Nic Carter, co-founder of Coin Metrics, has underscored the significant long-term threat that quantum computing poses to Bitcoin’s fundamental cryptographic security. In a recent essay published on Monday, Carter elaborated on how Bitcoin’s key system functions and why advances in quantum technology demand serious attention from developers and the broader cryptocurrency community.
At the heart of Bitcoin’s security lies its use of elliptic-curve cryptography, specifically the secp256k1 curve employed in ECDSA and Schnorr signature schemes. Carter explains that users generate a private key—a secret number—from which a corresponding public key is derived through elliptic-curve mathematics. This process is intentionally one-directional: it is straightforward to calculate the public key from the private key but, under classical computational assumptions, practically impossible to reverse engineer the private key from the public key.
To help readers grasp this concept, Carter compares the procedure to a “number scrambler.” For honest users, the transformation from private to public key is efficient, facilitated by a method called “double and add.” However, there is no equivalent shortcut to revert from public to private, preserving Bitcoin’s cryptographic integrity. Using a simple analogy, Carter likens it to shuffling a deck of cards—while repeating shuffles can produce a known order, an observer cannot deduce how many shuffles created that sequence.
The looming concern Carter highlights is that the unique computational capabilities of quantum computers might disrupt this asymmetry. Quantum algorithms could potentially solve the discrete logarithm problem that secures Bitcoin signatures, enabling the recovery of private keys from public keys.
Bitcoin’s network dynamics amplify this risk. When users spend coins, their public keys are revealed on the blockchain. Although currently this exposure is safe, as reversing the key back to the private key is computationally unfeasible with classical computers, quantum advancements could change this risk profile. This is especially pertinent if users reuse addresses, leaving public keys visible for extended periods.
Carter stresses that these developments are not a cause for immediate alarm but a call to action. He encourages Bitcoin users and developers to adopt sound security practices—such as avoiding address reuse—to minimize public key exposure in the near term. More importantly, he advocates for proactive research and engineering efforts toward implementing post-quantum cryptographic signature schemes and designing viable upgrade paths to secure Bitcoin against future quantum threats.
This essay serves as the first installment in a planned series by Carter. He has announced that forthcoming parts will delve deeper into scenarios involving quantum cryptographic breaches and examine realistic frameworks for adapting Bitcoin’s security infrastructure to a post-quantum world.
