Coinjuice sat down with Chris Tam and Hunter Hsiao, contributors to the Bitcoin Quantum Project at BTQ Technologies (NASDAQ: BTQ). What follows is an attempt to translate the quantum threat into something useful for Bitcoin holders who are not quantum physicists and who simply want to know where Bitcoin’s security stands. 

The short answer: Bitcoin held in a wallet that has never been spent is protected today. The vulnerability opens the moment a transaction is signed. That is when the public key hits the network and becomes readable.

The Quantum Clock Is Ticking Faster Than Anyone Expected

Chris Tam traces the inflection point to December 2024. Google's Willow chip paper showed that as quantum resources scale, errors decrease rather than compound shifting fault-tolerant quantum computing from theory into an engineering roadmap overnight.

The qubit estimate required to break Bitcoin's signature scheme tells its story. In 2023 the figure stood at roughly 20 million qubits. By 2025 algorithm improvements brought it to one million. A Sydney research team revised it further to 100,000. By quarter one 2026, Google revised that figure down to 500,000, a 20-fold reduction from prior estimates. The hardware is improving. The software making the hardware more efficient is improving faster (which is considered normal).

What BTQ Technologies Is Building

In Chris's words: "Bitcoin Core will not get its stuff together in time to solve the quantum risk. That's what our entire thesis is built on." Rather than waiting, BTQ acted.

• 2011 codebase fork: BTQ forked Bitcoin at a 2011 checkpoint, stripping out ECDSA entirely and replacing it with NIST-standardised post-quantum cryptography. More information on technicals can be found at what is post-quantum cryptography

• Dilithium signatures: The NIST-standardised post-quantum signature scheme currently running on the network in place of ECDSA. (what is Dilithium)

• V0.3 testnet: Now on its third iteration with an explorer, faucet, wallets, and miners. Not a simulation, real transactions being signed and validated with post-quantum cryptography right now.

• Canary in the coal mine: Hsiao’s own framing. A system running ahead of Bitcoin, sensing dangers and reporting back, whether that is a signature scheme breaking, proof-of-work becoming quantum-vulnerable, or something not yet anticipated.

• Pay-to-Merkle-Root: The new address structure at the heart of BIP 360, also being implemented on the testnet.

Quantum Threat Assessment: What Is Vulnerable to Bitcoin

The first thing any BTC holder needs to understand is that not all of BTC is equally exposed to a quantum attack. There are effectively two shields already built into how Bitcoin works.

• SHA-256: Secures Bitcoin's proof of work and mining. Tam noted during the conversation: "It seems like SHA-256 is very secure. To be able to mine Bitcoin in a 10 minute block, you'll need a quantum computer the size of pretty much the universe." Not the concern.

• ECDSA (elliptic curve digital signature algorithm): The signature scheme protecting Bitcoin's public and private key relationship. This is the vulnerability that quantum computing targets using Shor’s algorithm.

Shor's algorithm: Running on a sufficiently powerful quantum computer, Shor's algorithm can derive a private key from a public key. The attack is not about breaking Bitcoin's rules. It is about forging a valid signature without ever holding the original key.

Is My Bitcoin Wallet Safe From a Quantum Attack?

Not all Bitcoin addresses carry the same quantum risk.

• Pay-to-public-key (P2PK): The original Bitcoin address type from 2009 to 2012, exposing the public key directly and permanently on-chain. Between one and two million Bitcoin across approximately 34,000 addresses. Quantum-vulnerable since day one.

• Taproot addresses (BC1P): Quantum-vulnerable by design. The public key is unhashed inside the address structure. Every BC1P address exposes its public key.

• Reused addresses: Vulnerable regardless of address type. Spending from an address reveals the public key. Any funds received back to that same address sit behind an already-exposed key.

Hsiao confirmed during the conversation that these categories together account for approximately one third of Bitcoin's circulating supply, around six million Bitcoin.

Bitcoin Quantum Preparation Takeaway

The good news is Bitcoin is not defenceless against quantum today. The hashed public key is the first line of defence. SHA-256 is the algorithm doing the hashing. If a public key has never been exposed on-chain, a quantum computer has nothing to derive a private key from. 

SHA-256 hashing is not what Shor's algorithm breaks.

The moment of exposure is the moment of spending. Every time a transaction is signed, the public key hits the network. That is where the vulnerability lives.

How to Protect Your Bitcoin from Quantum Computers Right Now

The practical habit is simple. When spending from a hodl wallet, first move the coins not being spent to a brand new address — one that has never been used. Spend only from the old address. The hodl stack now sits behind a fresh, unexposed, hashed public key. Two separate layers would need to be broken to reach those coins. This costs nothing. It requires no software upgrade. It is available to every Bitcoin holder today.

Conclusion

Bitcoin is more quantum-resistant than most headlines suggest and more exposed than most holders realise, depending entirely on how wallets are being used.

SHA-256 is not the problem. ECDSA is. The longer-term fix is being worked on. BTQ Technologies is the most visible team building live infrastructure toward it, without waiting for Bitcoin Core.

Move the stack first. Spend from the residual. Keep the new address clean. That is the first practical defence available to any Bitcoin holder today against a quantum threat once it becomes reality.