A Project Eleven analysis published on May 6, 2026, warns that a so-called “Q-day” in which quantum computing could break public-key cryptography could arrive as early as 2030. The report suggests that up to 6.9 million Bitcoins (BTC), approximately 33% of the total supply, could be leaked under certain conditions.
The group said the risk is related to advances in quantum computing and recent experimental demonstrations that approximate attacks on elliptic curve cryptography (ECDSA), the system that protects Bitcoin’s digital signatures. The focus of the problem is on whether future quantum computers will Today we can solve mathematical problems that guarantee the security of networks.
Regarding Project Eleven, it’s worth emphasizing the following: Exposure will no longer be uniform. The most vulnerable Bitcoins are those associated with addresses whose public keys are already exposed on the chain, such as old formats or reused addresses. In such a case, if cryptographically relevant quantum computers existed, the danger would be permanent, with the potential impact estimated at more than $560 billion at current prices.
This report also uses the ‘Mosca inequality’ framework for risk assessment. This framework is a model that compares the time available for migrating a cryptographic system to the estimated amount of time that quantum computing could render a cryptographic system vulnerable. With this approach, it’s not just about whether an attack comes; whether there is enough room for the ecosystem to adapt before it becomes viable;
In the case of Bitcoin, analysis suggests that moving to a post-quantum scheme will require several years of technological adjustments, reducing the margin of safety if the quantum timeline is compressed to this decade.
It is important to be clear about Project 11. proposes three scenarios for the arrival of quantum risk to Bitcoin. In the optimistic case, the impact could materialize as early as 2030. In our base scenario, that period is around 2033. These predictions do not attempt to set exact dates, but instead are intended to reflect varying rates of progress in quantum computing and error correction, and the degree of readiness of the ecosystem to transition to post-quantum cryptography, as reflected in the following graph.
“Q-Day” continues to divide the industry
In this scenario, The debate within the industry remains divided. On the other hand, researchers come from a Mikhail Lukin-like environment. Harvard Quantum Initiative They claim that fault-tolerant quantum computers could be on the horizon by the end of this century. This is a horizon consistent with predictions by actors such as Google, Cloudflare, and Grayscale, which are already considering transition periods closer to 2029, as reported by CriptoNoticias. This view strengthens the following idea: Preparation time is shrinking.
In contrast, figures such as Adam Bach, Samson Moe, and Developer March believe that: Quantum risk is still more than 10 years awaypoints out that current capabilities are far from being able to break 256-bit encryption under real-world conditions. Similarly, it recently happened that Corey Klipsten, CEO of Swan Bitcoin, criticized Alex Pruden, CEO of Project Eleven. Exaggerating the quantum threat to advance commercial interestsdifferences in position within the sector are revived.
In this context, the Q-Day scenario is understood as follows: A range of risks, not a final date. The potential for millions of Bitcoins to be leaked reflects the system’s sensitivity to advances in quantum computing, but its actual impact will depend on technological developments that are still in the experimental stage.
