Quantum Threat Moves From Theory Into Measurable Reality
The quantum computing threat to Bitcoin has crossed an important threshold. As first reported by CoinDesk, independent researcher Giancarlo Lelli has broken a 15-bit elliptic curve cryptography (ECC) key on publicly accessible quantum hardware, earning a 1 bitcoin bounty from quantum security startup Project Eleven. The breakthrough represents a 512-fold increase from the previous public demonstration achieved just seven months earlier.
The achievement matters because it shows the practical difficulty of quantum attacks on blockchain cryptography is declining faster than many anticipated. Lelli’s work wasn’t conducted on proprietary hardware in a national laboratory. It happened on cloud-accessible quantum machines available to researchers worldwide.
How Bitcoin’s Security Actually Works
Bitcoin’s security depends on elliptic curve cryptography—the mathematical foundation that allows wallet owners to prove they control funds without exposing private keys. A public key is visible on the ledger. Deriving the corresponding private key from that public information should be computationally impossible with classical computers.
Quantum computers running Shor’s algorithm, proposed in 1994, fundamentally change that equation. The algorithm exploits quantum properties to attack the mathematical structure securing those signatures in ways conventional computers cannot.
Lelli’s 15-bit result doesn’t mean Bitcoin faces imminent danger. The network uses 256-bit ECC security. A 15-bit key space contains only 32,767 possibilities—trivial compared to the 2^256 combinations protecting actual Bitcoin addresses. The prize framework was designed to track whether quantum attacks are shifting from academic papers into demonstrated reality on actual hardware.
The Pace of Progress Is Accelerating
What’s troubling researchers isn’t the current demonstration but the trajectory. Steve Tippeconnic achieved a 6-bit break using IBM’s 133-qubit quantum computer in September 2025. Lelli’s improvement in just seven months suggests the difficulty curve is steepening.
Theoretical resource estimates dropped even more dramatically. A Google Research paper published last month estimated a full 256-bit attack would require fewer than 500,000 physical qubits. Previous calculations put the requirement in the millions.
“The resource requirements for this type of attack keep dropping, and the barrier to running it in practice is dropping with them,” Project Eleven CEO Alex Pruden said.
The At-Risk Portion of Bitcoin’s Supply
The practical vulnerability concentrates on addresses where public keys are already exposed on-chain. Bitcoin holders who’ve spent from their addresses or interacted with smart contracts have revealed their public keys. Project Eleven estimates roughly 6.9 million bitcoin—about one-third of total supply—sit in such vulnerable addresses. That includes approximately 1 million bitcoin attributed to Satoshi Nakamoto, dormant since the network’s earliest blocks.
A sufficiently powerful quantum computer running Shor’s algorithm could work through these exposed wallets sequentially. The holder would have no opportunity to move funds to quantum-resistant addresses.
Migration Plans Already In Motion
Bitcoin developers aren’t waiting for quantum computers to become practical threats. Bitcoin Improvement Proposal 360 (BIP-360) would introduce quantum-safe address types. Ethereum, Tron, StarkWare, and Ripple have each published post-quantum transition plans.
The security community’s challenge is implementing these changes before quantum computers reach the threshold where 256-bit ECC becomes breakable. Lelli’s 512x improvement in seven months suggests that transition period may compress faster than previously calculated.
The race between quantum hardware advancement and blockchain cryptographic migration has entered a new, measurable phase.