Bitcoin’s core security model could face serious disruption within the next ten years as quantum computing advances threaten to break widely used encryption methods, according to a new report from Capgemini.
Bitcoin relies on elliptic curve cryptography (ECC) to secure wallets and authorize transactions. But ECC — like RSA — is vulnerable to Shor’s algorithm, a quantum computing technique capable of solving the mathematical problems that protect private keys.
Although the report does not directly reference Bitcoin, it focuses on the vulnerability of encryption systems like ECC and RSA — which form the backbone of blockchain infrastructure. If quantum computers reach sufficient power, attackers could extract private keys from exposed public keys, potentially compromising on-chain assets.
The Capgemini survey, which included 1,000 large organizations across 13 countries, found that 70% are preparing for or adopting post-quantum cryptography (PQC) — a new class of encryption designed to resist quantum attacks. However, only 15% of respondents were seen as “quantum-ready,” and just 2% of global cybersecurity budgets are currently dedicated to quantum resilience.
The report also highlighted the growing threat of “harvest now, decrypt later” attacks, where encrypted data is collected today with the aim of decrypting it once quantum capabilities are available. In Bitcoin’s case, over 25% of coins are stored in addresses where public keys have already been exposed — including early “pay-to-pubkey” wallets like those linked to Satoshi Nakamoto.
In response, Bitcoin developer Jameson Lopp and other researchers recently introduced a draft proposal to safeguard older coins by freezing vulnerable addresses and encouraging migration to quantum-resistant formats.
“This proposal is radically different from any in Bitcoin’s history — just as the threat posed by quantum computing is radically different from any other threat in Bitcoin’s history,” the authors noted, as reported by CoinDesk.
The timeline for so-called “Q-Day” — the moment quantum computers can break current encryption — is still uncertain. But Capgemini points to accelerating progress in quantum hardware, error correction, and algorithmic efficiency. Some experts believe a cryptographically relevant quantum computer (CRQC) could arrive before 2030.
Governments are taking action. The U.S. National Security Agency (NSA) plans to retire RSA and ECC by 2035. Meanwhile, NIST has finalized several PQC standards, including Kyber and Dilithium, which are now being adopted by tech leaders like Apple, Amazon Web Services, and Cloudflare.
So far, no major blockchain — including any top-10 token by market capitalization — has implemented quantum-resistant encryption.
For now, Bitcoin’s cryptography remains intact. But with quantum breakthroughs approaching, the foundations of digital security — including those underpinning blockchain networks — may soon require a fundamental overhaul.
