The core insight of the report focuses on the time factor. Quantum computers capable of breaking Bitcoin's elliptic curve digital signature algorithm will still require several years, possibly over a decade. Current quantum hardware lacks the logical qubits necessary for such computations. Therefore, the gap between current quantum hardware and the conditions required to threaten Bitcoin's encryption remains quite significant.
This does not mean that the threat is theoretical; rather, it indicates that it is not imminent. This distinction is crucial for how the market and developers prioritize responses to this threat.
The report notes that specific vulnerabilities, rather than general ones, are the main focus. Reused addresses and unspent transaction outputs (UTXOs) from the early Satoshi era are the most vulnerable. These addresses directly use public keys, meaning the public keys are visible on-chain, making them susceptible to attacks from sufficiently powerful quantum computers.
Modern P2PKH addresses (Pay-to-Public-Key-Hash) have different risk characteristics. The public key is hidden behind a cryptographic hash before the transaction is broadcast, adding a layer of protection since the public key is only exposed at the time of spending. Attackers would need to break the hash and derive the private key before the transaction is confirmed, which is significantly more difficult than targeting a statically exposed public key.
In reality, quantum risk is not evenly distributed across the Bitcoin address space. UTXOs from the early Satoshi era represent the most concentrated vulnerabilities. Whether these coins can be moved to quantum-safe addresses before quantum computing capabilities are achieved remains an open question.
Galaxy's report emphasizes that Bitcoin developers are not standing idly by. Research into post-quantum cryptography has already begun within the developer community. The Taproot upgrade, activated in 2021, laid the technical groundwork for more complex script types that may support quantum-resistant signature schemes in the future, such as Lamport or Winternitz signatures.
According to the report, potential upgrade paths involve soft forks, allowing users to migrate funds to new quantum-safe address types. Thorn directly compares this to the transition from traditional addresses to SegWit addresses. Although this transformation took years and was not universally adopted, it proceeded smoothly without disrupting the network. The post-quantum migration will employ a similar mechanism, but with higher risks.
The Bitcoin upgrade process is intentionally slow and conservative, serving as both a security feature and a constraint. Ethereum's more aggressive quantum-safe roadmap, led by Vitalik Buterin, may provide an industry testing ground for Bitcoin to adopt post-quantum cryptographic methods.