Can Quantum Computing Actually Hack Bitcoin?

Alex DAlex D
7 min
Post image

For a long time, the answer was no.

The math protecting Bitcoin is so hard to crack, that even the world’s fastest computers wouldn’t get close in billions of years. Meanwhile, you might have seen headlines like “Quantum computer breaks encryption” or “Bitcoin could be hacked within a decade.

Every few months, a new chip announcement sends a wave of fear through crypto forums, and a fresh round of questions about whether any of this is real.

The thing is… the math behind quantum hacking is mathing. But the engineering for it isn’t there. Yet.

Good news is that Bitcoin has a plan for when that changes.

In this article, we will break down how that quantum hack could actually work, and if crypto can resist it.

Key Takeaways

  • ECDSA, Bitcoin's cryptographic lock, can theoretically be broken by a quantum computer using Shor's Algorithm.
  • A 2026 Google Quantum AI paper brought that timeline closer than previously thought.
  • Addresses that have never sent a transaction are safer: the public key stays hidden behind a hash that quantum computers can't easily reverse.
  • Bitcoin has an upgrade path. BIP-360 and similar proposals are already in development.
  • The bigger near-term risk is panic, not an actual hack — fear of a quantum breakthrough could trigger a Bitcoin drop well before any coin is touched.

How the Hack Would Actually Work

Bitcoin has long been considered hack-proof — and for good reason. It protects your funds with two linked pieces of information:

  • A private key is a secret number known only to you.
  • A public key is mathematically derived from the private key, and is shared with the network when you spend funds.

OK, so… how does that protect anything?

Deriving the private key from the public key is effectively impossible for any classical computer. The math involved, called elliptic curve cryptography, would take billions of years to crack by brute force.

To put that in perspective, any Bitcoin mining rig running today (or a million of them working together) wouldn't even make a dent.

Elliptic curve cryptography has no known shortcut — at least, for classical computers. Quantum hardware is a different story. Using Shor's Algorithm, a mathematical procedure designed specifically for quantum computers, it could work backward from a public key to a private key in hours, not ages.

The most exposed addresses are the oldest ones. In Bitcoin’s early days, addresses exposed the public key directly on the blockchain; this format was called P2PK (Pay to Public Key).

Satoshi Nakamoto’s original coins sit in addresses like these. A powerful enough quantum attacker would target them first. There's a second attack vector that gets less attention: live transactions. When you send Bitcoin, your public key is briefly visible in the network's waiting queue called the mempool. It can be seen before the transaction is confirmed in a block, typically within 10 minutes.

A 2026 paper from Google Quantum AI identifies this as an "on-spend attack": a fast enough quantum computer could crack the exposed public key and broadcast a competing transaction before the original confirms. Coins stored in old addresses are the easier long-term target, but this real-time window is the more immediate one.

And what about mining? The key-cracking threat gets most of the attention, and for good reason. But there's a separate question about mining. Quantum computers could theoretically use Grover’s Algorithm to search for valid blocks faster than any bitcoin mining rig can today. In practice, this gives roughly a quadratic speedup — significant, but far less dramatic than the key-cracking threat. Every two weeks, the Bitcoin network automatically adjusts its difficulty, the necessary mathematical target for miners. This would counteract any quantum mining advantage over time.

Why Most Bitcoin Is Safer Than You Think

The theories have a very strong footing. However, here’s the part that they usually don’t cover in those fear-inducing news.

When you receive Bitcoin, what gets shared publicly isn’t your public key, but a hash of it. Think of hashing as a one-way blender: you can put ingredients in, but you can't reconstruct them from the smoothie. The math behind it is designed to be irreversible. This is fundamentally different from encryption, where the process can be run in both directions.

Shor’s Algorithm breaks the relationship between private and public keys, but it cannot reverse a hash. So, as long as an address has never been used to send a transaction, the public key has never been revealed on-chain. This way, a quantum attacker has no starting point, and there’s nothing to work backward from.

The risk is real only for addresses where the public key is already visible. That includes P2PK addresses (the old Satoshi-era format) and any address that has already sent at least one transaction, because sending reveals the public key on the blockchain.

The practical takeaway is using a fresh address for every transaction you receive, which most modern wallets do automatically. This keeps you meaningfully protected even in a world with more capable quantum computers.

How Far Away Is This, Actually?

It was believed breaking Bitcoin's encryption with Shor's Algorithm would require a quantum computer running roughly 4,000 stable logical qubits — units of quantum information that remain coherent long enough to complete the calculation without errors.

However, a 2026 paper from Google Quantum AI significantly updated these numbers. 

Think of logical qubits like a reliable worker, and physical qubits like an error-prone worker. You need many physical qubits working together just to simulate one reliable logical qubit. So, the researchers found that breaking Bitcoin's encryption would need fewer than 1,200 reliable qubits, which translates to under 500,000 of the error-prone kind. That's roughly a 20-fold reduction from previous estimates. Google has set its own post-quantum security migration deadline at 2029, which tells you something about the timeline they consider credible.

That timeline isn’t a reason to ignore the issue, but it does reframe the question. The threat to ask about in 2026 isn’t “can Bitcoin be hacked today?”

It is “Will Bitcoin be ready when the hardware catches up?”

Bitcoin’s Defense Plan

The answer, based on current development, is yes — provided the community moves fast enough.

Bitcoin upgrades through a process called a soft fork, which adjusts the network’s rules in a way that keeps older software compatible. The network has upgraded before without breaking anything for existing users: Taproot in 2021 is the most recent example.

BIP-360, a Bitcoin Improvement Proposal currently under discussion, proposes a new address format designed to be resistant to quantum attacks. It would use lattice-based cryptography, a family of mathematical problems that quantum computers have no known efficient algorithm to solve. Users would gradually migrate funds from old addresses to new quantum-safe ones, similar to how wallets have adopted new address formats in previous upgrades.

Pieter Wuille, one of Bitcoin’s most prolific protocol contributors, has written publicly that Bitcoin’s cryptographic assumptions can be changed without breaking the network. The challenge is coordination and timing, not technical impossibility. That reflects the current expert consensus: the upgrade path exists, the question is how to execute it. However, Google explicitly called out Bitcoin’s decentralized governance as a challenge — consensus-based upgrades such as BIP-360 take time, and the community needs to start moving now.

Millions of Bitcoin sit in wallets where the private keys are lost forever — including a significant portion of Satoshi’s original coins. Those coins can’t be migrated because nobody can sign a transaction to move them. A powerful quantum attacker could eventually claim them. If that happens, the sudden appearance of long-dormant coins hitting exchanges would likely trigger a sharp Bitcoin drop, even if the underlying network security had already been patched.

The Risks Worth Watching

Three scenarios deserve attention, none of which require Bitcoin to “be hacked” in the traditional sense.

Lost coin exposure. Roughly 20% of all Bitcoin hasn’t moved in over a decade, and some of it sits in vulnerable P2PK addresses. Those coins cannot be proactively protected. A future quantum attacker might drain them — not to steal from active users, but the market impact could still be severe.

Rushed migration chaos. A soft fork that moves too fast risks bugs, community disagreement, or a chain split where one group adopts the new standard and another doesn’t. History shows that Bitcoin upgrades can take years of debate. If the quantum timeline shortens unexpectedly, that’s a problem.

First-mover advantage. The first government or corporation to build a cryptographically capable quantum computer will have a window — potentially months or years — where they can exploit old addresses before the rest of the world catches up. That asymmetry is real and worth monitoring.

None of these scenarios mean Bitcoin goes to zero. They mean the transition period carries genuine risk, and anyone claiming otherwise isn’t being fully honest about it.

Ultimately, this is an arms race. Quantum hardware is on one side, cryptographic upgrades are on the other. As of now, developers are ahead. But the margin is narrowing, and the window to act is shorter than most people realize. 

FAQ

Can Bitcoin actually be hacked by a quantum computer? With current hardware, no. Breaking Bitcoin’s encryption requires millions of error-corrected operations that today’s quantum computers can’t sustain. The theoretical vulnerability is real; the practical threat is years away.

How does Bitcoin vs. quantum computing play out long-term? It’s a race between hardware development and protocol upgrades. Bitcoin developers are already working on post-quantum cryptography. If the upgrade ships before hardware catches up — which current timelines suggest is achievable — Bitcoin survives the transition intact.

Could this cause a crypto crash? A major quantum computing announcement could absolutely cause a market drop, even without a single coin being stolen. Fear moves markets faster than facts. The more likely near-term scenario isn’t a hack but a panic.

Is there anything you can do right now? Use a wallet that generates a fresh address for every incoming transaction — most modern wallets do this by default. Avoid reusing old addresses. And stay away from very old wallets you’ve had since Bitcoin’s early days without migrating them; those may expose public keys in the older P2PK format.

What’s the safest way to hold Bitcoin against this threat? New address for every transaction. Hardware wallet with up-to-date firmware. And pay attention when post-quantum Bitcoin upgrade proposals move from discussion to activation — that’s when you’ll want to migrate any significant holdings.

Still have questions? GoMining Academy is a free, ever-growing collection of courses, guides, and articles on everything crypto — written for real people. No tech jargon. No prior crypto knowledge required. Start anywhere.

Telegram | Discord | Twitter (X) | Medium | Instagram


Disclaimer: By accessing this website, you agree to be bound by the following terms and conditions: (a) Under no circumstances should any material in this website be construed as an offering of securities or crypto assets or as investment advice; (b) The reader should consult with his/her professional investment advisor regarding investments in crypto projects (if any); (c) information contained herein is for informational and educational purposes only. Our website is for informational purposes only and does not constitute an offer or solicitation to sell securities or crypto assets. None of the information or analyses presented are intended to form the basis for any investment decision, and no specific recommendations are intended. Accordingly, our website does not constitute investment advice or counsel or solicitation for investment in any security or crypto asset. This website does not constitute or form part of, and should not be construed as, any offer for sale or subscription of, or any invitation to offer to buy or subscribe for, any securities or crypto asset, nor should it or any part of it form the basis of, or be relied on in any connection with, any contract or commitment whatsoever. The Company expressly disclaims any and all responsibility for any direct or consequential loss or damage of any kind whatsoever arising directly or indirectly from: (i) reliance on any information contained in the website, (ii) any error, omission or inaccuracy in any such information or (iii) any action resulting therefrom. The information provided herein is not intended to replace or serve as a substitute for any legal, real estate, tax, or other professional advice, consultation or service. Please consult with a professional in the respective legal, tax, accounting, real estate, or other professional area before making any decisions or entering into any contracts. For more info, see our Terms of Use