Nic Carter states that quantum computing poses the largest long-term threat to bitcoin’s core cryptography, emphasizing that developers should prioritize this issue rather than dismissing it as science fiction.
In an essay published on Monday, the Coin Metrics cofounder simplifies the workings of bitcoin’s keys and the implications of quantum technology. Carter explains that users begin with a secret number (private key) and generate a public key through elliptic-curve mathematics on the secp256k1 curve, the foundation for ECDSA and Schnorr signatures.
He describes this transformation as intentionally one-directional: it is easy to compute in one direction but impractical to reverse under classical assumptions. “Bitcoin’s entire cryptographic premise is that there exists a one-way function that’s straightforward to compute in one direction but challenging to inverse,” he writes.
To illustrate, Carter compares the system to a massive number scrambler. Transitioning from private to public keys is straightforward for honest users, as they can utilize a method called “double and add” for quick results. However, there is no similar shortcut in the reverse direction.
For those less familiar with the topic, he uses a deck-shuffle metaphor: while one can repeat a specific sequence of shuffles to achieve the same final arrangement, an observer cannot deduce the number of shuffles just by examining the shuffled deck.
Carter expresses concern that a sufficiently advanced quantum computer could disrupt this asymmetry by addressing the discrete logarithm problem that supports bitcoin’s signatures. He points out that routine network activity increases vulnerability: when coins are spent, a public key is disclosed on-chain.
This situation is currently secure because retrieving a private key from a revealed public key is impractical, but advancements in quantum computing could alter that assessment, particularly if addresses are reused and more keys remain visible longer.
He does not advocate for panic, but rather encourages planning.
In the short term, he stresses the importance of basic precautions, such as avoiding address reuse to minimize public key exposure. In the long run, he urges the community to prioritize post-quantum signature methods and feasible migration strategies, framing them as critical engineering challenges rather than distant possibilities.
This essay initiates a brief series; Carter mentioned that Parts II and III will be released in the coming weeks, covering “post-quantum break scenarios.”
Leave a Reply