Given there are still over 4 million BTC (about 25% of all Bitcoins) which are potentially vulnerable to a quantum attack1. This is tens of billions of dollars at risk for Bitcoin alone!

An attack by a quantum computer that has the capability to break ECC would be disastrous for the cryptocurrency industry. Some call this day “Q-Day” or “Y2Q” or even a “Black swan event2”.

To understand why Bitcoin is at risk today and truly understand the urgency - take a look at these parameters from the Global Risk Institute3:

  • the shelf-life time: the number of years the data should be protected for;
  • the migration time: the number of years needed to safely migrate the systems protecting that information;
  • the threat timeline: the number of years before relevant threat actors can potentially access cryptographically-relevant quantum computers.

Organizations will not be able to protect their assets from quantum attacks in time if the quantum threat timeline is shorter than the sum of the shelf-life and migration times.

Or simply put in a formula:


The shelf-life is currently unknown. Shelf-life is until Q-Day, OR when the Bitcoin community chooses to implement quantum-resistant algorithms.
The migration time would be the time for cryptocurrency wallet owners to move from old vulnerable addresses to quantum-resistant addresses. Bitcoin is already at a disadvantage here as we assume it is not possible to reach 100% adoption rate (e.g. lost addresses, inactivity..)
The threat timeline - an estimation or prediction for when a quantum computer is feasible enough to break Bitcoin. Currently there are predictions that aim at around 2035.

Experts view on the likelihood of breaking RSA-2048 in 24 hours in the next 15 years
Global Risk Institute 2022 Quantum Threat Timeline Report mentioned..
More than half (22/40) of the respondents indicated “about 50%” likely or more
likely, among whom 11 indicated a “>70%” likelihood or higher. This time frame
appears to be a tipping point, as the number of respondents estimating a likelihood
of “about 50%” or larger become the majority[^3].

Read the full report to see their other estimates and get a better understanding of the quantum threat.

This section will dive deeper on the different types of quantum attacks on the Bitcoin network. The main vulnerabilities are the ECDSA vulnerability and the Proof-of-Work vulnerability.

  1. ↩︎

  2. ↩︎

  3. ↩︎