A researcher used a publicly available quantum computer to break a highly simplified version of a ... Bitcoin-style cryptographic key, marking the largest public demonstration to date of a quantum attack on elliptic curve cryptography.
On Friday, Project Eleven announced that it has awarded the "Q Day Prize" to Italian researcher Giancarlo Lelli, who earned the bounty for breaking a 15-bit elliptic curve cryptographic key using a variant of Shor's algorithm; the bounty is currently worth nearly $78,000.
Elliptic curve cryptography is the foundation of digital signature schemes used by Bitcoin, Ethereum, and many other blockchains. The 15-bit key used in this demonstration is far smaller than the 256-bit cryptographic keys used to secure real Bitcoin wallets, but it marks another step forward in demonstrating how quantum computers could threaten trillions of dollars in cryptocurrency.
Objectively, we are still far from being able to break Bitcoin,” Alex Pruden, CEO of Project Eleven, told Decrypt. “But how long will it take to close that gap? As the gap narrows, will we be able to know the answer? I don’t know if we will.”
Scheduled for launch in 2025, the Q-Day Prize aims to test whether publicly available quantum systems can overcome one of the field’s most common criticisms—that current machines are only capable of simple computations, such as... factoring the number 21 into 3 and 7. Lelli’s results extend this capability to a 15-bit elliptic curve problem with 32,767 possible values.
Prudhomme said: "The news here is that progress is being made in the field of quantum mechanics. The fact that progress is being made is proof that it's not a field with no progress at all."
According to Pruden, the successful attack used a machine with approximately 70 qubits—qubits can exist in multiple states simultaneously, unlike the binary bits used in traditional computers—and would take only minutes to run once developed. He also noted that the scheme was reviewed by a group of quantum researchers from academia and industry, including researchers from the University of Wisconsin-Madison and the quantum software company qBraid.
This announcement comes as numerous quantum technology companies and research institutions have released increasingly aggressive hardware roadmaps and provided estimates closer to breaking modern cryptography.
In March this year, Google publicly set a 2029 target. Deadline Google plans to transition its systems to post-quantum cryptography, citing advances in quantum hardware, error correction technologies, and the decreasing time required to break existing cryptographic methods. Google is also one of the leading companies building quantum computers and advancing this technology.
Around the same time, a Google research report estimated that breaking Bitcoin might require fewer than 500,000 physical qubits, while another paper from Caltech and Oratomic estimated that 10,000 to 20,000 qubits would be needed using a neutral atom architecture.
Prudens said, "Our own prediction is that Q-day could arrive as late as 2029 in the worst-case scenario. I think this is because you really can't determine how strong human ingenuity is or how fast these technological breakthroughs will occur."
Project Eleven states that when this breakthrough occurs, approximately 6.9 million bitcoins will be stored in wallets whose public keys are visible on the blockchain and could become vulnerable to large-scale quantum computers.
However, not everyone believes this threat is imminent. Some researchers and investors acknowledge that risks exist but say further research is needed. Years from now it should be viewed as a long-term engineering challenge rather than an existential crisis.
Bitcoin developers are currently evaluating several proposals to address this threat. BIP-360 will introduce a quantum-resistant transaction format, while BIP-361 will phase out old signing schemes and ultimately freeze tokens that fail to migrate successfully. Meanwhile, the Ethereum Foundation has formed a post-quantum security team, with co-founder Vitalik Buterin also joining. Overview outlines a roadmap to replace vulnerable components in Ethereum’s cryptographic infrastructure.
In addition to advancements in quantum computing, Prud'homme also highlighted progress in artificial intelligence, noting that this technology could accelerate the timeline for quantum day by improving quantum error correction or helping attackers identify weaker cryptographic targets.
Prudens said: "The key to large-scale quantum computing is error correction. Artificial intelligence can significantly improve the efficiency of this process."