The fundamental assurance of Bitcoin — that no entity can access your coins without the private key — is being reassessed by developers in light of potential quantum computing threats. This marks a significant shift in Bitcoin’s 16-year history as developers propose measures to defend against future quantum computers capable of compromising the blockchain and stealing funds.
Jameson Loop, a prominent Bitcoin contributor, along with other cryptographers, has suggested an initiative that could compel bitcoin holders to transition their assets to new addresses resistant to quantum attacks. In this scenario, users would retain ownership but lose the ability to transfer their coins if they do not migrate, as the network might freeze these funds.
This initiative is encapsulated in Bitcoin Improvement Proposal (BIP)-361, recently updated with the title “Post Quantum Migration and Legacy Signature Sunset.” The proposal responds to a Google report indicating that powerful quantum computers could compromise the Bitcoin blockchain more easily than previously thought, setting 2029 as a potential deadline for addressing these vulnerabilities.
Bitcoin wallets employ ECDSA (Elliptic Curve Digital Signature Algorithm) cryptography. This involves generating a private key, which acts as a unique password proving coin ownership, and a public key derived from it to receive funds and verify transactions. However, the public key is visible on the blockchain when funds are sent, posing a risk if a quantum computer reverse engineers it to discover the private key.
As of March, approximately 6.7 million BTC were in addresses vulnerable to such attacks, according to Google’s findings. BIP-361 builds upon the February proposal under BIP-360, which introduced a soft fork for a new transaction type called pay-to-Merkle-root (P2MR). This model is inspired by Bitcoin’s Taproot framework but omits key-based spending paths seen as susceptible in a quantum computing era.
The migration outlined in BIP 361 unfolds in three phases. Phase A, starting three years post-activation, will prevent new bitcoin from being sent to old-style, vulnerable addresses, though funds can still be spent. Phase B begins five years after activation, invalidating old signature types like ECDSA and Schnorr, effectively freezing coins in these wallets.
Phase C is a proposed solution under research where zero-knowledge proof could allow holders of frozen wallets to demonstrate ownership without revealing their private key, potentially recovering frozen assets.
This proposal challenges Bitcoin’s core promise of sovereign control over funds. It introduces the concept that this principle may be overridden under extraordinary circumstances like quantum attacks. The community has expressed concerns about this shift from decentralization towards central planning and forced migration.
“The quantum proposal is authoritarian and confiscatory, typical of Lopp,” one X user commented. “There’s no justification for mandatory upgrades or rendering old transactions invalid; upgrades should be entirely voluntary.”
Another user stated, “This smells of central planning with its deadlines, coerced behavior, and forced migration.”
Developers defend the proposal as a necessary defense: “It’s not an offensive move but defensive — our belief is that the Bitcoin ecosystem aims to protect itself from those who would allow malicious actors to destroy value and trust.”