Bitcoin’s Quantum Threat: Why Governance, Not Tech, Is the Real Challenge

Bitcoin’s Quantum Threat: A Governance Crisis, Not a Technical One

Bitcoin developers have outlined technical solutions to quantum computing threats, but the real challenge lies in securing network-wide agreement before it’s too late. This is the core argument of a new commentary by Guillaume Girard, venture associate at UTXO Management, a Bitcoin-focused investment firm under Nakamoto Inc.

In his piece, “Bitcoin and the Quantum Threat: A Non-Technical Guide,” Girard asserts that while a cryptographically relevant quantum computer (CRQC) capable of breaking Bitcoin’s encryption may never materialize—or at least not at the required scale—the community must act now. The governance process for protocol changes, he warns, moves at a glacial pace, akin to that of a state legislature.

Why Quantum Computing Poses a Risk to Bitcoin

Bitcoin’s security relies on elliptic curve cryptography, which safeguards private keys controlling wallet access. A sufficiently powerful quantum computer running Shor’s algorithm could derive a private key from an exposed public key, enabling large-scale theft.

Research from Google’s Quantum AI team, published in March, suggests that a machine with fewer than 500,000 physical qubits—far below earlier estimates of 10 million—could potentially break this encryption. Google’s internal target for post-quantum readiness is set for 2029.

Vulnerable Bitcoin Holdings

Approximately 1.7 million BTC are stored in legacy Pay-to-Public-Key (P2PK) addresses, where public keys remain permanently exposed on-chain. These holdings are the most susceptible to quantum attacks.

Proposed Solutions to the Quantum Threat

Several Bitcoin Improvement Proposals (BIPs) have been introduced to address the issue:

• BIP-360 (Pay-to-Merkle-Root, P2MR), authored by developer Hunter Beast, introduces a new output type that eliminates public key exposure in standard transactions. The proposal has been merged into Bitcoin’s development repository and is under active review.
• BIP-361, authored by Jameson Lopp, outlines a three-phase migration away from vulnerable signature schemes. However, Phase B of this plan could freeze coins in wallets that fail to migrate within a five-year window.
• Hourglass, a separate proposal, would limit quantum attackers to moving stolen coins in restricted batches—potentially just one BTC per block. This could throttle economic damage while transferring fee revenue to miners.

The Core Challenge: Governance and Consensus

Girard highlights that the most difficult problem involves coins that cannot migrate, including lost wallets, inactive holders, and an estimated 1.1 million BTC attributed to Satoshi Nakamoto. He identifies two potential solutions, each with significant drawbacks:

• Burning vulnerable coins after a deadline: While effective, critics argue this sets a dangerous precedent for censorship in a protocol built on neutrality.
• Hourglass approach: This accepts that theft will occur but restricts the flow of stolen coins to minimize price impact and market disruption.

Neither solution is without flaws, and both require broad social consensus across users, miners, developers, and—critically—for the first time, large institutional holders like BlackRock.

Institutional Reactions and the Path Forward

The debate has expanded beyond developer mailing lists. Notably, Jefferies recently removed its entire 10% Bitcoin allocation from its pension model, signaling growing institutional concern over quantum risks.

"The quantum computing threat to Bitcoin is not primarily a technical problem — it is a political one."

As the Bitcoin network grapples with this existential question, the urgency of achieving consensus has never been clearer. The question remains: Can the community move fast enough to avert a potential crisis?