Quantum Computing Risk and Bitcoin’s Security Horizon

Briefing Notes contain: (1) a summary of podcast content; (2) potential information gaps; and (3) some speculative views on wider implications for Bitcoin. Most summaries are for Bitcoin-centered YouTube episodes but I also do some on AI and technological advance that spill over to affect Bitcoin.

Summary

The November 12, 2025 episode of Bitcoin Fundamentals features Charles Edwards outlining how quantum computing threatens Bitcoin’s current signature schemes. Edwards explains why timelines to a “Q-day” event, when a quantum machine can recover private keys from public information, may be measured in single-digit years rather than distant decades. The conversation highlights Bitcoin’s large pool of exposed public keys, the coordination challenges of a post-quantum upgrade, and the need for investors and policymakers to treat quantum risk as an active planning problem.

Take-Home Messages

1. Quantum trajectory: Quantum computing is already delivering specialized real-world gains, and growth in logical qubits suggests that cryptographically relevant machines are a near- to medium-term prospect rather than a remote curiosity.
2. Compressed security horizon: Estimates clustering around a 2–9 year window for breaking Bitcoin’s elliptic curve signatures turn quantum risk into a concrete planning problem that demands monitoring and contingency design today.
3. Concentrated vulnerable supply: A sizable share of Bitcoin sits in P2PK and other exposed-key outputs, meaning that a successful quantum attacker could immediately target a visible pool of dormant and early coins with outsized signaling effects.
4. Upgrade and migration bottlenecks: Post-quantum schemes like BIP360 must contend with much larger signatures, limited blockspace, and contentious governance, making full key rotation a multi-year coordination and engineering challenge.
5. Portfolio-level hedging: Edwards remains heavily long Bitcoin while adding a diversified “quantum hedge” in specialized hardware and software firms, illustrating how investors can acknowledge quantum risk without abandoning exposure to Bitcoin’s upside.

Overview

Preston Pysh invites investor and researcher Charles Edwards to unpack what quantum computing actually is and why it matters for Bitcoin’s security. Edwards begins with superposition, entanglement, and interference, describing how quantum machines evaluate many possible states simultaneously instead of stepping through them one by one. He emphasizes that this capability makes quantum hardware especially powerful for certain optimization and cryptographic problems rather than providing a blanket speedup for all computation.

Edwards then distinguishes between noisy physical qubits and far scarcer logical qubits that incorporate error correction and are relevant for cryptography. Drawing on estimates from hardware providers, consultants, and a 2017 research paper, he notes that around 2,330 logical qubits could be enough to break Bitcoin’s elliptic curve signatures using Shor’s algorithm. On this basis, he argues that a plausible timeframe for reaching “cryptographically relevant” quantum capacity is roughly 2–9 years, with a high-probability band in the middle of that range.

The discussion then shifts from general hardware progress to Bitcoin’s specific attack surface, especially coins held in address types where public keys are already exposed on-chain. Edwards and Pysh note that early P2PK outputs, including Satoshi-era and likely lost coins, could amount to 20–30% of total supply and would be immediately vulnerable once key recovery becomes feasible. Edwards points to proposals such as BIP360 for post-quantum signatures but warns that much larger signature sizes and limited blockspace imply that rotating all economically meaningful coins could take 10–30 months even under optimistic conditions.

Governance and coordination repeatedly emerge as central constraints on any response. Pysh recalls the contentious blocksize debates and suggests that choosing a quantum-safe scheme, adjusting block parameters, and deciding how to treat lost coins could trigger similar fault lines if left until the last minute. Edwards contrasts Bitcoin’s irreversible, globally visible honeypot of exposed keys with legacy financial systems that can lean on evolving encryption, two-factor authentication, and transaction reversals, and he explains why he remains heavily long Bitcoin while also building a diversified “quantum hedge” across specialized hardware and software firms.

Stakeholder Perspectives

1. Bitcoin core developers: Evaluating post-quantum signature schemes, modeling blockspace and fee trade-offs, and designing upgrade paths that maintain security while minimizing fragmentation across clients and implementations.
2. Miners and node operators: Assessing how larger signatures and any potential blocksize changes would affect block propagation, hardware demands, and long-term incentives to secure the network.
3. Exchanges and custodians: Managing visible, high-value addresses that are prime quantum targets and planning staged key-rotation, customer communication, and incident-response procedures ahead of credible Q-day signals.
4. Institutional investors and treasuries: Weighing Bitcoin’s long-term role as a reserve or treasury asset against quantum-era tail risks, while exploring diversified hedging strategies in quantum-related equities and infrastructure.
5. Regulators and central banks: Considering how a sudden quantum-driven shock to Bitcoin’s supply or price could spill over into broader markets, and comparing Bitcoin’s readiness with that of legacy payment and settlement systems.

Implications and Future Outlook

Quantum progress compresses Bitcoin’s security horizon from an abstract, multi-decade concern into a live strategic risk that needs structured monitoring. If stakeholders treat the 2–9 year window as a planning envelope rather than a precise forecast, they can develop trigger points tied to observable advances in logical qubits, error rates, and algorithmic techniques. Such trigger points would help translate technical milestones into clear cues for when to accelerate protocol work, operational key rotation, and user education.

On the protocol side, the hardest problems are not purely mathematical but institutional. Reaching consensus on a post-quantum scheme, handling larger signatures, and deciding whether to adjust blocksize will require inclusive, transparent processes that avoid repeating the zero-sum framing of past governance battles. If developers, miners, businesses, and large holders can converge early around a roadmap and contingency plans, Bitcoin can treat quantum risk as a controlled upgrade cycle rather than an emergency scramble.

For markets and policymakers, quantum risk introduces a new dimension to how Bitcoin is evaluated as a long-term store of value and collateral asset. Edwards’s own posture—remaining long Bitcoin while building a dedicated quantum-equity hedge—illustrates how investors might acknowledge tail risks without abandoning exposure to Bitcoin’s upside. Regulators and central banks, in turn, will need to consider how a disorderly Q-day event could spill over into broader financial stability and whether early, credible communication about Bitcoin’s quantum roadmap can reduce the chance of panic-driven responses.

Some Key Information Gaps

1. How can Bitcoin stakeholders rigorously assess and update timelines for when quantum computers might realistically break elliptic curve cryptography? Reliable timelines are essential for scheduling protocol upgrades, migration campaigns, and regulatory responses before Q-day arrives.
2. Which governance pathways are most likely to achieve broad consensus on a post-quantum upgrade such as BIP360 within a constrained timeframe? Understanding viable decision-making structures will help the ecosystem avoid paralyzing conflict and ensure that needed changes are implemented in time.
3. Under current blocksize and fee market conditions, how long would it take to migrate all economically significant addresses to post-quantum-compatible outputs? Quantifying realistic migration windows is vital for testing whether proposed schemes can be executed safely before an attacker gains sufficient capability.
4. What are the economic and social implications of allowing quantum attackers to seize 20–30% of Bitcoin supply from lost and dormant P2PK outputs? Clarifying the consequences of non-intervention will inform debates over whether any protocol-level response to compromised coins is acceptable.
5. How can the Bitcoin ecosystem raise awareness about quantum threats among non-technical holders without triggering panic or disengagement? Effective communication strategies are needed to motivate timely key rotation and participation in upgrades while preserving confidence in Bitcoin’s long-term viability.

Broader Implications for Bitcoin

Quantum Risk as a Benchmark for Decentralized Governance

Quantum computing will test whether decentralized governance can coordinate complex, time-sensitive security upgrades without central command. Bitcoin’s response will likely shape perceptions of whether open, permissionless systems can manage existential technical threats while preserving legitimacy. Over the next 3–5+ years, the quality of process around post-quantum planning may become as important to institutional adoption as the underlying cryptographic choices.

Redefining Security Standards for Digital Money

The prospect of key-recovery attacks forces a rethinking of what “secure enough” means for digitally native monetary systems. Bitcoin’s need to transition from widely deployed elliptic curve signatures to quantum-resistant schemes will set precedents for how other systems manage cryptographic obsolescence. As standards evolve, regulators, auditors, and infrastructure providers may begin to treat ongoing cryptographic agility as a baseline requirement for any asset used as collateral, reserve, or payment rail.

Institutional Risk Management in a Post-Quantum Era

Institutional investors and financial authorities will increasingly evaluate Bitcoin not just on volatility and custody risk, but on the credibility of its quantum transition roadmap. The emergence of quantum-focused hedging strategies suggests that portfolio construction will blend exposure to Bitcoin with targeted bets on the technologies that could threaten or ultimately secure it. Over time, this interplay may influence capital flows, disclosure norms, and stress-testing frameworks across both traditional finance and Bitcoin-native businesses.

Incentives for Cryptographic Agility and Research

Awareness of quantum threats strengthens incentives to invest in post-quantum cryptography, formal verification, and upgrade mechanisms that reduce the cost of future transitions. Bitcoin’s scale and visibility mean that any adopted scheme will receive intense scrutiny, potentially accelerating broader research and standardization that benefits many digital systems beyond Bitcoin. In the longer term, successfully navigating a quantum transition could normalize periodic, well-governed cryptographic refresh cycles as part of responsible stewardship for critical digital infrastructure.