Philip Martin, Chief Security Officer at Coinbase, and Alex Pruden, founder and CEO of Project 11, discuss the urgent quantum computing threat to Bitcoin and cryptocurrency security.

The conversation was sparked by two recent papers: one from Google Quantum AI Lab showing elliptic curve cryptography could be broken with far fewer qubits than previously thought, and another from Caltech researchers suggesting Shor's algorithm might work with as few as 10,000 neutral atom qubits.

The discussion covers the philosophical and technical challenges of upgrading Bitcoin's cryptography, the fate of Satoshi's coins, and the broader implications for DeFi protocols and stablecoins in a post-quantum world.

The Quantum Breakthrough That Changed Everything

Google Quantum AI Lab published a paper showing elliptic curve cryptography could be broken with significantly fewer qubits than previously estimated, dropping requirements from 500,000-1 million to potentially 10,000 qubits.

"Google said, if you target ECDSA specifically and you layer on some assumptions about the type of computer we're building, then potentially this is a much more imminent threat" - Alex

IBM currently has systems around 1,000 qubits with entangled systems up to 7,000 qubits, putting cryptographically relevant quantum computers within an order of magnitude of current capabilities.

Caltech team led by prominent physicists suggested Shor's algorithm could work with as few as 10,000 neutral atom reconfigurable qubits, dramatically lowering the bar for breaking public key cryptography.

Bitcoin's $150 Billion Quantum Vulnerability

Approximately 35% of all Bitcoin has exposed public keys making it vulnerable to quantum attack, not just Satoshi's estimated 1.7-1.8 million coins representing 10% of supply.

"We think Satoshi is dead, so they just are not going to be able to do the thing themselves" to upgrade their coins to quantum-resistant cryptography - Alex

Fast-clock quantum computers could potentially break Bitcoin private keys in 9 minutes, faster than Bitcoin's 10-minute block time, enabling front-running attacks in the mempool.

The philosophical divide centers on whether to freeze vulnerable coins to prevent theft or preserve Bitcoin's immutable property rights, with no clear consensus among stakeholders.

The Politics of Bitcoin's Quantum Upgrade

"My personal vote is: I think we have to prevent a quantum computer from stealing it. And then we have to make some way for those coins to be able to be brought back to life" - Philip

Economic nodes including exchanges, ETF issuers, and institutional holders will likely drive the upgrade decision due to having "the most to lose" from quantum attacks.

"There's going to be a fork here. I think it's inevitable because these philosophical issues, I don't really see how you resolve them" - Alex

Bitcoin lacks a foundation for coordinated upgrades unlike other blockchains, creating a "never-ending political battle of who gets to be a spokesman for Bitcoin."

Post-Quantum Cryptography's Technical Challenges

Post-quantum signatures are approximately 10 times larger than current ECDSA signatures, potentially impacting Bitcoin throughput and triggering another block size debate.

"Google wrote an entire blog post about the nightmarish complexity of implementing" the Falcon/FNDSA signature scheme that will likely be standardized - Alex

"About 50% of all internet traffic is already secured using hybrid cryptography, which implements PQC" showing migration is already underway for traditional systems.

IoT devices and embedded systems may lack the computational resources to implement post-quantum algorithms, creating a "Y2K would be underestimated" level disruption.

Stablecoins and DeFi in the Quantum Era

Stablecoin admin keys represent "critical infrastructure and potentially could be nation state level targets" for quantum attacks seeking to disrupt the US financial system.

"Someone mints $300 trillion of USDT and USDP or something, and then breaks a peg somewhere" could cause massive DeFi ripple effects across interconnected protocols - Alex

Traditional financial systems have advantages over blockchains because "there's like a trusted set of parties that kind of maintain the ledger" who can reverse fraudulent transactions.

DeFi protocols face increased complexity implementing post-quantum cryptography while already struggling with security, as "people are always going to write insecure code" - Philip

Timeline and Preparation Strategy

"The timeline is largely irrelevant because this process takes such a long time and we have so little clarity that it doesn't matter if a quantum computer shows up in 2030 versus 2040" - Philip

Project 11 estimates quantum cryptanalysis capability could arrive by 2029 in optimistic scenarios, 2033 base case, and 2042 pessimistic case.

"Real quantum development, probably from this point forward, as it pertains to cryptographic relevance, is very likely to happen behind closed doors" - Alex

Mosca's Inequality framework emphasizes considering both attacker timeline and defender preparation time, suggesting organizations should "start preparing today" regardless of uncertainty.