Grayscale says bitcoin’s quantum problem is governance, not engineering
The asset manager's research arm argues the technical path to quantum-safe blockchains is clear but reaching consensus on protocol changes, especially what to do with Satoshi's coins, is the real obstacle.
Grayscale says bitcoin’s quantum problem is governance, not engineering
The asset manager’s research arm argues the technical path to quantum-safe blockchains is clear but reaching consensus on protocol changes, especially what to do with Satoshi’s coins, is the real obstacle.
Grayscale is urging faster efforts to make public blockchains quantum-resistant, arguing that technical tools already exist but social consensus on upgrades remains the main obstacle.
New Google Quantum AI research suggests bitcoin’s cryptography could be broken with fewer than 500,000 physical qubits in about nine minutes, raising concerns over roughly 6.9 million BTC whose public keys are already exposed on-chain.
While Grayscale says bitcoin’s design leaves it relatively less vulnerable than other chains, the report highlights contentious choices over how to handle exposed coins and contrasts bitcoin’s debate-heavy culture with Ethereum’s broader but less publicly addressed quantum risks.
The note follows a week of intensive industry response to Google Quantum AI’s paper, which found that breaking bitcoin’s BTC$68,114.12 elliptic curve cryptography would require fewer than 500,000 physical qubits, roughly a 20-fold reduction from previous estimates, and could be executed in approximately nine minutes once the machine is primed.
CoinDesk’s analysis of the paper found that the attack gives an attacker a roughly 41% chance of stealing funds before a bitcoin transaction confirms.
Pandl highlighted four takeaways from the Google research that Grayscale found persuasive. Progress toward a cryptographically relevant quantum computer may come in “discrete jumps” rather than linearly, making timelines unpredictable.
The technical solutions, specifically post-quantum cryptography, are mature and already securing internet traffic and certain blockchain transactions. Quantum risk varies significantly across blockchains depending on their transaction model, consensus mechanism, and block time.
From a pure engineering standpoint, Pandl argued bitcoin has lower quantum risk than other chains because it uses a UTXO model, proof-of-work consensus, no native smart contracts, and certain address types that are not quantum-vulnerable if not reused after spending.
The harder question is what to do about the roughly 6.9 million BTC sitting in wallets where public keys are already permanently exposed on the blockchain, including an estimated 1 million believed to belong to pseudonymous creator Satoshi Nakamoto.
Binance co-founder Changpeng Zhao raised the same question last week, saying that if Satoshi’s coins move during a migration “it means he is still around, which is interesting to know,” and that if they don’t move “it might be better to lock or effectively burn those addresses.”
Grayscale frames the options similarly — burn them, do nothing, or deliberately slow their release by limiting the rate of spending from vulnerable addresses — but noted that the bitcoin community has a history of contentious debates over protocol changes, pointing to last year’s dispute around image data stored in blocks.
The contrast with Ethereum is worth noting.
CoinDesk reported last week that Google’s paper identified five separate attack vectors against Ethereum worth over $100 billion in combined exposure, spanning account keys, admin keys on stablecoins, smart contract code, consensus mechanisms, and data availability.
Ethereum Foundation researcher Justin Drake, who co-authored the Google paper, estimated at least a 10% chance of a quantum key recovery by 2032. The foundation has been staking aggressively, putting $93 million of ether into validators in a single day last week, but has not publicly addressed quantum migration timelines.
Most crypto privacy models weaken as blockchain data grows. Encryption-based models like Zcash strengthen. CoinDesk Research maps the five privacy approaches and examines the widening gap.
Why it matters:
As blockchain adoption scales, the metadata available to machine learning models scales with it. Obfuscation-based privacy approaches are structurally degrading as a result. This report provides a comprehensive comparison of all five major crypto privacy architectures and a framework for evaluating which models remain durable as AI capabilities improve.
For years, the DeFi industry has treated security as a technical problem: something that could be solved with better code. But the Drift incident suggests something far more complex: that the real vulnerabilities may lie outside the codebase altogether.
What to know:
The $270M Drift exploit wasn’t a traditional smart contract hack but a months-long social engineering campaign, signaling a shift in DeFi threats from code vulnerabilities to human targets and intelligence-style operations.
In response, DeFi protocols are rethinking security beyond audits — focusing on operational security, team vulnerabilities, and designing systems…
