Question 1

When will quantum computers be able to break Bitcoin encryption?

Accepted Answer

Based on Webber et al. (2022), breaking the ECC-256 used in Bitcoin requires approximately 2,330 fault-tolerant logical qubits running Shor's algorithm. With a moderate quantum hardware progress scenario (logical qubit count doubling every 20 months from a 2024 baseline), this threshold is reached around 2039. Aggressive scenarios — driven by nation-state investment or algorithmic breakthroughs — compress the timeline to roughly 2033. Conservative estimates push it to the mid-2040s. No quantum computer today comes close to this capability.

Question 2

How many qubits does it take to break Bitcoin or Ethereum?

Accepted Answer

Approximately 2,330 fault-tolerant logical qubits are required to run Shor's algorithm against the secp256k1 elliptic curve used by both Bitcoin and Ethereum. At current surface code error-correction overhead (roughly 1,000 physical qubits per logical qubit), this translates to around 2.3 million physical qubits operating at low error rates. The best quantum processors today have fewer than 1,200 physical qubits with error rates orders of magnitude too high for this task.

Question 3

What is "harvest now, decrypt later"?

Accepted Answer

Harvest now, decrypt later (HNDL) is an attack strategy in which adversaries collect and store encrypted data or exposed public keys today — before they have the quantum computing power to break the encryption — and decrypt it once a cryptographically relevant quantum computer is available. For blockchain specifically, any transaction that exposes a public key on-chain is permanently recorded and can be attacked retroactively. This makes the quantum threat a present-day risk even though the actual attack lies years away.

Question 4

Are Bitcoin and Ethereum wallets vulnerable to quantum attacks right now?

Accepted Answer

No — current quantum hardware is not capable of breaking ECC-256 cryptography. The immediate risk is low. However, wallets that reuse addresses, or addresses that have previously spent funds (making the public key visible on-chain), are vulnerable to future quantum attacks once the hardware threshold is reached. New-address-per-transaction wallets reduce exposure, but do not eliminate the harvest-now risk for historical transactions. Both Bitcoin and Ethereum have discussed post-quantum migration but have not implemented it.

Question 5

What is the difference between physical and logical qubits?

Accepted Answer

Physical qubits are the raw hardware components — superconducting circuits, trapped ions, or photonic elements — that store and process quantum information. Because physical qubits are noisy and error-prone, multiple physical qubits must be combined using quantum error correction to create a single reliable logical qubit. Current state-of-the-art error correction (surface codes) requires approximately 1,000 physical qubits per logical qubit. Breaking ECC-256 needs 2,330 logical qubits, implying roughly 2.3 million high-quality physical qubits — far beyond any current system.

Question 6

What is post-quantum cryptography?

Accepted Answer

Post-quantum cryptography (PQC) refers to cryptographic algorithms designed to resist attacks from both classical and quantum computers. In 2024, NIST finalized its first PQC standards: CRYSTALS-Kyber (ML-KEM) for key encapsulation and CRYSTALS-Dilithium (ML-DSA), FALCON, and SPHINCS+ for digital signatures. These rely on mathematical problems — lattice problems, hash functions, and code-based problems — believed to be hard even for large-scale quantum computers. NIST recommends organizations begin migrating to these standards now.

Question 7

Will quantum computers break AES-256 encryption?

Accepted Answer

Not in the way they break asymmetric encryption. Grover's algorithm can search an unsorted database quadratically faster than classical computers, which effectively halves the bit security of symmetric ciphers. AES-256 drops to 128-bit equivalent security — which remains computationally infeasible to brute-force even with large quantum hardware. AES-128, however, would be rendered marginal. The standard recommendation for post-quantum symmetric security is to use AES-256 for data that must remain secret long-term.

Question 8

How accurate is this quantum threat timeline calculator?

Accepted Answer

This calculator provides indicative planning ranges based on published research. It uses logical qubit requirements from Webber et al. (2022), a conservative 2024 baseline of 5 fault-tolerant logical qubits, and a simple exponential doubling model for three progress scenarios. Real quantum hardware progress is non-linear: it may be slower due to engineering plateaus, or faster due to algorithmic improvements to Shor's algorithm or new error correction codes. Treat all outputs as risk-management inputs for planning purposes, not precise predictions.

Question 9

When should organizations start migrating to post-quantum cryptography?

Accepted Answer

NIST and CISA both recommend starting post-quantum migration planning immediately. The process typically takes 5–10 years for large organizations — encompassing cryptographic inventory, algorithm selection, key management updates, and legacy system upgrades. Organizations handling data with a long confidentiality horizon (government, healthcare, financial records) face the highest urgency due to harvest-now-decrypt-later exposure. The window between 'quantum computers are coming' and 'quantum computers are here' will be shorter than most organizations' migration timelines.

Question 10

How does QuanChain protect against quantum attacks?

Accepted Answer

QuanChain's TADEQS (Transcendent Adapting Dynamic Efficients Quantum Secure) system ensures no public key is ever exposed on-chain. Every time funds are spent, SpendAndRotate atomically rotates to a new key pair — leaving no quantum-crackable surface. This makes harvest-now-decrypt-later attacks structurally impossible on QuanChain: there is no historical public key to harvest. TADEQS operates across 20 security levels that scale automatically with real-time quantum threat data monitored by the Quantum Oracle, providing protection that strengthens as quantum hardware advances.

Quantum Threat Timeline Calculator

Harvest Now, Decrypt Later

Understanding the Quantum Threat to Cryptography

Why asymmetric encryption is uniquely vulnerable

The gap between physical and logical qubits

Why the threat is already active

What the model in this calculator assumes

Frequently Asked Questions

QuanChain eliminates this threat permanently