Bitcoin’s security model could come under pressure from advances in quantum computing even if so-called “Q day” is still years away, according to Coinbase’s head of research, David Duong, who says quantum computing could eventually threaten both the cryptographic signatures that protect transactions and the proof-of-work mining that secures the network.
Sector Leaders Raise Alarm Over Bitcoin’s Quantum Risk
In a LinkedIn post, Duong said investors are now paying closer attention to the “quantum threat” as large institutions and regulators start to address it directly. He cited BlackRock’s iShares Bitcoin Trust ETF, which added new disclosures about quantum computing risks in an updated prospectus in May 2025, and guidance from U.S. and European authorities instructing critical infrastructure operators to move to post-quantum cryptography by the end of 2035.
Duong said quantum computing is expected to help solve complex problems in areas such as medical research and climate modeling, but he warned that it will also force upgrades to many of the cryptographic systems used today.
Traditional finance, which relies on closed systems, may feel those changes quickly, he wrote, but open networks like Bitcoin and Ethereum are also preparing for a post-quantum environment.
What “Q day” Means for Bitcoin’s Core Security Pillars
The core risk, he said, shows up at “Q day,” when cryptographically relevant quantum computers could run algorithms such as Shor’s and Grover’s against Bitcoin’s underlying cryptography.
The network rests on two main pillars: the Elliptic Curve Digital Signature Algorithm, which secures transaction signatures, and the SHA-256 function used in proof-of-work mining.
If those pillars are compromised, Bitcoin is left exposed on two fronts. Quantum machines could weaken the protection around private keys and let attackers steal coins from vulnerable addresses, and they could also mine blocks more efficiently, reshaping Bitcoin’s economic and security model.
For now, Duong argued that the mining-related risk is a lower priority due to the difficulty of scaling quantum hardware. The more urgent task, he said, is migrating to quantum-resistant signature schemes, noting that roughly 6.51 million bitcoin, or about 32.7% of the supply, already sits in outputs that appear vulnerable to long-range quantum attacks.
Should We Be Worried Now, and Can Defenses Catch Up?
The term “Q-day” refers to the potential for a quantum computer to surpass the power of today’s widely used public key cryptography, such as RSA and elliptic curve schemes, forcing a widespread transition to quantum-safe standards.
While most experts still place that milestone sometime in the 2030s or later, the prospect is already driving action.
In the United States, the National Institute of Standards and Technology (NIST) has finalized its first set of post-quantum algorithms, including CRYSTALS-Kyber for key exchange and CRYSTALS-Dilithium and SPHINCS+ for digital signatures, publishing new federal standards in 2024.
Large firms are moving too, with IBM rolling out quantum-safe tools and services for banks and infrastructure providers, and Google deploying hybrid key exchange in Chrome that combines classical X25519 with the Kyber algorithm to protect web traffic against future quantum attacks.
Technically, offensive and defensive technologies tend to evolve in lockstep, and quantum is no exception. By the time a true Q-day arrives, many researchers expect quantum-safe algorithms and migration plans to be developed enough to be implemented in time to avoid, or at least reduce, the quantum threat.
Read More: From Nuclear Plant to Bitcoin Farm: Zaporizhzhia Becomes Russia’s New Bargaining Chip
