On May 27, it was reported that the investment management giant BlackRock warned investors that the Bitcoin network is vulnerable to quantum computers. Researchers from Google made a similar statement the same day. The CEO of decentralized post-quantum infrastructure, Naoris Protocol, David Carvalho, answered our questions to clarify the risks and whether there is hope.
Speculations about the risk of the Bitcoin network being cracked by quantum computers in the near future are not something new. It is impossible to brute force RSA and ECC encryption used in Bitcoin with modern-day processors, but it is believed that quantum computers will be able to retrieve private keys if the public key is available. The date when quantum computers will achieve sufficient power to break Bitcoin wallets is referred to as Q Day.
Unlike regular processors, quantum processors can perform multiple calculations simultaneously, which dramatically increases computing speed. Several companies seek solutions to avoid the potential risks. Some wallet producers already claim their products are quantum-proof.
BlackRock’s statement
In the updated version of BlackRock’s prospectus for IBIT (BlackRock’s iShares Bitcoin Trust ETF), the company warns investors about potential security risks associated with Bitcoin. BlackRock highlights the issue that developers of decentralized networks often lack a financial incentive to respond in a timely manner to security threats.
One of the outlined threats is quantum computers, which, in a few years, will become powerful enough to crack the encryption used in Bitcoin. Below, you can see an extract pointing at the possibility of the security breach and the implication of such a breach on the price of IBIT (and understandingly, Bitcoin itself):
“…a malicious actor may be able to compromise the security of the Bitcoin network or take the Trust’s bitcoin, which would adversely affect the value of the Shares. Moreover, the functionality of the Bitcoin network may be negatively affected such that it is no longer attractive to users, thereby dampening demand for bitcoin. Even if another digital asset other than bitcoin were affected by similar circumstances, any reduction in confidence in the source code or cryptography underlying digital assets generally could negatively affect the demand for digital assets and therefore adversely affect the value of the Shares.”
The warning by BlackRock garnered attention, as the issue of quantum computers had never been publicly acknowledged at such a high level before. If such a large and respected company sees the problem in quantum computers, it is a signal that the threat is considerable.
The Google study and a bit of irony
A new study by Google suggests that the amount of resources needed to reach the Q Day is 20 times less than previously estimated. The author of the paper, Craig Gidney, writes:
“In this paper, I reduced the expected number of qubits needed to break RSA2048 from 20 million to 1 million. My hope is that this provides a sign post for the current state of the art in quantum factoring, and informs how quickly quantum-safe cryptosystems should be deployed […] Vulnerable systems should be deprecated after 2030 and disallowed after 2035. Not because I expect sufficiently large quantum computers to exist by 2030, but because I prefer security to not be contingent on progress being slow.”
Ironically, it is Google who works on advancing quantum computing. Its Sycamore processor has 53 physical qubits, which places it among the ten most powerful quantum computers currently existing.
We discussed this topic with an expert
To better understand what will happen when Q Day arrives and how much time is left, we addressed several questions to David Carvalho, founder and CEO of the decentralized post-quantum infrastructure, Naoris Protocol.
Crypto.news: How much time do we have before the first Bitcoin wallet gets ‘hacked’ via a quantum computer?
David Carvalho: A lot less time than people seem to think. There’s a whole lot of noise this week because a Google analyst has published a report saying it will take far less time than anticipated, but the cybersecurity community has known this for a while. Very soon – within five years or even less – we’ll get to a point where quantum computers have enough qubits and sufficient error correction to be a real threat to ECDSA encryption.
We don’t know exactly when this will happen yet, but we do know that any protocol that doesn’t implement quantum security now won’t be able to retrofit it once quantum computers do catch up. So now is the time to focus all efforts on this before it’s too late.
CN: What happens next after the quantum computer achieves the ability to hack BTC wallets?
DC: The most frightening thing about quantum is that when we get to “Q-Day”, the attacks will be swift, quite possibly simultaneous, and certainly devastating. And most importantly, retroactive, meaning that even transactions that have been signed and executed could be at risk. Which means that wallets and blockchains can’t secure themselves against quantum attacks retroactively, they have to do it preemptively.
CN: Will quantum computers be immediately available for bad actors? Are all the non-quantum-proof BTC wallets being hacked simultaneously?
DC: Well, it’s unlikely there will be such a coordinated effort. Bad actors will likely target the biggest and most vulnerable wallets first and then move on to smaller targets. But that, in itself, is incredibly worrying, since the biggest targets are the likes of BlackRock, the second-largest holder of Bitcoin, which is also responsible for trillions of dollars in pension assets. It’s a real risk to financial stability.
CN: What will be the fate of “lost bitcoins” and Satoshi Nakamoto’s holdings?
DC: All of those “dormant” assets would be ripe for the picking, unless the blockchain is secured at the infrastructure level, because Satoshi will have almost certainly made transactions from vulnerable addresses. Given Satoshi’s substantial holdings, they would likely be a major target for bad actors.
CN: In the event that non-quantum-proof BTC wallets are successfully hacked, will it be a good advertisement for quantum-proof wallets, or will it scare off the masses from Bitcoin and send the price down?
DC: A quantum hack on Bitcoin would lead to a real loss of trust, so it wouldn’t be good news for the price. Like any black swan event, it could be the catalyst for a crypto winter. However, the fact that major institutions, and even governments, are now holding Bitcoin is encouraging. Because they are actually acutely aware of the risks from quantum computing – in fact, BlackRock recently highlighted it in its updated spot Bitcoin ETF filing. If anyone can push the blockchain sector to prepare for Q Day, it’s BlackRock and the US government. But they better do it quickly.
Conclusion
All in all, the fall of Bitcoin’s protection is only a matter of time, and time is running out, considering how many elements of the puzzle need to be switched to quantum-proof solutions – from mining infrastructure to exchanges and wallets. Transitioning to quantum-proof services may take time, so it’s better to start early.
