A technical controversy erupted on
How to Make Bitcoin “Quantum Safe”
“In the past, it was about protecting your PRIVATE KEY (seed phrase). In the coming era of big, scary quantum computers (BSQC), you also need to protect your public keys. Basically, BSQC can figure out your private key from your public key. The current taproot address (in its modern form) is not secure. It is an address that starts with “bc1p” and it is not a good idea to embed the public key in the address,” Woo wrote on November 11.
His argument hinges on a well-known difference between Bitcoin Script types. Taproot (P2TR) encodes the public key directly into the output and address, while legacy formats such as P2PKH/P2SH and SegWit P2WPKH hash the public key and only reveal it when coins are spent. These architectural differences will be important in the future, when sufficiently powerful quantum computers can derive private keys from public keys. Independent references note that P2TR actually passes the public key on the output, whereas P2PKH hides the public key until some time has passed.
Woo’s ad hoc playbook is straightforward. Move UTXOs to a bc1q (or “1”/”3″) address and continue to receive them at that address, but “don’t send any BTC out there” until Bitcoin provides a quantum-resistant upgrade. At this point, holders should move during times of low congestion and minimize the window in which their public keys are exposed in the mempool. “When you send BTC to a new quantum-safe address when the network is not congested, your private keys are revealed. It is highly unlikely that BSQC will steal your coins in the short term.”
He also warned that P2PK “Satoshi era” outputs were the most risky and suggested that lost coins with previous spending history could be vulnerable. “Satoshi’s 1 million coins using ancient P2PK addresses will be stolen (unless a future soft fork freezes them),” he wrote, adding that ETFs, Treasury bonds and exchange cold storage “could become quantum resistant if their custodians take action” well before a soft fork occurs.
Woo characterized the industry’s expectations for the arrival of “Q-Day” as “2030 and beyond,” highlighting that standards for quantum resistance are already being rolled out across the broader crypto space.
Former Bitcoin Core administrator Jonas Schnelli agreed to the sanitization measures but backed off the framing. He called Woo’s plan a prudent relief for unspent coins. “P2PKH provides years of protection, while Taproot exposes public keys instantly.” However, it rejected the term “quantum secure.”
In Schnelli’s view, the moment any spend is broadcast, “your public key hits the mempool. Before the transaction is confirmed (~10 minutes), a quantum attacker can decrypt the key and double-spend the RBF.” “It is not a permanent solution, but a wise precautionary measure,” he concluded.
At press time, BTC was trading at $104,693.
Featured image created with DALL.E, chart from TradingView.com
editing process for focuses on providing thoroughly researched, accurate, and unbiased content. We adhere to strict sourcing standards and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of the content for readers.
