Some industry participants have criticized Bitcoin Core developers for moving too slowly when it comes to quantum tech, but a new research report from Galaxy shows that promising defense strategies are already in active development.
The risk is not imminent, but is nonetheless existential. A sufficiently powerful "cryptographically relevant quantum computer" (CRQC) using Shor’s algorithm could theoretically derive a user's private key from their public key. This would make it possible for a bad actor to forge signatures and steal funds.
However, the Galaxy report emphasizes that the network's structure provides a natural defense for most users.
Moreover, developers are currently working on the tools that are necessary for securing the rest.
Who is at risk?
Bitcoin's public keys are typically hidden behind hashed addresses until the exact moment a user spends their coins.
According to estimates from security group Project Eleven, approximately 7 million BTC (roughly $470 billion) at recent prices, remains in those wallets where the public key is already exposed on-chain. These coins mainly belong to early adopters and address reusers.
Possible solutions
The Galaxy report has outlined a suite of technical solutions currently moving through the Bitcoin development pipeline.
These include BIP 360 (Pay-to-Merkle-Root), a soft fork proposal that introduces P2MR outputs, the hourglass proposal, which would rate-limit the spending of legacy P2PK outputs (e.g., to 1 BTC per block) to prevent a quantum-driven supply shock that could crash the market, hash-based signatures (SPHINCS+), a hash-based post-quantum signature scheme recently standardized by NIST, and the reveal emergency backstop, which would force users to publish a compact, hash-based commitment before broadcasting their actual spend.
Dan Burgin
Vladislav Sopov
