Bernstein: Bitcoin has 3-5 years to prepare for quantum risk

Bernstein Research says Bitcoin has roughly three to five years to prepare for threats from quantum computing, according to a research note assessing the network’s cryptographic exposure.

The firm explains that Bitcoin security depends on elliptic curve digital signatures using secp256k1 and on SHA-256 hashing. Quantum algorithms could weaken both. Shor’s algorithm can recover private keys from public keys, while Grover’s algorithm reduces the effective security of hash functions. Public keys become visible when addresses are spent, which makes spent addresses the most immediate point of vulnerability.

Bernstein estimates a break of Bitcoin’s signature scheme is not imminent but could occur within three to five years if quantum hardware and error correction progress maintain current pace. The timeline depends on milestones such as the number of logical, error-corrected qubits and improvements in coherence times and gate fidelity. The note adds that fully fault-tolerant, large-scale quantum machines remain difficult to build even as research teams advance components.

The report recommends developers, exchanges, custodians and wallet providers begin planning migration and mitigation strategies. Suggested measures include discouraging address reuse, shifting funds from addresses that have exposed public keys, and researching and testing post-quantum signature schemes to replace or augment secp256k1. Bernstein notes that changing Bitcoin’s signature algorithm at scale will require coordinated software upgrades and careful handling of legacy addresses to avoid loss of funds or operational disruption.

The note outlines implementation challenges. Deploying a quantum-resistant scheme would likely need a protocol change and broad adoption by miners, node operators and wallet vendors. Some candidate algorithms produce larger signatures or require different verification steps, which could affect transaction size, fees and compatibility with existing hardware wallets. Custodial services and exchanges may face complex logistics when migrating keys while maintaining customer access.

The research note states, “We estimate a three- to five-year window for Bitcoin to implement countermeasures before scalable quantum machines threaten its core cryptography.” Bernstein recommends that market participants assess exposure, prioritize migration for high-value holdings and support research into interoperable post-quantum solutions.