Quantum Could Break Bitcoin Sooner Than We Thought | Alex Pruden

Recent research papers have significantly reduced the estimated resources needed for quantum computers to break blockchain cryptography, particularly Bitcoin and Ethereum, by attacking Shor's algorithm. One paper from Google suggests the computational requirements have dropped from billions to around 7 million operations, while another from Caltech and Oratomic proposes a reduction to 10,000 physical qubits, achievable with current quantum computer architectures. These theoretical advancements imply that the timeline for quantum computers posing a real threat to blockchains has been considerably shortened, moving the threat from a distant future to a more immediate concern. At its core, the vulnerability lies in Shor's algorithm, which can efficiently break the public-key cryptography, specifically Elliptic Curve Digital Signature Algorithm (ECDSA), that underpins most blockchain security. ECDSA is used to verify ownership and authorize transactions by linking a public key to a private key. Shor's algorithm allows a quantum computer to derive a private key from a public key, effectively enabling an attacker to forge signatures and steal assets. This poses an existential threat to blockchains, as it undermines the fundamental concept of digital ownership. The risk is not uniform across all blockchains or even all transactions. Bitcoin and Ethereum, for instance, use ECDSA with the same underlying curve. However, the way addresses are derived and used creates different risk profiles. Bitcoin addresses are typically hashed public keys, and while new addresses are often generated for change, this process can expose the public key when transactions are broadcast. Ethereum, with its account-based system and frequent interactions with smart contracts, often leads to public key exposure through address reuse. A critical development highlighted by the Google paper is the potential for "real-time attacks." Previously, it was assumed that dormant wallets with exposed public keys would be the primary targets for quantum computers, as they were assumed to be slow. However, the new research suggests that quantum computers might become fast enough to intercept transactions in the mempool, execute Shor's algorithm within a single block time, and then rebroadcast the transaction to themselves, effectively stealing the funds before the original transaction is confirmed. This makes even active blockchains vulnerable to immediate theft. Faster blockchains, in theory, might have a smaller window for such attacks, but the practicalities of address reuse and transaction broadcasting can negate this advantage. For example, while Solana's addresses are public keys themselves (not hashed), making them directly vulnerable, Ethereum's 12-second block time is still too slow for real-time attacks if addresses are not reused. However, the reality of Ethereum usage, where addresses are often reused, exposes public keys and renders it susceptible. The good news is that the cryptographic community has been aware of the quantum threat since Shor's algorithm was invented in the 1990s, and efforts to develop post-quantum cryptography (PQC) have been ongoing. The U.S. National Institute of Standards and Technology (NIST) has already standardized several PQC algorithms. These new algorithms can be implemented to replace ECDSA, offering security against quantum computers. However, PQC algorithms come with trade-offs. They often result in larger signature sizes and slower processing times, and may lack features like multi-signature support that are common in current wallets. This necessitates a significant upgrade and migration across the entire blockchain ecosystem, including protocols, infrastructure, and user wallets. Project 11, co-founded by Alex Pruden, is actively working on addressing this challenge. They aim to future-proof existing systems and build new cryptographic primitives for the quantum era. Project 11 has developed a post-quantum migration product for Bitcoin called "Yellow Pages" and is releasing a post-quantum vault for Ethereum that allows users to secure their assets against quantum adversaries today. While these solutions may not have feature parity with current wallets due to the limitations of PQC, they represent a crucial first step in migration. Project 11 also collaborates with protocols like Zcash to optimize PQC algorithms and offers research reports to raise awareness and provide guidance on quantum computing timelines and blockchain vulnerabilities. The timeline for "Q-Day," the day a quantum computer capable of breaking current cryptography emerges, is uncertain. Estimates range from 2029 to beyond 2032, with some experts suggesting it's already too late to start preparing. Given the potential for catastrophic consequences, including loss of user trust, chaotic migration efforts, and direct asset theft, the consensus is that preparation must begin immediately. The Ethereum Foundation, for example, has prioritized PQC and is integrating it into its roadmap. Privacy-preserving blockchains and Layer-2 scaling solutions using zero-knowledge proofs also face quantum risks. While privacy features can offer some defense, certain zero-knowledge proof schemes that rely on "trusted setups" are vulnerable if those setups use elliptic curve cryptography. However, newer schemes that do not require trusted setups are more resilient. For Layer-2 solutions, the sequencers and the addresses used for transactions remain vulnerable, potentially making them attractive targets for quantum attackers. Ultimately, addressing the quantum threat requires a collective effort. Stakeholders, including developers, users, and holders, must become actively involved in demanding quantum-resistant solutions and ensuring timely migration. The transition will be challenging, involving painful trade-offs and a complete overhaul of existing infrastructure. However, by acknowledging the problem and working collaboratively, the blockchain community can navigate this existential threat and ensure the future of decentralized technologies.