Is your Bitcoin wallet safe from the quantum threat?

The quantum computers and Bitcoin

Is your Bitcoin wallet safe from the quantum threat? If you think that this is something for your children and grandchildren to worry about, then think again. The quantum computers are advancing fast and there are certain scenarios in the Bitcoin world that can lead to your funds being stolen by those with quantum resources. When can this happen? I can’t say, but you should probably already check your wallet balance to see if it’s as you expect it to be.

When are your BTC at risk from quantum attack?

None of the bitcoin addresses are immune from the advancing quantum computers. However, some of the addresses can be cracked even now, at this very moment. This is of course only possible if there are sufficient quantum resources somewhere that we don’t know about. There are also other BTC addresses that can NOT be cracked straight away, even if the quantum computers advance significantly. So let’s find out who is in immediate danger and who is not.

Revealing the public key

If a Bitcoin address holds a balance and has already been used to send BTC, it becomes vulnerable to quantum attacks because its public key has been exposed. This vulnerability arises from the fact that the public key is revealed to the network whenever BTC is spent from that address.

A quantum attack becomes possible when an attacker knows your public key. Using quantum computing power, the attacker could potentially derive your private key from the public key, giving them access to spend your bitcoins on the network. Since the public key is only revealed during a spend transaction, any address that has spent BTC but still holds a balance is at risk.

Temporary safety

Bitcoin addresses that have only received BTC and never spent any are currently safe, as their public keys remain hidden. However, this safety is temporary because the moment you spend BTC from such an address, the public key becomes visible. During the typical transaction confirmation time (usually around 10 minutes or more), a quantum attacker could theoretically compute your private key from the public key and broadcast a competing transaction to their own address with a higher fee. This strategy increases the chance that the attacker’s transaction will be confirmed first, potentially stealing your funds.

In summary

In summary, BTC held in addresses that have only received coins is safe for now. Once you spend from an address, it becomes vulnerable during the confirmation period. Therefore, it’s best to avoid reusing addresses.

When a Bitcoin address has received BTC, no matter how many times, it remains safe from quantum attacks until BTC is spent from that address. When spending occurs, however, there are two possible scenarios (using and not using change addresses):

✅ Using change addresses

When Bitcoin is spent from an address, the entire balance is consumed in the transaction. Either the full amount is sent to the recipient, or a portion is sent to the recipient and the remaining balance is returned to a newly generated address controlled by the sender. This new address is known as a change address. As a result, the original address used to send the funds is left with a zero balance. This is considered best practice, as spending from a Bitcoin address exposes its public key to the network. Once exposed, that public key becomes a potential target for future quantum attacks. By emptying the address immediately after use, the risk is minimised.

⛔ Not using change addresses

In many cases, however, wallets spend BTC by sending the required amount to the recipient while leaving the remaining balance on the sending address. This is very bad practice and should be avoided at all costs. Such addresses are considered “used” and may be more vulnerable to quantum attacks.

✅ Unused addresses

Unused BTC addresses are these that have only received BTC, but have never spent anything. These are considered safe against quantum attacks, because they haven’t revealed their public key to the network yet.

ℹ️ In a nutshell

Check your BTC addresses. If any address with a balance has ever spent BTC, it is vulnerable. In other words, to be safe from quantum attacks, all your BTC addresses should show only incoming transactions and no outgoing transactions.

An interesting story from the past

On October 31, 1903, at the annual meeting of the American Mathematical Society in Chicago, Frank Nelson Cole gave a dramatic, wordless presentation. He factored the Mersenne number: M₆₇​=2⁶⁷−1. Instead of speaking, he silently worked it out on the chalkboard. First he wrote the number itself: 147,573,952,589,676,412,927. Then he turned and meticulously wrote down its prime factors: 193,707,721 and 761,838,257,287, and worked through the necessary multiplication to show it matched the Mersenne number exactly. The entire demonstration took about an hour, all done by hand. When he finished, the audience burst into a standing ovation.

Public-key cryptography (asymmetric encryption):

• Can be broken:
  • Algorithms based on integer factorization (e.g., RSA)
  • Algorithms based on the discrete logarithm problem (e.g., Diffie-Hellman, DSA, elliptic curve cryptography)
• Why:
  • Shor’s algorithm, a quantum algorithm, can efficiently solve both factoring and discrete logarithms, which form the security basis of these schemes.
• Implication:
  • Current widely used public-key cryptography would be insecure once large-scale, fault-tolerant quantum computers become available.

Symmetric-key cryptography:

• Can be partially weakened:
  • Quantum computers can use Grover’s algorithm to search key spaces quadratically faster.
  • This means that a symmetric key of length n bits effectively provides only about n/2 bits of security against a quantum adversary.
• Cannot be fully broken:
  • Grover’s algorithm does not completely break symmetric ciphers; it only speeds up brute-force key search.
• Implication:
  • Doubling key sizes (e.g., using AES-256 instead of AES-128) can maintain security against quantum attacks.