Security experts warn Bitcoin faces urgent quantum risks as adversaries stockpile encrypted data

The most dangerous attack on Bitcoin might already be underway, and nobody would know it until it’s too late. Security researchers are raising alarms about “harvest now, decrypt later” strategies, where nation-state adversaries quietly collect encrypted blockchain data today with plans to crack it open once quantum computers catch up.

The qubit countdown

A March 2026 whitepaper from Google Quantum AI delivered a jolt to the cryptography community. The paper estimated that breaking Bitcoin’s secp256k1 elliptic curve cryptography, the mathematical backbone securing every Bitcoin signature, could require as few as 1,200 logical qubits. That represents a 20-fold reduction from previous estimates of the computational resources needed to compromise ECC-256.

To be clear, no quantum computer exists today with 1,200 fault-tolerant logical qubits. Current machines operate with far fewer, and the gap between physical qubits (noisy, error-prone) and logical qubits (reliable, corrected) remains significant. Project Eleven, a research initiative tracking quantum threats to cryptography, models the arrival of cryptographically relevant quantum computers, what they call “Q-Day,” somewhere between 2030 and 2033.