Could Bitcoin survive a quantum attack today without a single change to its code? A new proposal suggests it’s possible, though it comes with a hefty price tag and some serious technical heavy lifting.
As the race toward functional quantum computing accelerates, the Bitcoin community has been bracing for the day when Shor’s algorithm—a quantum process capable of cracking traditional encryption—could theoretically drain wallets. Traditionally, fixing this would require a “soft fork,” or a major update to the Bitcoin protocol. However, Avihu Levy, Chief Product Officer at StarkWare, has unveiled a workaround called Quantum Safe Bitcoin (QSB) that works within the system we have right now.
How Hash-to-Sig Bypasses the Quantum Threat
The core of the QSB proposal involves a clever, if grueling, mathematical pivot. Current Bitcoin transactions rely on ECDSA (Elliptic Curve Digital Signature Algorithm). This is exactly what quantum computers are good at breaking. Levy’s solution replaces the standard signature puzzle with what he calls a “hash-to-sig” puzzle.
Instead of using the math that quantum computers can shortcut, a spender must essentially brute-force a solution. They have to find a specific input that, when hashed, randomly results in an output that looks like a valid ECDSA signature. Because this relies on hashing rather than elliptic curve math, even a massive quantum computer would be forced to use brute force, stripping away its specialized advantage.
The Catch: Why You Won’t Use QSB for Your Morning Coffee
While the tech works on paper, it isn’t exactly user-friendly. StarkWare CEO Eli Ben-Sasson hailed the discovery as “huge,” but the researchers are the first to admit this is a “last-resort measure.” The most immediate hurdle is the cost. Generating a single QSB transaction requires significant GPU power, costing the sender anywhere from $75 to $150 in compute fees alone. Beyond the price, the transactions are “non-standard,” meaning they don’t fit the typical mold of a Bitcoin transfer and wouldn’t be compatible with secondary layers like the Lightning Network. For the average user, this is overkill; for someone moving millions in BTC who fears an imminent quantum breakthrough, it’s a high-priced insurance policy.
Critics also point out that QSB doesn’t solve Bitcoin’s “dormant coin” problem. ESG specialist Daniel Batten noted that roughly 1.7 million BTC are sitting in early P2PK (Pay-to-Public-Key) addresses. Because these public keys are already exposed on the ledger, they remain vulnerable to quantum theft regardless of new transaction methods.
While QSB provides an immediate “escape hatch” for active users, the consensus remains that a protocol-level upgrade is the only sustainable long-term path. Developers like Lightning Labs’ Olaoluwa Osuntokun are also exploring alternative prototypes to help users prove ownership without revealing seed phrases. For now, Bitcoin’s quantum defense is less about a single silver bullet and more about a growing arsenal of experimental shields.
