Bitcoin Quantum Threat Is Real But Not Imminent, Says Cathie Wood's Ark Invest

In brief

• A new Ark Invest and Unchained report says quantum computing poses a long-term risk to Bitcoin, not an immediate threat.
• Roughly 35% of the Bitcoin supply could be exposed to quantum attacks under certain conditions.
• Bitcoin may eventually require post-quantum cryptography through a consensus upgrade.

The crypto industry is becoming increasingly aware that quantum computing could eventually challenge the cryptographic systems that secure Bitcoin and other prominent networks. However, the threat is likely years or decades away, according to a new report by Ark Invest—the investment management firm of tech investor Cathie Wood—and Bitcoin-focused financial services firm Unchained. The report published on Wednesday examines whether advances in quantum computing could enable Shor’s algorithm to break the elliptic curve cryptography used to secure Bitcoin wallets. The authors say current quantum machines remain far below the capability required to compromise Bitcoin’s security, echoing comments from quantum computing experts. “Today’s quantum systems lack the capabilities required to compromise Bitcoin. Meaningful breakthroughs would disrupt internet security first, triggering coordinated responses well beyond Bitcoin,” the researchers wrote. “In our view, quantum development will be a gradual technological progression—not a sudden ‘Q-day’ event—giving markets and the Bitcoin network time to adapt.”

The report comes as the conversation around quantum computing and cryptocurrency has steadily increased over the last year, with prominent figures including Coinbase CEO Brian Armstrong, Ethereum co-founder Vitalik Buterin, and Cardano founder Charles Hoskinson addressing the risk.  “Commentators often parse two distinct eras in the development of quantum computing in relation to Bitcoin, one era in which quantum computing cannot affect Bitcoin and another in which it has broken Bitcoin’s underlying cryptography completely,” the report said. Bitcoin’s security relies on hash functions that protect mining and block structure, and elliptic curve cryptography that proves wallet ownership. However, future quantum computers could potentially reverse public keys to recover private keys, raising concerns about “harvest now, decrypt later” attacks in which blockchain data is collected today to exploit it once quantum computers become powerful enough.

The report, however, says today’s quantum computers operate in the “Noisy Intermediate-Scale Quantum,” era, typically using around 100 logical qubits. Breaking a Bitcoin key with a quantum computer would require thousands of high‑quality, error‑corrected qubits and an enormous number of reliable quantum operations—far beyond what today’s quantum machines can do. Because of those limits, the report says any quantum threat to Bitcoin would likely emerge in stages rather than all at once. “In our view, within 10-20 years, the [practical quantum computing] research community will make enough progress on algorithms to give the Bitcoin developer community time to adapt and optimize them for the Bitcoin blockchain, virtual machine, and ecosystem of tools, devices, and companies,” the researchers wrote. Researchers estimate that quantum computers would first become useful in fields such as chemistry before advancing enough to break weaker cryptographic systems. Later, they would become capable of attacking the elliptic curve cryptography used in Bitcoin wallets, initially taking significant time to break individual keys. In its final stage, quantum computers would be able to break keys faster than Bitcoin’s roughly 10-minute block interval. Even if the threat is gradual instead of instant, the report notes a substantial share of Bitcoin’s supply could face exposure if quantum computers eventually break elliptic curve cryptography. “About 1.7 million Bitcoin are held in vulnerable P2PK addresses that are believed to be lost, while another roughly 5.2 million BTC sit in reused or Taproot addresses that could be migrated—together accounting for about 35% of the total Bitcoin supply,” the researchers wrote. The report says Bitcoin developers may eventually need to adopt post-quantum cryptography, a class of cryptographic systems designed to remain secure against quantum computers. In February, developers merged BIP 360 into Bitcoin’s GitHub improvement repository, advancing a potential post-quantum framework for the network. BIP 360 introduces a new output type called Pay-to-Merkle-Root, or P2MR, that would disable a technical feature called key-path spending, which exposes public keys when coins are spent.

Integrating those protections into the Bitcoin network would require changes to its consensus rules, however, a process that depends on agreement across the decentralized community of developers, miners, and users. “Bitcoin isn’t just one piece of software. There’s an entire ecosystem of wallets, hardware devices, and exchanges, and migrating all of that will take time,” BIP 360 co-author and cryptographer Ethan Heilman told Decrypt. “There are still open questions about which algorithms to use and what the right approach is, so discussions about post-quantum upgrades could take five to 10 years.” Bitcoin’s design makes major changes difficult, a feature the report says protects the network but can slow the process of adopting and enacting upgrades. “From that perspective, Bitcoin’s caution represents a tradeoff between adaptability and assurance, which will continue to shape its long-term evolution,” the report said. That dynamic, Heilman said, could also shape how developers prioritize upgrades: “If the threat isn’t urgent, things move slowly. Once it becomes real, development tends to accelerate.” Ark Invest and Unchained did not immediately respond to requests for comment by Decrypt.