+2.15%
+2.28%
-0.69%
+0.28%
-0.08%
+0.04%
The core of blockchain security, including Bitcoin’s, relies on Elliptic Curve Cryptography (ECC), which protects the relationship between a user’s public and private keys. Guillemet explained that once quantum computers become sufficiently powerful, they could theoretically break ECC. This would allow an attacker to derive a private key from a publicly exposed key, granting them control over the associated funds.
While many modern Bitcoin transactions only reveal a hash of the public key initially, the full public key is exposed on-chain when the funds are spent. Guillemet noted that significant vulnerabilities exist from past practices, stating that public keys are already exposed in early transaction outputs and through address reuse, making them permanent targets for a future quantum attack.
The scale of this potential vulnerability is substantial. According to security experts, the threat extends to a significant portion of Bitcoin’s supply. The primary assets at risk include:
- Approximately seven million BTC, out of a circulating supply of nearly 20 million.
- Coins from Bitcoin’s earliest days that used “pay-to-public-key” (P2PK) transactions, which embedded public keys directly on the blockchain.
- An estimated one million BTC attributed to Bitcoin’s creator, Satoshi Nakamoto.
The CTO of Ledger emphasized that a wait and see
approach is not a viable option, as preparations must begin long before quantum capabilities become a reality.
The industry is actively researching solutions through post-quantum cryptography (PQC), which involves developing new, quantum-resistant signature schemes. Guillemet highlighted two main families: hash-based signatures, which are well-studied but large, and lattice-based signatures, which are more modern and scalable but have undergone less long-term analysis. Ledger is reportedly conducting experiments to implement PQC within its hardware wallets’ Secure Elements, though it faces challenges with RAM and computational costs.
The crypto industry is beginning to formalize its response to the quantum threat. Ethereum co-founder Vitalik Buterin recently outlined a potential roadmap to harden the Ethereum network against such attacks. For Bitcoin, any transition would likely require a network-wide consensus for a major protocol upgrade. Guillemet stressed that securely implementing PQC math into hardware signers under real-world constraints is a critical and complex next step for the entire industry.
While the threat is not immediate, users can adopt best practices for long-term security. This includes avoiding address reuse to minimize public key exposure and staying informed about network-level discussions regarding post-quantum cryptographic upgrades. Understanding the difference between older P2PK addresses and modern Pay to Public Key Hash (P2PKH) or SegWit addresses can also provide context for the evolving security landscape.
Follow Hashlytics on Bluesky, LinkedIn , Telegram and X to Get Instant Updates
