urgency vs. Importance)

2. Attacks on Mining

Targeting the SHA-256 algorithm, which secures the mining process, would be the next objective. However, this is far more complex and requires a level of quantum computational power that is currently non-existent and far from realization. A successful attack would allow for the recalculation of all possible hashes to dominate the consensus process and potentially "mine" it instantly.

Satoshi Nakamoto in 2010 on Quantum Computing and Bitcoin Attacks

Recently, Narcelio asked me about a statement I made on Tubacast:

https://x.com/eddieoz/status/1868371296683511969

If an attack became a reality before Bitcoin was prepared, it would be necessary to define the last block prior to the attack and proceed from there using a new hashing algorithm. The solution would resemble the response to the infamous 2013 bug. It’s a fact that this would cause market panic, and Bitcoin's price would drop significantly, creating a potential opportunity for the well-informed.

Preferably, if developers could anticipate the threat and had time to work on a solution and build consensus before an attack, they would simply decide on a future block for the fork, which would then adopt the new algorithm. It might even rehash previous blocks (reaching consensus on them) to avoid potential reorganization through the re-mining of blocks using the old hash. (I often use the term "shielding" old transactions).

How Can Users Protect Themselves?

While quantum computing is still far from being a practical threat, some simple measures can already protect users against hypothetical scenarios:

  • Avoid using exposed public keys: Ensure funds sent to old wallets are transferred to new ones that use public key hashes. This reduces the risk of long-term attacks.
  • Use modern wallets: Opt for wallets compatible with SegWit or Taproot, which implement better security practices.
  • Monitor security updates: Stay informed about updates from the Bitcoin community, such as the implementation of BIP-360, which will introduce quantum-resistant addresses.
  • Do not reuse addresses: Every transaction should be associated with a new address to minimize the risk of repeated exposure of the same public key.
  • Adopt secure backup practices: Create offline backups of private keys and seeds in secure locations, protected from unauthorized access.

BIP-360 and Bitcoin’s Preparation for the Future

Even though quantum computing is still beyond practical reach, the Bitcoin community is not standing still. A concrete example is BIP-360, a proposal that establishes the technical framework to make wallets resistant to quantum attacks.

BIP-360 addresses three main pillars:

  1. Introduction of quantum-resistant addresses: A new address format starting with "BC1R" will be used. These addresses will be compatible with post-quantum algorithms, ensuring that stored funds are protected from future attacks.
  2. Compatibility with the current ecosystem: The proposal allows users to transfer funds from old addresses to new ones without requiring drastic changes to the network infrastructure.
  3. Flexibility for future updates: BIP-360 does not limit the choice of specific algorithms. Instead, it serves as a foundation for implementing new post-quantum algorithms as technology evolves.

This proposal demonstrates how Bitcoin can adapt to emerging threats without compromising its decentralized structure.

Post-Quantum Algorithms: The Future of Bitcoin Cryptography

The community is exploring various algorithms to protect Bitcoin from quantum attacks. Among the most discussed are:

  • Falcon: A solution combining smaller public keys with compact digital signatures. Although it has been tested in limited scenarios, it still faces scalability and performance challenges.
  • Sphincs: Hash-based, this algorithm is renowned for its resilience, but its signatures can be extremely large, making it less efficient for networks like Bitcoin’s blockchain.
  • Lamport: Created in 1977, it’s considered one of the earliest post-quantum security solutions. Despite its reliability, its gigantic public keys (16,000 bytes) make it impractical and costly for Bitcoin.

Two technologies show great promise and are well-regarded by the community:

  1. Lattice-Based Cryptography: Considered one of the most promising, it uses complex mathematical structures to create systems nearly immune to quantum computing. Its implementation is still in its early stages, but the community is optimistic.
  2. Supersingular Elliptic Curve Isogeny: These are very recent digital signature algorithms and require extensive study and testing before being ready for practical market use.

The final choice of algorithm will depend on factors such as efficiency, cost, and integration capability with the current system. Additionally, it is preferable that these algorithms are standardized before implementation, a process that may take up to 10 years.

Why Quantum Computing Is Far from Being a Threat

The alarmist narrative about quantum computing overlooks the technical and practical challenges that still need to be overcome. Among them:

  • Insufficient number of qubits: Current quantum computers have only a few hundred qubits, whereas successful attacks would require millions.
  • High error rate: Quantum stability remains a barrier to reliable large-scale operations.
  • High costs: Building and operating large-scale quantum computers requires massive investments, limiting their use to scientific or specific applications.

Moreover, even if quantum computers make significant advancements, Bitcoin is already adapting to ensure its infrastructure is prepared to respond.

Conclusion: Bitcoin’s Secure Future

Despite advancements in quantum computing, the reality is that Bitcoin is far from being threatened. Its security is ensured not only by its robust architecture but also by the community’s constant efforts to anticipate and mitigate challenges.

The implementation of BIP-360 and the pursuit of post-quantum algorithms demonstrate that Bitcoin is not only resilient but also proactive. By adopting practical measures, such as using modern wallets and migrating to quantum-resistant addresses, users can further protect themselves against potential threats.

Bitcoin’s future is not at risk—it is being carefully shaped to withstand any emerging technology, including quantum computing.