Google releases the quantum chip Willow, will Quantum Computing destroy Bitcoin?

We don't have to worry about the threat of Quantum Computer to networks like Bitcoin in the short term.

Author: Jeffrey Hu

Will Quantum Computing destroy BTC? This topic, which comes with a pseudoscientific temperament, always sparks widespread discussion /fear, uncertainty and doubt every once in a while. Will Google's new release, Willow, be different this time? We did a minor investigation.

tldr：

• Willow has indeed made significant progress
• But currently BTC users still don't have to worry

If we simplify the BTC protocol, it can be divided into two parts: Mining (based on hash) and Transactions (based on elliptic curve signatures). These two parts are indeed potentially affected by quantum computing: Grover Algorithm and Shor Algorithm.

But currently Willow's 'Computing Power' is far from enough to have an impact on these two parts. To be able to attack BTC hash and signature within a reasonable time, it requires approximately several thousand logical qubits (quantum bits), and depending on the process, several (possibly several thousand) physical qubits are encoded into one logical qubit.

This means that attacking BTC would require approximately millions of physical qubits. And Willow's physical qubits are 105, so there is still a long way to go.

But what if one day the Computing Power is enough? For Mining, the impact is relatively limited. Because the Grover Algorithm only accelerates, rather than reverse cracking the regularity of the hash, a large amount of computation is still needed to find the hash value required for Mining. It can be simply understood as a new powerful Mining machine on the market.

For Address signatures, there are some Addresses that do require caution! This includes the oldest P2PK and the newest P2TR based on Public Key. P2PKH, P2SH, P2WPKH, P2WSH are relatively secure because they are all in hash form. However, it is important to note that reusing these Addresses can expose your Public Key, posing risks.

Can devs do sth? Of course! Bitcoin has been continuously evolving, and in the future, it can introduce, for example, hash-based Lamport signatures. There has been a lot of discussion in the community, for example (although it is used in the context of state applications)

It is also possible to introduce quantum-resistant cryptographic schemes such as lattice-based cryptography. And all of these can be activated through a soft fork.

In addition to developers, good usage habits can also effectively defend against quantum threats. For example, changing the receiving Address each time (one-time-one-secret) instead of reusing the Address (I want to complain about the current 'BTC ecosystem' Wallet every time I mention it). Also, before Quantum Computers can pose sufficient threats, transferring assets to relatively safer SegWitAddress, and so on.

Other networks, such as Ethereum, also have many discussions on post-quantum cryptography. These designs can also be introduced through hard forks.

But ultimately, the emergence of Quantum Computer can affect not only Bitcoin or other cryptocurrencies. TradFi systems, defense systems, confidential communication channels, and many other important areas will be affected.

More about the content of quantum cryptography, strongly recommend listening to this issue of Yi Congzhe's history.

So in conclusion:

• In the short term, we don't have to worry about the threat of Quantum Computer to networks such as Bitcoin.
• But it is also strongly recommended to develop good usage habits and keep track of the progress of quantum technology.

Special thanks to @kurtpan666 for the discussion and insights provided!