Bitcoin may have gained a short term shield against future quantum attacks, and that matters if you are trying to understand where Bitcoin security could go next. A new proposal from StarkWare says people could send quantum safe Bitcoin transactions right now without changing the Bitcoin protocol, while a separate prototype from Lightning Labs shows a new way to prove wallet ownership if normal signatures ever become unsafe.
Important to Know
- A new StarkWare proposal says Bitcoin transactions can be made quantum safe today using current Bitcoin rules, though the method is expensive.
- Google said in late March that future quantum computers may need fewer resources than earlier estimates to break elliptic curve cryptography such as the math used in Bitcoin.
- Lightning Labs CTO Olaoluwa Osuntokun also showed a working wallet rescue prototype that proves ownership from a seed without revealing the seed itself.
Bitcoin Is Getting Backup Plans For A Problem That May Still Be Years Away
Let’s start with the bigger picture. Bitcoin uses cryptography to prove that you own your coins. Right now, many Bitcoin signatures rely on elliptic curve math. Normal computers cannot crack that math in practice. Quantum computers, at least in theory, could do far better by running Shor algorithm on powerful enough hardware. Google added fresh urgency in March when it published research saying future machines may break elliptic curve systems with fewer qubits and gates than many people had expected.
One answer came from Avihu Levy, chief product officer at StarkWare. He proposed a system called Quantum Safe Bitcoin, or QSB. Instead of using the usual signature route that depends on elliptic curve math, the sender must solve a hard hash puzzle and produce something that looks like a valid signature by brute force. A hash is basically a one way digital fingerprint of data. Quantum machines do not get the same giant shortcut on that kind of search problem, which is why Levy argues the method can hold up even against a large scale quantum attacker.
The key point is simple: QSB tries to keep Bitcoin usable without waiting for a network rule change. A soft fork is a protocol update that would alter how Bitcoin nodes treat transactions. Levy says QSB does not need one because it works inside existing legacy Script limits. That sounds useful, but the tradeoff is steep. He estimates each transfer could cost about $75 to $150 in GPU compute, which makes the idea far more practical for large BTC movements than for normal day to day use.
Even the researchers frame it as a stopgap. QSB does not scale neatly to everyone, non standard transactions add friction, and the Lightning Network is not covered. So while the method works as an emergency style option, protocol level upgrades still look like the cleaner long term answer. We are looking at a bridge, not a final home.
That debate gets hotter when older coins enter the picture. Daniel Batten argued parts of the recent discussion were overstated because exposed public keys and dormant wallets are not solved by the StarkWare paper. One widely discussed concern centers on around 1.7 million BTC in older P2PK addresses, where public keys are already exposed and could be more vulnerable if strong quantum machines ever arrive. That is why people in Bitcoin keep arguing over upgrades, freezes, burns, and emergency tools. We are not only talking about future payments. We are also talking about old coins already sitting in riskier formats.
A Different Rescue Route From Lightning Labs
Now for the second piece, which takes a very different path. Olaoluwa Osuntokun, technical chief at Lightning Labs, showed a working prototype on X that could help users rescue Bitcoin from a wallet even if standard signatures stop being safe in a future quantum emergency. Instead of proving ownership with a normal digital signature, the prototype proves that your wallet keys came from your original secret seed phrase.
That shift is easier to understand than it sounds. A wallet seed is the word list from which your wallet keys are derived. Under Osuntokun approach, you do not sign in the usual way. You prove that the public key came from a private key derived from your seed, all without exposing the seed itself. In other words, you show you are the original creator of the wallet path rather than relying on the usual signature system that a quantum computer might attack.
Performance looks workable, at least as a prototype. Reports on the demo said a proof could be generated on a normal laptop in around 50 seconds, verification took under two seconds, and the file size came in near 1.7 megabytes. That is not tiny, yet it is fast enough to show the idea can work in practice rather than only on paper.
No one is calling it a finished Bitcoin upgrade yet. There is no formal network rollout plan attached, and many experts still say “Q-day” likely remains years away rather than right around the corner. Even so, preparation now matters because Bitcoin changes slowly by design. Strategy, the company led by Michael Saylor, has also said quantum computing is not an immediate crisis but still deserves serious planning. So what we are seeing now is Bitcoin doing what it often does best: testing rough backup plans early, arguing hard, and trying to buy time before a future problem turns into a live one.