Loading prices…
🩸BEARISH

Bit ECC Cracked on Quantum Hardware — Is BTC Still at Risk?

A 1 BTC bounty was the prize for breaking 15-bit ECC — but the math extrapolates to roughly 500,000 qubits for 256-bit, with an estimated 6.9 million BTC sitting in address types that would need a…

Independent researcher Giancarlo Lelli broke a 15-bit ECC key on public quantum hardware, claiming a 1 BTC bounty and posting the largest public quantum attack demonstration to date. ECC is the elliptic-curve cryptography underpinning $BTC addresses and most modern public-key infrastructure.

Why it matters

The 15-bit crack itself is not a Bitcoin threat — production wallets use 256-bit ECC, orders of magnitude harder. The signal is in the trajectory: independent estimates cited in the research put breaking 256-bit ECC at roughly 500,000 qubits, a threshold current hardware is nowhere near. Roadmap projections from IBM, Google, and IonQ target fault-tolerant machines in the hundreds-of-thousands to millions of qubits over the next decade.

Market impact

Roughly 6.9 million BTC sit in legacy address types — including early P2PK outputs and reused P2PKH addresses — whose public keys are exposed on-chain. A future quantum adversary with sufficient scale could derive private keys for those UTXOs, making the post-quantum migration a multi-year protocol effort with no clean off-ramp for dormant coins. Watch NIST's post-quantum signature standards timeline and any Bitcoin Improvement Proposal drafts as the real catalyst for market repricing.

Related tokens
$BTC

Frequently asked questions

  1. Did a quantum computer just break Bitcoin?

    No. Researcher Giancarlo Lelli broke a 15-bit ECC key on public quantum hardware, but production Bitcoin wallets use 256-bit ECC — orders of magnitude harder. Current estimates put breaking 256-bit ECC at roughly 500,000 qubits, a threshold today's hardware is nowhere near.

  2. How many bitcoins are exposed to a future quantum attack?

    Roughly 6.9 million BTC sit in legacy address types — early P2PK outputs and reused P2PKH addresses — whose public keys are already exposed on-chain. Those UTXOs could become vulnerable to a sufficiently scaled quantum adversary capable of deriving private keys from public keys.

  3. How many qubits would it take to break 256-bit ECC?

    Independent estimates cited in the research put the threshold at roughly 500,000 qubits. Current quantum hardware is orders of magnitude below that, though IBM, Google, and IonQ roadmaps target fault-tolerant machines in the hundreds-of-thousands to millions of qubits over the next decade.

  4. What is the post-quantum migration plan for Bitcoin?

    There is no finalized plan yet. The migration would require a Bitcoin Improvement Proposal to introduce post-quantum signature schemes and a multi-year transition for users to move coins from legacy address types to quantum-resistant ones. Watch NIST's post-quantum signature standards timeline and any BIP drafts for…

  5. Why is the 15-bit demo significant if 256-bit is the real target?

    The 15-bit crack is not a Bitcoin threat in itself, but it is the largest public quantum attack demonstration to date. The significance is in proving the trajectory is real and in reframing a theoretical risk as a measured engineering problem with a roughly 500,000-qubit target.

Source attribution
Aggregated from WuBlockchain · Verified · Last refreshed 74d ago
Open original →
Original content
Wu Blockchain
Wu Blockchain @WuBlockchain · 76d ago
Researcher Breaks 15-Bit ECC Key on Quantum Hardware, Signals Potential Bitcoin Risk Independent researcher Giancarlo Lelli broke a 15-bit ECC key using public quantum hardware, winning a 1 BTC bounty and marking the largest public quantum attack demonstration to date. Estimates suggest breaking 256-bit ECC may require about 500,000 qubits, with around 6.9 million bitcoins potentially exposed, highlighting the need for post-quantum upgrades. https://t.co/yhM4WNcgh9
Researcher Breaks 15-Bit ECC Key on Quantum Hardware, Signals Potential Bitcoin
8 6 39
View on X →