With all the leaps in technology and the rapid emergence of AI, we know that some Bitcoin addresses (especially older ones) are more vulnerable to future advances in quantum computing (QC). So why don’t we make Bitcoin quantum-resistant today?

Is it because QC would be a death sentence for Bitcoin? If not, why are we so reluctant to implement a solution once and for all?

Bitcoin is indeed vulnerable to quantum attacks, and older address types such as P2PK are particularly exposed. But that doesn’t mean we don’t have options. In fact, the good news is that we do have potential solutions, and Bitcoin cryptographers discuss them constantly. (If you want to follow these conversations, I highly recommend the Bitcoin Optech podcast and newsletter.) There are active debates about everything from quantum-resistant signature schemes to what should happen to Satoshi’s coins if QC suddenly became capable of breaking Bitcoin. Should those coins become unspendable, or should they remain untouched?

Some proposals would require a hard fork to make Bitcoin quantum-resistant, while others could be deployed, even if QC became a real threat tomorrow—without a hard fork.

The reality is that these proposals need to be debated, criticized, and stress-tested. We need to weigh their pros and cons and ask which ones preserve the features we’ve come to value: securing Bitcoin with 12-word seed phrases, enabling easy recovery of funds, maintaining low transaction fees, and supporting multisig setups. We also need to be confident that any implementation doesn’t introduce bugs or tradeoffs that could threaten Bitcoin’s long-term security and usability.

On top of that, we still don’t know when (or even if) quantum computers will become powerful enough to crack Bitcoin private keys. It won’t happen overnight. Progress will likely be gradual, and attackers would first target the most valuable exposed UTXOs rather than every key on the network.

The current expectation is that within the next five years, we’ll have a much clearer picture of the quantum landscape and be in a better position to choose the right cryptographic approach. Some protocol changes are extremely costly and, in the case of a hard fork, effectively irreversible. So why rush into a solution that may protect Bitcoin from QC at a high cost when better alternatives could emerge through continued research and community consensus?

The fact that Bitcoin is not already quantum-resistant doesn’t mean developers are sitting around waiting for disaster. On the contrary, they’re actively evaluating proposals and debating the tradeoffs. As Bitcoin users, we should pay attention to those discussions and help shape the standard the ecosystem ultimately converges on.

Follow Bitcoin Optech here: https://bitcoinops.org/

Enjoyed this? Send a zap to keep these articles coming.