Foreword

In recent years, the relationship between quantum computing and Bitcoin has gradually become a topic of great concern in the field of crypto assets. On the one hand, quantum computing is regarded as the "ultimate weapon" that may subvert the basis of existing cryptography; on the other hand, as a decentralized digital gold, whether the security of Bitcoin will be completely destroyed by quantum technology has also become a lingering question in the minds of investors.

In March 2026, ARK Invest and Unchained jointly released a white paper "Bitcoin And Quantum Computing", systematically responded to this issue. This article will start from the basic concepts of quantum computing, sort out the current technology stage and future evolution path, and extract core suggestions for investors.

What is quantum computing? Why does it threaten Bitcoin?

Quantum computing is a new computing method based on the principles of quantum mechanics. Traditional computers use "bits" as units of information, and each bit can only be in a 0 or 1 state. Quantum computers use "qubits", which can be in a superposition stateof 0 and 1 at the same time under certain conditions. This allows quantum computers to theoretically achieve exponential acceleration when dealing with certain complex problems.

Bitcoin's security relies on two main cryptographic mechanisms: elliptic curve encryption for transaction signatures, and hash functions for proof of work and workload chaining. Quantum computing poses a direct threat to elliptic curve encryption, especially the Shor algorithm, which can efficiently crack elliptic curve keys on a sufficiently powerful quantum computer. This means that if quantum computing power reaches a certain critical point, an attacker could derive private keys from public Bitcoin addresses and steal assets.

But it is worth noting that hash functions are relatively resistant to quantum computing. Therefore, the core focus of the quantum threat is on elliptic curve cryptography, not Bitcoin's overall architecture.

What is the current stage of quantum computing?

ARK white paper divides the development of quantum computing into five stages. We are still in the earliest stage - Stage 0.

At this stage, although quantum computers already exist in laboratories, they do not yet have any commercial value. Researchers call the present"NISQ era", that is,"noisy mesoscale quantum"era. The most advanced quantum systems currently have less than 100 logical qubits, and the circuit depth is in the hundreds, far from the 2,330 logical qubits and tens to hundreds of millions of quantum gate operations required to crack Bitcoin's elliptic curve encryption.

Quantum computers at this stage are mainly used for basic physics experiments and theoretical research, and cannot pose a substantial threat to cryptographic systems in the real world. Although the world has invested approximately 60 billionin quantum computing research and development, no company has yet been able to make a profit from it. Quantum computing is still a research-led field, mainly concentrated inthe United States, Europe and China.

The evolution path of quantum threats:From theory to reality

ARK white paper points out that the threat from quantum computing to Bitcoin will not be a "Q-Day" style sudden disaster, but a gradual evolutionary process.

Stage 1: Commercial practicality stage

Quantum computers are the first to realize commercial value in chemical simulation, materials science and other fields, for example, surpassing classical computers in catalyst discovery, fluid dynamics simulation and other aspects. This stage will still not threaten Bitcoin, but it will accumulate technology and industrial foundation for subsequent development.

Stage 2: Cracking weak passwords

Quantum computers are beginning to be able to crack some encryption systems with old or weak keys, such as weak encryption protocols left over from history. Bitcoin is still safe at this time, but concerns and expectations about quantum risks may begin to emerge in the market.

Stage 3: Slow cracking of Bitcoin keys

Quantum computers successfully cracked the 256-bit elliptic curve public key for the first time, but it took a long time to crack a single key (such as hours to days). At this time, approximately 1.7 million Bitcoins (mostly lost coins) stored in early P2PK addresses will be at risk, and approximately 5.2 million Bitcoins can be protected by migrating to quantum-resistant addresses.

Stage 4: Quick cracking stage

Quantum computers can complete key cracking within the Bitcoin block time (10 minutes). At this time, even users who use quantum-resistant addresses may face attacks during transactions. This stage will pose a systemic threat to the Bitcoin network and must be preceded by protocol-level post-quantum cryptography upgrades.

Investors’ core concerns

ARK's white paper raises four key questions for investors to help them make rational judgments in the evolution of quantum computing:

1. When will the first Bitcoin public key be cracked?

Mainstream institutions such asNIST, IBM, Googleetc. generally predict that quantum computers with the ability to crack 256-bit elliptic curves may appear in the mid-2030generation. While there are more aggressive or pessimistic forecasts, the overall trend points to a ten to twenty year window.

2. How long was the interval between the first and second public keys being cracked?

ARK white paper believes that the first crack will consume huge resources, and subsequent cracks will not become cheap and fast immediately. For example, if it takes one hour to crack a public key, it would take more than three years to steal Satoshi's approximately 22,000 addresses; if it takes one day, it would take sixty years. This buys the Bitcoin community valuable time to respond.

3. Who will master the cracking ability?

The development of quantum computing will show"decentralization"trend, similar to the evolution path of artificial intelligence. In the future, there will be multiple quantum computing companies around the world, and there may even be quantum computing cloud services, making cracking capabilities widely distributed rather than concentrated on a single entity.

4. How much does it cost to crack a Bitcoin key?

According to a 2023 study by the U.S. Department of Homeland Security, the cost of electricity alone may be as high as more than 100,000 US dollars, but it should be noted that this is only the electricity bill and is far from the full cost of the attack. Building and operating a quantum computer with cracking capabilities also requires huge expenses such as hardware manufacturing, cooling systems, R&D investment, and team maintenance. Its true total cost may be as high as hundreds of millions or even billions of dollars. As the cost of quantum computing decreases and the value of Bitcoin increases, the economic threshold for attacks will gradually decrease, and defense must be deployed in advance.

Quantum cryptography is on the way,Consensus upgrade is the key

ARK white paper emphasizes that research on post-quantum cryptography is ahead of quantum computing. 2024, NISTofficially released two digital signature standards: ML-DSA based on lattice cipher and based on Hash-SLH-DSA. Currently, Internet infrastructures such as OpenSSH, OpenSSLhave begun to enable post-quantum encryption by default, and a large amount of global network traffic has achieved quantum security.

However, introducing post-quantum cryptography into Bitcoin faces unique challenges: Bitcoin's on-chain storage and computing resources are extremely limited, and any upgrade to the consensus level must take into account efficiency, compatibility and security. There are currently proposals such as BIP 360etc., which attempt to implement quantum-resistant addresses without destroying the Taproot function. However, the Bitcoin community has yet to reach a consensus on issues such as the speed of upgrades, the choice of solutions, and whether "quantum fragile but potentially lost" Bitcoins should be frozen.

Three future scenarios:Pessimism, optimism and balance

ARK white paper outlines three possible evolution paths for investors:

• Pessimistic scenario:Quantum computing is advancing by leaps and bounds with the help of AI. The community is caught off guard and hasty upgrades bring technical debt and political divisions. Even so, Bitcoin is still likely to survive, but the process is chaotic.

  
  

• Optimistic scenario: Quantum technology progress slows down, and the community has enough time to carefully choose post-quantum solutions and complete smooth upgrades in a pressure-free environment.

• Balanced scenario:In the next 10-20 years, quantum computing will gradually develop to Stage 3. The community will start consensus building at Stage 1 or Stage 2, and finally complete the upgrade before the arrival of Stage 3. Although the process was controversial, the overall process was controllable.

Summary:Look at risks calmly, Plan the layout rationally

The threat from quantum computing to Bitcoin is real, but far from imminent. Current quantum systems are still in the laboratory stage and are still orders of magnitude away from cracking the Bitcoin key. More importantly, the evolution of quantum threats will be a long, observable process, and Bitcoin and the wider digital asset market, technology and governance will have sufficient time to respond.

For investors, there is no need to panic in the short term, but in the medium and long term, "quantum preparation" should be included in the assessment framework of Bitcoin security. Paying attention to the progress of post-quantum cryptography standards, consensus dynamics in the Bitcoin community, and support for quantum-safe addresses by mainstream wallets and custodians will be key to staying forward-looking over the next decade.

As the ARK white paper says:"Although the evolution speed of Bitcoin is slow, it is this slowness that constitutes the credible guarantee of its monetary policy." In the face of the wave of quantum computing, slowness may be the strongest defense.