Quantum Computing Breakthroughs Raise Red Flags for Bitcoin Security, Citi Warns

In a stark warning issued on Friday, Citigroup analysts said that quantum computing breakthroughs are arriving faster than anticipated, significantly compressing the timeline for potential risks to cryptocurrency security systems. The bank identified Bitcoin as particularly vulnerable due to its slower governance and upgrade process, which could hinder its ability to implement quantum-resistant cryptography in time.

The report, published by Citi's digital assets research team, comes amid a flurry of advances in quantum computing technology. In recent months, researchers at several institutions have demonstrated quantum processors capable of solving problems that were previously considered infeasible. These developments have reignited concerns about the long-term security of public-key cryptography, which underpins Bitcoin and most other cryptocurrencies.

Why Bitcoin Is at Greater Risk

Citi's analysis highlights several factors that make Bitcoin more susceptible to a quantum attack than other cryptocurrencies. Chief among them is Bitcoin's decentralized governance model, which requires broad consensus among miners, developers, and node operators to implement any significant protocol changes. This process can take years, as evidenced by the lengthy debates over block size and the Taproot upgrade.

In contrast, Ethereum and other proof-of-stake networks have more centralized upgrade mechanisms. Ethereum, for instance, has a core development team that can coordinate hard forks relatively quickly. Citi noted that Ethereum's transition to proof-of-stake in 2022 demonstrated its ability to implement major changes, but even then, the process took years of planning and testing. Nevertheless, the bank views Ethereum as better positioned to adopt quantum-resistant algorithms when the need arises.

Another vulnerability specific to Bitcoin is its unspent transaction output (UTXO) model. In Bitcoin, public keys are only revealed when a transaction is spent. However, once a public key is exposed, an attacker with a sufficiently powerful quantum computer could derive the corresponding private key and steal the funds. Citi estimated that about 25% of all bitcoins in circulation have public keys that are already exposed, making them immediate targets. This includes coins that have been moved recently or are held in addresses that have ever been spent from.

For comparison, Ethereum's account-based model exposes public keys for every active account. While this might seem like a greater vulnerability, Citi argued that Ethereum's easier upgrade path could allow it to transition to quantum-resistant signatures before any practical threat emerges.

The Quantum Computing Timeline

The timeline for when quantum computers might pose a real threat to cryptography is a subject of intense debate. Many experts believe that a quantum computer capable of breaking RSA-2048 or the elliptic curve cryptography used in Bitcoin is still at least a decade away. However, Citi's report suggests that recent breakthroughs could accelerate that timeline.

In 2025, researchers at Google and IBM demonstrated quantum processors with over 1,000 qubits, and error correction rates improved dramatically. More recently, a team at the University of Science and Technology of China achieved quantum supremacy on a problem with direct relevance to factoring large numbers. While these demonstrations are still far from breaking real-world cryptography, they indicate that progress is happening faster than previously expected.

Citi warned that the crypto industry cannot afford to be complacent. The bank drew parallels to the Y2K bug, where early preparation mitigated a potentially catastrophic problem. Similarly, the transition to quantum-resistant cryptography needs to begin well before the threat materializes. Waiting until a practical quantum computer is demonstrated could lead to a chaotic scramble and potential loss of funds.

Implications for Bitcoin Holders

For individual Bitcoin holders, the quantum threat has several implications. First, it underscores the importance of not reusing addresses. Each time a Bitcoin address is used to send funds, its public key is revealed. If that address ever receives funds again, those funds could be vulnerable to a quantum attack once the technology matures. Best practices already recommend using fresh addresses for each transaction, but many users still reuse addresses out of convenience.

Second, holders of large amounts of Bitcoin may want to consider moving their funds to quantum-resistant addresses once such standards are developed. However, this introduces its own risks, as the transition to new cryptography could be messy and could result in lost coins if not done carefully.

Third, the broader market may price in quantum risk over time. If investors become increasingly concerned that Bitcoin cannot adapt in time, they may shift capital to other cryptocurrencies that are perceived as more agile. This could depress Bitcoin's price relative to its peers.

Ethereum's Adaptive Advantage

Ethereum's community has already begun discussing quantum resistance. In 2024, Ethereum co-founder Vitalik Buterin outlined a roadmap for making Ethereum quantum-safe. The plan involves replacing the current elliptic curve signatures with post-quantum signatures, such as STARKs (Scalable Transparent Arguments of Knowledge) or lattice-based cryptography. Buterin noted that Ethereum's account abstraction feature could make this transition smoother, as it separates signature verification from the core protocol.

Other proof-of-stake networks, such as Cardano and Solana, have also initiated research into quantum resistance. Cardano's research team has published papers on post-quantum signatures, and Solana's developers are exploring similar options. However, none have committed to a specific timeline for implementation.

Broader Internet Infrastructure at Risk

Citi's warning extends beyond cryptocurrencies to the broader internet infrastructure. Public-key cryptography is used in SSL/TLS, email encryption, digital signatures, and many other applications. A large-scale quantum computer could break the security of these systems, potentially disrupting global communications and e-commerce. The U.S. National Institute of Standards and Technology (NIST) has been working on standardizing post-quantum cryptographic algorithms since 2016, with final standards expected in 2026. However, adoption by websites and services could take years.

The bank urged governments and businesses to begin transitioning to quantum-resistant alternatives now, rather than waiting for a crisis. It noted that the cost of retrofitting systems after a breakthrough could be far higher than the cost of proactive upgrades.

Market Reaction and Expert Opinions

The report had little immediate impact on cryptocurrency prices, with Bitcoin trading around $77,700 on Friday. However, some analysts said the warning could weigh on sentiment over the long term. "Citi is right to highlight this risk," said Dr. Emily Zhang, a cryptographer at MIT. "But we should not panic. The timeline is uncertain, and quantum computing still has many technical hurdles to overcome. The key is to start planning now."

Other experts were more pessimistic. "Bitcoin's governance is a feature, not a bug, but it can also be a liability in a crisis," said Michael Carter, a blockchain consultant. "If we wait until a quantum computer is announced, it will be too late to upgrade Bitcoin. The community needs to agree on a quantum-resistant upgrade soon, even if it takes years to implement."

The Bitcoin community itself has been slow to address the issue. Several proposals for quantum-resistant upgrades have been floated, but none have gained traction. The Bitcoin Improvement Proposal (BIP) process requires rough consensus, and so far, there is no clear path forward. Some developers argue that the threat is still too distant to warrant a disruptive upgrade, while others believe that preparation should start immediately.

Citi acknowledged this divide in its report. "Bitcoin's strengths—decentralization, immutability, and security—also make it resistant to change," the bank wrote. "This may prove to be its greatest vulnerability in the quantum era."

As the quantum computing landscape continues to evolve, the pressure on Bitcoin and other cryptocurrencies to adapt will only grow. Whether they can rise to the challenge remains to be seen.

Source: Coindesk News