I recently came across an in-depth discussion about the threat of quantum computers to Bitcoin and found that experts' opinions actually vary quite a bit.

One camp believes this is a real threat. Once quantum computers mature, running Shor's algorithm could crack ECDSA encryption, meaning if an attacker gains your public key, they can derive the private key to forge signatures. That sounds pretty scary. But another group, like Brandon Black and James O'Beirne, are more calm, believing there’s no evidence that humans can actually build quantum computers with cryptographic significance. The so-called "quantum breakthroughs" in the past have not materialized. However, physicists like Scott Aaronson warn that quantum computers could appear within ten years, creating a huge divide in the community about the urgency.

Fortunately, the Bitcoin community is not sitting idly. Hunter Beast introduced BIP 360, a highly regarded technical proposal, which is quite clever. It allows users to pre-submit post-quantum encrypted script paths without changing the existing elliptic curve cryptography foundation, effectively leaving room for future technological migration. There’s also progress on BIP 54’s consensus cleanup. The current problem is that post-quantum algorithms that fully replace secp256k1 have not yet emerged, and post-quantum signatures typically produce data sizes 100 times larger than traditional signatures, with verification costs 10 times higher. But these technological developments are generally seen as necessary insurance for Bitcoin. Even if the quantum threat ultimately proves to be science fiction, these studies have long-term value in preventing the degradation of traditional cryptography.

Another core issue is what to do about Satoshi Nakamoto’s 1.1 million bitcoins. According to statistics, about 6.9 million bitcoins are currently exposed to risk, accounting for 35% of the total supply, mainly those using old P2PK formats or reused addresses, where the public key is directly exposed. The community has different opinions on this: some insist that property rights must not be infringed, and that arbitrarily modifying the protocol to restrict certain addresses would break Bitcoin’s social contract; others advocate for hard forks or freezing to prevent quantum attackers from dumping large amounts at once and causing market crashes. Clara Shiklman proposed a moderate "Hourglass Plan," limiting each block to transfer only small amounts of Bitcoin, forcing funds to flow out gradually. Interestingly, although some quantum computing companies see Satoshi’s coins as potential profit targets, the community consensus still seems to favor respecting the original rules, letting the market decide the value after forks.

From a risk management perspective, Bitcoin actually has a natural protective barrier. Brandon Black pointed out that even if quantum computers do emerge, the initial operational costs would be prohibitively high, with cracking a single private key potentially costing over $50,000. This means small addresses will remain absolutely secure for a long time, and early quantum attacks would only target exchanges or large institutions with huge assets. As institutional investors like BlackRock enter Bitcoin governance, the role of risk managers becomes increasingly important. For these large entities, Bitcoin’s core value lies in its immutability. Short-term FUD might suppress prices, but this pressure also drives Bitcoin’s technological evolution. The true future depends on evidence-based and rational approaches, activating appropriate defenses at the right time, allowing holders to transition smoothly.