Researcher cracks 15-bit Bitcoin-like key on public quantum device

Giancarlo Lelli ran a variant of Shor’s algorithm on a publicly accessible quantum device with roughly 70 qubits to recover a 15-bit elliptic-curve key modeled on Bitcoin’s signature scheme. The key space contained 32,767 possible values and the attack completed in minutes.

Project Eleven awarded Lelli its 1 BTC Q-Day Prize for the largest public quantum attack on elliptic-curve cryptography to date. The prize was launched in 2025 and judged by a panel of quantum researchers from academia and industry. Project Eleven described the demonstration as about a 512-times increase over the size of the previous public result.

The 15-bit test is far smaller than the 256-bit keys that protect real Bitcoin wallets. Alex Pruden, Project Eleven’s chief executive, warned the result does not mean current cryptocurrencies are immediately at risk. “We’re still far, objectively, from the point at which you could actually break Bitcoin,” Pruden said, and he noted advances in artificial intelligence could speed progress by improving quantum error correction or helping identify weaker targets.

Researchers and companies are publishing hardware roadmaps and nearer timelines for cryptographically relevant machines. Google has set a 2029 target to migrate systems to post-quantum cryptography. One research estimate from Google staff suggested that, under certain assumptions, fewer than 500,000 physical qubits might be required to break Bitcoin-class keys; a Caltech and Oratomic study estimated roughly 10,000 to 20,000 qubits using a neutral-atom architecture. Estimates vary by hardware design, error correction and algorithmic assumptions.

Project Eleven noted about 6.9 million Bitcoin sit in addresses with public keys visible on-chain and could become vulnerable if large-scale quantum computers capable of running Shor-style attacks on 256-bit elliptic curves are built. Work to reduce that exposure is underway in the cryptocurrency community.

A researcher at StarkWare proposed a “Quantum-Safe Bitcoin” transaction scheme that would fit within Bitcoin’s existing scripting rules and would not require a soft fork. Developers are also discussing proposals such as BIP-360, which would add a quantum-resistant transaction format, and BIP-361, which would phase out older signature schemes. The Ethereum Foundation has formed a post-quantum security team, and Ethereum co-founder Vitalik Buterin has outlined steps to replace vulnerable cryptographic components.

Project Eleven created the 1 BTC bounty to encourage public demonstrations and benchmarking of quantum attacks against modern cryptography. The organization stated submissions are judged by independent experts and urged the community to monitor advances in hardware, error correction and algorithm design that could change the timeline to large-scale, cryptographically relevant quantum machines.