Following Google's December 9 announcement of the launch of its new quantum chip, Willow, developers and Bitcoiners have voiced their opinions regarding the chip's alleged ability to compromise Bitcoin (BTC) encryption.
In theory, quantum computing could compromise the cryptography used by Bitcoin. Using the Shor algorithm, it would be possible to derive private keys from public keys, affecting the ECDSA (Elliptic Curve Digital Signature Algorithm) scheme that signs transactions.
Also, Grover 's algorithm could reduce the time needed to solve SHA-256 hash problems. This would hypothetically put the mining process at risk, and thus the security of the network.
What do developers and analysts think about Google's Willow chip?
Analysts at Bernstein Research, an investment research division of AllianceBernstein, have expressed optimism regarding the potential implications of quantum computing for Bitcoin.
Should Bitcoin contributors start preparing for the quantum future? Yes, but any practical threat to Bitcoin seems decades away.
Bernstein Research analysts.
They also made it clear that “Bitcoin contributors have also been discussing a transition to quantum-resistant encryption.”
In line with this view, a developer who goes by the name Investor Arch on X shared a study from the University of Sussex.
In this paper, it was estimated that 13 million qubits of power are needed to compromise BTC encryption in one day, while Willow's power is 105 qubits. Qubits represent the basic unit of information in a quantum computer, just like bits in a classical computer.
The Willow quantum chip. Source: Google
In response to Investor Arch's post, other users also weighed in with their opinions. One such researcher in quantum cryptography explained that the immediate risk to Bitcoin's cryptography remains low due to current technical limitations.
This user explained that “the best estimate I know of for breaking the discrete logarithm problem of the ECDSA algorithm on a 256-bit elliptic curve is around 2500 logical qubits.”
As mentioned above, Willow has 105 physical qubits in its architecture. With current technologies, it takes between 100 and 1,000 physical qubits to build a single logical qubit.
Converting physical qubits to logical qubits requires millions of physical qubits due to errors and instability, which remains a significant technical challenge.
Therefore, according to the quantum cryptography researcher's estimates, Willow's capabilities would still be far from being able to compromise Bitcoin's encryption systems.
However, the researcher ended his comment with some pessimism:
I'm not saying that quantum computers are anywhere close to meeting the real-world requirements, but don't be surprised if future techniques reduce them by two orders of magnitude.
Publication by a researcher in X.
Blockstreams Co-founder Suggests Willow is Not a Threat
Adam Back, co-founder and CEO of Bitcoin-linked technology company Blockstreams, responded to Investor Arch's message stating that the BTC network and its encryption would require 13 million qubits to be corrupted.
Adam argued that ECDSA and Bitcoin are not based on encryption, but on digital signatures. The quantum threat to Bitcoin comes from the possibility of deriving private keys from public keys, not from breaking an encryption scheme.
In this sense, Willow would be far from a threat, according to Blockstreams' CEO. With only 105 physical qubits, Willow is limited to experimental tasks and does not pose a practical threat to existing cryptography.
To compromise ECDSA, a quantum system with 300 million physical qubits and error correction efficiency that does not currently exist would be needed, according to Adam Back.
Finally, Gustavo Flores Echaiz, a developer linked to the Bitcoin community, agreed that quantum computing does not yet represent a threat to Bitcoin's security.
While Google’s Willow quantum chip may prove to be a significant advance, at 105 physical qubits, it is a far cry from the millions needed to compromise the ECDSA algorithm that secures Bitcoin transactions. This level of quantum capability is not expected in the near future.
In a future scenario with more advanced quantum computers, only a fraction of BTC would be at risk, Flores Echaiz explained.
This includes coins on P2PK (Pay-to-Public-Key) addresses, used before 2011, and those on reused addresses, where the public key is exposed when signing transactions. Coins on addresses that do not reuse public keys or remain unspent have greater protection.
The Pay-to-Taproot (P2TR) standard, a method of transferring BTC integrated in 2021, offers some additional resilience by hiding public keys until the funds are spent.
Thus, given the opinions of some specialists, for now, the impact of quantum computing on Bitcoin remains a theoretical and controllable risk for the moment.