For some time now, there has been renewed discussion about the problems that quantum computing could create for Bitcoin.
To tell the truth, false news has also spread regarding unlikely imminent risks, but it should not be forgotten that the risk is indeed there.
Summary
- The risks of quantum computing for Bitcoin
- The current risks
- The future risks of quantum computing for the Bitcoin network
- The proposed solutions
- Bitcoin will strengthen
The risks of quantum computing for Bitcoin
The main problem seems to be related to the signatures of the transactions.
In reality, it is not a specific problem of Bitcoin, but of any other computer protocol that uses similar digital signatures.
The Bitcoin protocol uses the Elliptic Curve Digital Signature Algorithm (ECDSA), which uses the Secp256k1 and SHA256 functions.
The hypothesis circulating is that sooner or later quantum computing could be able to “crack” in particular SHA256, thanks to its enormous computing power.
It must be remembered that quantum computers are not simply more powerful than current ones, but they are immensely more so. By exploiting the peculiarities of quantum physics, they are capable of multiplying by thousands or even millions of times the number of operations they can perform in the same unit of time.
The current risks
Currently, as far as is known, there is no quantum computer in the world capable of “cracking” SHA256.
Indeed, according to what has been stated by several experts, it will presumably take years before a similar machine is commercially available.
However, the evolution of this sector is so rapid that it might not take many decades before reaching that point.
For example, a few weeks ago Google announced a new quantum chip, called Willow, which would be able to solve in five minutes a task that current supercomputers would take many years to complete.
However, according to a former senior product manager at Google, Kevin Rose, even Willow is still far from posing a threat to Bitcoin.
Suffice it to say that Willow uses 105 qubits, while according to Rose, about 13 million qubits would be needed to compromise Bitcoin’s encryption in 24 hours.
The future risks of quantum computing for the Bitcoin network
Despite this, risks exist, also because in the crypto field different cryptographic functions are used that do not all have the same degree of resistance to quantum computers.
It will therefore be necessary to examine them one by one, and for all those that present excessive risks, a solution will need to be found, starting with those that face the most imminent risks.
As for Bitcoin, the most critical point, and therefore the most urgent to address, seems to be the signatures.
Also in this case, however, these are not at all imminent risks, but ones that could become so within a few decades, or perhaps even less.
The reassuring thing, however, is that all this is already well known, and in some cases, possible solutions have already been found.
However, the Bitcoin protocol is very difficult to update (that is, to modify), so it is necessary to start studying the solutions well in advance to avoid not having the necessary time to ensure that they can be adopted by all the bitcoiner.
The proposed solutions
One of these solutions was hypothesized by Adam Black, the only person to be mentioned by Satoshi Nakamoto in the text of the whitepaper with which he created the Bitcoin protocol.
maybe not needed. you can be quantum ready using a taproot leaf committing to a future soft-forkable PQ signature opcode, and a hash-based key scheme. then you can migrate to that PQ ready Schnorr signature, while only paying current signature sizes. then people will calm down.
— Adam Back (@adam3us) December 21, 2024
According to Back, in fact, one could already use the PQ signature opcode of Taproot with a simple soft-fork.
Taproot uses the so-called “Schnorr signatures,” which are already quantum resistance.
A soft-fork would allow the use of an updated version of the Bitcoin protocol compatible with the previous version, so according to what Back claims, anyone could already use, in theory, an updated version with a soft-fork that uses Schnorr signatures quantum resistance instead of the non-quantum resistance ones used now.
If this solution worked, it would not be particularly difficult to use it, unlike a hard-fork that would instead effectively create a new protocol not compatible with the one currently in use.
Back himself also adds that such a solution might only become necessary several decades from now, and the search for quantum resistance signatures could be added to Bitcoin in the coming years as an optional feature.
Bitcoin will strengthen
The hypothesis that Back subtly suggests is that of a Bitcoin protocol that will inevitably strengthen in the future, precisely thanks to the solutions that will be introduced to withstand attacks from quantum computers.
The fact that on one hand there is a lot of time available to intervene, and on the other hand there are already solutions available, means that one can fully expect an evolution, rather than an implosion.
Moreover, this is not only true for Bitcoin, but also for Ethereum and other crypto platforms.
Indeed, since there are many crypto platforms, some of which are also decidedly different from each other on a technical level, it is possible to experiment with many different solutions in various fields, albeit all IT-related, in order to develop and test many different solutions.
All this makes the risk that quantum computing could put Bitcoin in crisis in the coming years really minimal at the current state. It will probably take at least a decade before such risks can become concretely relevant.