Bitcoin could be in danger as quantum computing advances

Is Bitcoin in danger? Recent achievements in quantum computing suggest that the grandaddy of cryptocurrencies may not survive the current decade.

IBM, Google, and other companies are racing to create the fastest quantum computer, a device that could completely change today's cryptography. Secure communications, banking, and cryptocurrencies rely on robust encryption for their safety and security.

One crude way to measure the power of a quantum system is the number of qubits or quantum-mechanical elements entangled in superposition. Each additional qubit exponentially increases the potential processing power of the quantum system.

Google recently announced its quantum computer with 70 operational qubits. In a matter of minutes, this system can accomplish a task that would take traditional supercomputers tens of years to complete.

IBM plans to offer 433-qubit quantum systems in the near future and to unveil the world’s first universal quantum computer, with more than 1,000 qubits, this year. Also, the company expects to produce a quantum computer with more than 4,000 qubits by 2025.

Quantum computers will undoubtedly benefit society in many ways. But these rapid developments should be worrying for crypto bros.

Already, two algorithms exist which could be utilized against Bitcoin. The main question ­­is – how long will it take quantum computers to achieve the computing power for that?

The answers vary wildly, from a few hundred to billions of qubits. Qubits are not created equally, as the quantum states necessary for computation are fragile and susceptible to interference. That makes scaling quantum computers a substantial technical challenge.

However, many agree that even a few thousand would be enough to play some tricks on Bitcoin holders, and this will be achievable within the current decade.

IBM quantum computer CeBIT 2018 Germany
IBM quantum computer at CeBIT 2018

Is the blockchain at risk?

The most significant threat to Bitcoin would be the compromise of cryptographic hashes, affecting blockchain integrity and mining.

Let’s say a vastly superior quantum computer suddenly appears as a fellow miner, produces 2,016 empty blocks in 1 minute, and then disappears just as suddenly.

That would increase Bitcoin mining difficulty by 20,160 times. All the traditional miners in the world would then have to work for 140 days instead of 10 minutes to find the hash value of a single block. Not a single Bitcoin transaction could go through in the blockchain during this time.

Thereafter it would need 140 more days for a second block, 140 more days for the third, and so on. If everything remained this way, it would take 773 hundred years to solve all 2016 blocks and readjust the mining difficulty to normal levels.

The holy grail of Bitcoin mining is finding a hash value with an adequate number of zeroes. Miners do just that. They repeat the hash function billions of times to get different 256-bit numbers and then check if the number is low enough. If it is, they’re rewarded with newly generated bitcoins for creating a new block. If not, they repeat the process over and over.

The network adjusts the difficulty to generate a single block every 10 minutes. If the network's computation power increases, the hash value that the miners need to find becomes smaller. Bitcoin's mining difficulty is updated every 2,016 blocks.

Quantum computers may utilize Grover's algorithm for such an attack, but they’ll still need to perform a large number of operations. This quantum algorithm offers a quadratic improvement in speed compared to the classical counterparts. Yet, if an exact hash value is required, quantum computers would still need to run 2^128 operations in the worst case, while traditional computers would take much longer with 2^256 operations.

While Grover’s algorithm poses a risk to cryptographic hashing, it’s not alone. Shor’s algorithm can crack the encryption used to protect individual wallets. It is used to efficiently factor large numbers, a task too complex for traditional computers.

Crypto miner showing bitcoin
Crypto miner showing bitcoin

How many qubits are needed?

To attack SHA-2 functions with 256-bit states, using Grover’s algorithm, 2593 qubits would be required, according to Richard Preston’s paper.

But that does not tell the whole story. Those qubits should achieve frequencies as fast as their computer counterparts. And even then, more quantum computers should work in parallel to compete with the millions of traditional ASICs.

Moreover, the qubits are subjected to environmental noise that degrades or destroys their state over time. Any errors introduced by noise must be fixed using quantum error correction, which requires more qubits. For example, eight physical qubits could compose only a single “logical” qubit to bring error rates to an acceptable level.

And there is also a need for more memory and more qubits specifically for Bitcoin because mining includes more data in the SHA functions.

According to calculations, an honest quantum Bitcoin miner would need around 10,000 qubits quantum computer without considering quantum noise. That should be enough to fit the transaction data into a block and calculate hash values.

Is Shor’s alternative more promising? While the scenario of waking up and finding your wallet empty is terrifying, trying to guess a private address is also a tremendous task, even for a quantum computer.

Shor’s algorithm can factor large prime numbers and solve the problems that protect your keys.

If the public key is known, “an attacker with a quantum computer of about 1500 qubits can solve it,” researchers at the Centre for Cryptocurrency Research and Engineering of Imperial College London write.

Then the attacker would be indistinguishable from the original owner, as he could sign transactions.

If a Quantum computer is fast enough, an attacker could use it to perform live transaction hijacking. Once a public key is revealed in a pending transaction, a malicious actor could steal the bitcoins before the transaction is finalized. Even that may not be needed, as many public addresses are, well, public.

A fork may be needed to make Bitcoin more resistant to quantum attacks. I.e., 20 million qubits at worst would be required to break a 2048-bit RSA encryption, commonly used nowadays for protection, such as credit card data.

Estimates range from hundreds to billions

Cybernews asked 18 IT experts on the Helpareporter platform how many qubits a quantum computer would need to crack Bitcoin.

Jim Sanders, CEO at, sees quantum computing as a double-edged sword. On the one hand, it can potentially solve problems in seconds that our current supercomputers could take thousands of years to solve. Still, on the flip side, it can potentially break most of our current encryption security systems.

“It's like ordering a super-sized fast food meal – it might seem fantastic at the moment, but the aftermath could be slightly less appealing!” he said.

According to him, “the magic number” of qubits is 2,048.

“Don't go throwing out your Bitcoin wallets just yet! Stable qubits are a tall order. At the moment, the largest quantum computers only have a few dozen qubits, and they're not exactly what you'd call stable”, he continued.

Khaled Bentoumi, Co-Founder of AnyIP and software engineer, estimates that to crack Bitcoin in a 24-hour timeframe, a quantum computer with 13 million qubits would be needed, rising to 1.9 billion qubits to do so within Bitcoin's 10-minute confirmation window.

Nikita Sherbina, the co-founder and CEO of, estimates that “the number of qubits required to crack such encryption is estimated to be in the billions,” and humanity is far from producing a quantum computer capable of attacking Bitcoin keys.

Dmitrii Ivashchenko, an expert in software engineering and game development, reckons that the security of Bitcoin and other similar cryptocurrencies may be jeopardized “with thousands of logical qubits.” Cybersecurity experts are already developing quantum-resistant encryption algorithms.

“Quantum computing represents a double-edged sword for encryption security. While it poses a threat to traditional encryption algorithms, ongoing research and development in post-quantum cryptography aim to mitigate these risks,” he says.

Harman Singh, a director at cybersecurity services company Cyphere, shared that “it is estimated that a quantum computer would need around 3000-4000 qubits, based on the complexity of the algorithms used” to break Bitcoin's security.

While Google's current quantum computer has 70 qubits, it is still far from achieving the required number for breaking Bitcoin's cryptography. And some experts believe that it still could take decades to get there.

“Most estimates of the number of qubits to make Shor's algorithm effective for this task is approximately one million qubits. And the qubit counts for Google's and everyone else's current quantum computers are noisy intermediate-scale qubits,” JohnRandall, the CEO of molecular nanotechnology company Zyvex Labs, said.

He believes that our digital encryptions are reasonably safe until we have at least 5 million qubits and possibly up to 1 billion qubits.

Anthony Buzzetta, the founder of tech company G Tier, estimates approximately 2300 qubits and expects that level to be reached around 2030 or sooner.

“People should not worry too much – instead, we should adopt newer methods of quantum-resistant encryption so our data remains safe even in the face of more powerful machines,” he said.

According to Martijn van Nieuwenhoven, a software engineer and publisher of, the number of required qubits could range from a few thousand to millions, based on the complexity of the encryption and the specifics of the quantum algorithm used.“Our current progress is impressive. While we are still decades away from a quantum computer capable of breaking today's encryption, we are moving quickly”, Nieuwenhoven said.

There were some estimates below 100 qubits, but if those were right, Bitcoin would already be in trouble.

“Generally speaking, it is believed that a quantum computer with 50-100 qubits would be powerful enough to break most encryption,” said David Smith, Co-Founder at


Disco D
prefix 4 months ago
What happens when it guesses a seed and is incorrect? Something pops up and says try again. Some lock up after a certain amount of guesses. The point is even if it can guess 100billion guesses a second the software/wallet it’s guessing on can’t keep up with the speed. So a Quantum computer is only as fast as the software is guessing on. It’s total fud and impossible to brute a seed phrase.
Leave a Reply

Your email address will not be published. Required fields are markedmarked