Bitcoin can be hacked, quantum’s biggest breakthrough proves it’s not if but when

Bitcoin may look untouchable, but quantum hardware has already shown the beginning of its end. The question is no longer if but when.
- A researcher using IBM’s 133-qubit machine cracked a six-bit elliptic curve key, proving Shor’s algorithm works on real hardware beyond theory.
- History shows cryptographic systems once considered secure, from Enigma to DES to SHA-1, eventually fell as computing methods advanced.
- Bitcoin relies on 256-bit elliptic curve cryptography, which remains unbreakable today, but quantum computing threatens to reduce that strength to a solvable problem.
- Experts estimate billions of physical qubits would be needed to break Bitcoin’s keys, yet progress and government reports warn such machines may arrive within decades.
- Governments, companies, and developers are already preparing post-quantum defenses, but Bitcoin’s upgrade path requires global coordination, making its future security not a question of if but when.
Table of Contents
A scratch on Bitcoin’s long-standing wall
On Sep. 2, Steve Tippeconnic, a researcher using IBM’s 133-qubit machine, achieved something that until recently existed only in theory.
A small elliptic curve cryptographic key was broken with the help of quantum interference, proving that Shor’s algorithm could move beyond the chalkboard and survive real hardware.
The key was only six bits long, giving just 64 possible answers. Any phone today could brute-force it instantly. Yet that was never the point.
The breakthrough lay in showing that quantum circuits running hundreds of thousands of layers deep can still carve out patterns strong enough to reveal the right answer.
The recovered key, k = 42, surfaced three times among the top 100 results after more than sixteen thousand runs. That success rate may sound unimpressive at first, just over one percent, but in cryptography, it meant everything.
It confirmed that a quantum machine could reliably amplify the correct solution even when noise, false candidates, and hardware errors flooded the measurement space. The critical shift was that the math worked in practice, not just in simulation.
For Bitcoin (BTC), nothing changed overnight. Six bits are a child’s toy compared with the 256-bit keys protecting its network. The difference between 64 options and 2^256 possibilities is astronomical. What did change is the conversation.
Today’s standard, tomorrow’s flaw
History shows that cryptographic systems once regarded as secure eventually fail as computing methods advance. The German Enigma machine is the most famous example.
Used extensively by Nazi Germany during the Second World War, Enigma encrypted military communications ranging from submarine movements to battlefield orders.
It relied on a rotating set of substitution ciphers that produced more than 150 quintillion possible configurations, convincing German command that their messages were unbreakable.
Allied codebreakers at Bletchley Park, supported by early mechanical devices such as the Bombe and later the Colossus computer, reduced the problem to manageable form.
The breakthrough exposed German communications in real time and shortened the war, showing for the first time that brute human ingenuity combined with new machines could overcome even vast mathematical defenses.
In the 1970s, the U.S. developed the Data Encryption Standard, or DES, to secure government and commercial communications in an era when banking and computing networks were expanding rapidly.
The 56-bit key length was considered strong enough against contemporary hardware and became a federal standard.
By 1998, however, the Electronic Frontier Foundation demonstrated how quickly progress could erode that security. It built a purpose-designed machine called Deep Crack that brute-forced a DES key in 56 hours at a cost of about $250,000.
Shortly after, the volunteer collective Distributed.net combined global computing resources to shrink the attack time to just 22 hours.
These milestones proved DES obsolete. Within a few years, it was formally retired and replaced by the Advanced Encryption Standard, which continues to protect government, corporate, and consumer systems today.
Hash functions followed a similar path. The SHA-1 algorithm, introduced in 1995, became the backbone of digital certificates, software updates, and online signatures, securing much of the early web.
For years, it resisted practical attack and was trusted by browsers, certificate authorities, and governments. That confidence ended in 2017 when researchers from Google and CWI Amsterdam announced SHAttered, the first practical collision attack on SHA-1.
They produced two distinct PDF files with the same hash, proving that the algorithm could be manipulated and was no longer reliable for security.
Within months, major browsers and certificate authorities abandoned SHA-1, forcing the shift to stronger standards such as SHA-256.
These cases reveal a consistent pattern. Systems once thought unassailable eventually became vulnerable, not through design flaws but because computing power and algorithms kept advancing.
Billions of qubits away from a breakthrough
Bitcoin’s elliptic curve cryptography relies on 256-bit keys. That size equates to about 1.16 × 10^77 possible combinations.
According to NIST standards, a 256-bit key provides 128-bit security strength, which is considered computationally infeasible to brute force on classical machines. Independent estimates show such an attack would take longer than the age of the universe.
Quantum computing introduces a different model. Shor’s algorithm reduces the problem of discrete logarithms from exponential to polynomial time, scaling with the cube of the input size rather than with 2^n.
A 2017 study by Microsoft researcher Martin Roetteler and colleagues estimated that breaking a 256-bit elliptic curve key would take on the order of a few thousand logical qubits, around 2,300 by their calculations
Since today’s qubits are error-prone, those logical qubits would translate into billions of physical qubits once error correction is factored in.
Current hardware is nowhere near that scale. IBM’s largest processor, Condor, unveiled in December 2023, has 1,121 qubits, while Google’s Willow chip reached 105 qubits in 2024. Yet even these leading prototypes still rely on noisy qubits that cannot sustain long or error-corrected algorithms.
According to a 2025 report by the U.S. Government Accountability Office, experts foresee the potential emergence of cryptographically relevant quantum computers capable of breaking widely used public key encryption within about 10 to 20 years.
The Global Risk Institute’s 2024 expert survey echoes the uncertainty, suggesting such systems remain plausibly feasible over the long term, though still decades away.
Building defenses before the quantum storm
Governments and companies have already started planning for a time when today’s encryption no longer holds.
In 2016, the U.S. National Institute of Standards and Technology (NIST) opened a global competition to design quantum-resistant cryptography. From more than 80 submissions, four algorithms were selected in 2022 for standardization.
These include CRYSTALS-Kyber for key exchange and CRYSTALS-Dilithium, Falcon, and SPHINCS+ for digital signatures. NIST has stated that formal standards will be published by 2026, giving governments and industries a clear path toward migration.
National security agencies are tying policy to these technical standards. The U.S. National Security Agency has mandated that all classified and national security systems move to post-quantum algorithms by 2035, and Canada and the European Union have launched similar initiatives.
Cloudflare has moved beyond planning. As of early 2025, more than 38 % of all human HTTPS traffic across its network uses hybrid TLS, a mix of classical and post-quantum key exchange by default. In some European countries, post-quantum encryption already exceeds 50 % adoption.
The company has also built post-quantum protection into its Zero Trust suite, extending coverage to internal corporate traffic via platforms like Gateway, Access, and WARP clients, with full support rolling out by mid-2025.
Central banks and financial regulators have issued guidance warning institutions to prepare for “harvest now, decrypt later” risks, where encrypted records captured today could be exposed once quantum machines reach the required scale.
Bitcoin sits within this larger transition. Its reliance on the elliptic curve secp256k1 makes it directly exposed to quantum advances, yet protocol changes require global coordination.
Academic proposals describe how new signature schemes could be introduced through optional script upgrades, allowing post-quantum addresses to exist alongside classical ones.
Developer discussions show both the urgency and the difficulty of such changes, since even minor upgrades require consensus across miners, exchanges, and users.
The six-bit elliptic curve experiment on IBM’s ibm_torino machine in 2025 proved the concept at a small scale, showing that Shor’s algorithm could run on real hardware rather than only in theory.
Tasks that once seemed impossible often become routine once methods and machines catch up. Factoring large integers, once out of reach, is now trivial for classical algorithms up to many hundreds of digits. Protein folding, long thought unsolvable, is now handled by AI models in minutes.
The same arc applies to cryptography. Bitcoin’s 256-bit wall cannot be breached today, but the mathematics, algorithms, and hardware roadmaps all point to a future where that barrier may no longer hold.