Quantum computing headlines increasingly suggest that Bitcoin is on the brink of collapse, with future machines claiming that they could crack its encryption in minutes or completely overwhelm the network.
However, academic research paints a more limited picture. Some widely cited “breakthroughs” rely on simplistic problems that do not reflect real-world cryptography. And a quantum attack on Bitcoin? According to a research paper shared on X by Bitcoin hardware entrepreneur Rodolfo Novak, the energy required is equivalent to that of a small star.
Bitcoin’s security is based on two different mathematics, and quantum computers threaten Bitcoin in two different ways.
One, known as Shor’s algorithm, targets wallet security. In theory, a sufficiently powerful quantum computer would be able to derive the private key from the public key. This would give the attacker complete control of the funds and break the ownership guarantees that underpin Bitcoin.
The other is known as Grover’s algorithm and is applied to mining. This theoretically speeds up the trial-and-error searches performed by miners. But as one of the papers below shows, that advantage largely disappears when you try to build a machine.
These two threats are often obscured in headlines. But they land very differently when you consider real-world constraints.
Two recent papers featured in the X thread — one a sober engineering analysis, the other a deadpan satire — argue in opposite directions. They, along with a thread summarizing contrarian research and opinion, suggest that the current panic on crypto Twitter confuses genuine long-term concerns with a news cycle built on theatrics.
Mining hits a wall made of physics
The first paper, published in March 2026, by Pierre-Luc Dallaire Demars and the BTQ Technologies team, asks whether quantum computers can actually outperform mines. $BTC Grover’s algorithm uses quantum techniques that allow computers to deduce how to solve problems much faster than regular machines. In the case of Bitcoin, it speeds up the trial-and-error search process that miners use to find valid blocks.
The stakes are higher than you think. Mining is to protect $BTC A 51% attack, a scenario where a single attacker controls enough hashing power to rewrite recent transaction history, double-spend coins, or censor the network. If quantum miners were able to dominate block generation, the consensus itself would function, not just individual wallets.
In theory, Grover provides a path to that advantage. The researchers argue that the answer actually falls apart when estimating the price of the hardware and its energy requirements. It would be physically impossible for Grover to compete against SHA-256, the mathematical formula that Bitcoin miners compete to solve in order to add new blocks to the blockchain and earn rewards.
Running algorithms on Bitcoin would require quantum hardware on a scale that no one knows how to build.
Each step of the search involves hundreds of thousands of delicate operations, each requiring a dedicated support system of thousands of qubits just to limit errors. Also, since Bitcoin generates a new block every 10 minutes, an attacker has only a small amount of time to complete the job, requiring a huge number of machines to run in parallel.
At Bitcoin’s January 2025 difficulty level, the authors estimate that a quantum mining fleet will require around 1023 qubits consuming 1025 watts, which is approaching the energy output of a star (for reference, this is still equivalent to 3% of Earth’s sun). By comparison, the entire Bitcoin blockchain today consumes about 15 gigawatts.
Quantum 51% attacks are not only costly; It cannot be physically reached at any scale that real civilizations are capable of.
Most records of quantum factorization are plays.
The second paper, by Peter Gutmann of the University of Auckland and Stefan Neuhaus of Zurcher University in Switzerland, takes aim at a different part of the story. That is, a steady drumbeat of headlines claiming that quantum computers have already begun to crack codes.
The authors set out to reproduce all the major quantum factorization “breakthroughs” of the past two decades. They succeeded using a 1981 VIC-20 home computer, an abacus, and a dog named Scribble who was trained to bark three times.
Jokes work because the underlying issue is serious. Factorization is a mathematical problem at the heart of modern cryptography. Take a very large number and find the two prime numbers created by multiplying them together.
For numerical values of several hundred digits, it is considered virtually impossible for ordinary computers to do so. Scholl’s algorithm, the quantum technology behind the Bitcoin wallet threat, is the reason people are worried that quantum machines could eventually do it.
But according to Guttmann and Neuhaus, almost all previous demonstrations involved fraud. In some cases, researchers chose numbers where the hidden prime factors were only a few orders of magnitude apart, making them easy to guess with basic computer tricks.
In other examples, a regular computer first ran the difficult part of the problem (a step called preprocessing), then a stripped-down, trivially-friendly version was passed to a quantum machine to “solve”. While quantum computers are being hailed as a groundbreaking achievement, the real work was done elsewhere.
The authors highlight one recent paper in which they claim that a Chinese team has used D-Wave machines to make progress toward cracking RSA-2048, the encryption standard that protects much of the Internet’s banking, email, and e-commerce traffic.
The researchers had published 10 case numbers as evidence. Gutmann and Neuhaus ran these numbers on a VIC-20 emulator and each came up with an answer in about 16 seconds. The prime numbers were chosen to be placed several digits apart, making it easy to find them using an algorithm developed by mathematician John von Neumann in 1945, adapted from the abacus technique.
Why does this continue? The authors suggest a simple answer. Quantum factoring is a hot field, with limited actual results and a strong incentive to publish something impressive.
By choosing fraudulent numbers or doing most of the classic studies, researchers can claim new “records” without actually advancing the underlying science. This paper proposes a new evaluation criterion that requires random numbers, requires no preprocessing, and keeps the coefficients secret from the experimenter. No demonstration will ever pass.
The point here is not that quantum computing is harmless. Not all “groundbreaking” headlines represent real progress towards modern code-breaking, and traders should be skeptical when the next headline appears.
still worth worrying about
Neither paper completely denies the quantum threat.
The real vulnerability lies in Bitcoin wallets, not mining. Millions of Bitcoins are stored in old or reused addresses where sensitive information is already publicly available on the blockchain, making them the most likely long-term targets if quantum machines improve.
What has changed since these papers were published is not the threat, but the estimate. A recent paper by researchers at Google suggests that the computing power needed for such attacks could drop rapidly, as the encryption protecting the Bitcoin blockchain becomes vulnerable to attacks that take several minutes.
That doesn’t mean an attack is coming. The authors make clear in their paper that building such a machine is currently physically impossible and would require engineering advances yet to be made, ranging from the lasers that control the qubits, to the speed at which they can be read, to the ability to keep tens of thousands of atoms running in tandem without losing them.
There are also signs that the public release may be incomplete. Some recent studies have kept key technical details private, and experts warn that advances in the field are not always shared openly.
Still, developers are already working on fixes, including ways to reduce key exposure and new types of signatures designed to withstand quantum attacks.
The market reflects the view that this threat remains in the classroom. While traders see little chance of Bitcoin being replaced by mining algorithms by 2027, they assign a much higher probability (around 40%) to upgrades like BIP-360 aimed at reducing wallet risk.
While the quantum threat to Bitcoin is real, it is important to remember that there are physical limitations to building the machines used to attack blockchains.
