Bitcoin Has 3–5 Years to Prepare for Quantum Risk: Bernstein

Advances in quantum computing could eventually pose a threat to Bitcoin’s cryptographic security, but the risk remains manageable and unlikely to cause existential disruption, according to a new research report by Bernstein.

In the report, the Bernstein team — Gautam Chhugani, Mahika Sapra, Sanskar Chindalia and Harsh Misra — described quantum computing as a “manageable upgrade cycle” rather than an “existential risk.”

Recent breakthroughs, including research from Google showing a significant reduction in the resources required to break modern encryption, have accelerated the timeline for potential threats. However, building quantum computers powerful enough to compromise Bitcoin (BTC) remains years away due to major technical hurdles and high costs.

Bernstein estimates the crypto industry has roughly three to five years to prepare for post-quantum security upgrades, allowing time to transition toward quantum-resistant cryptographic standards.

The transition would likely be handled by Bitcoin’s open-source developer community and core contributors, who are responsible for proposing and implementing protocol upgrades through consensus.

Related: Researchers say quantum computers could, in theory, be ready by 2030

Quantifying the quantum risk for Bitcoin

Quantum computing differs from classical computing in that it uses “qubits,” which can encode multiple states simultaneously. This enables algorithms that, in principle, could break widely used encryption methods, including those used to secure Bitcoin wallets.

Still, the risk is not uniform across the network.

According to Bernstein, vulnerabilities are primarily concentrated in older Bitcoin wallets and addresses that reuse public keys, which are more exposed to potential attacks. Newer wallet formats and best practices, such as avoiding address reuse, significantly reduce this risk.

Bitcoin’s mining process, which relies on SHA-256 hashing, is not considered meaningfully vulnerable to quantum attacks or AI quantum computing breakthroughs.

Bernstein believes certain Bitcoin address types — specifically pay-to-public-key (P2PK), pay-to-multisig (P2MS) and pay-to-Taproot (P2TR) — are among the most vulnerable to quantum risks.

The risk is particularly pronounced for older “legacy” wallets. Roughly 1.7 million Bitcoin, including an estimated 1.1 million BTC attributed to Satoshi Nakamoto, are held in early P2PK addresses, where public keys are permanently exposed.

Related: Is $450B in Bitcoin vulnerable to the quantum threat? Analysts weigh in