[DigitalToday reporter Jinju Hong (홍진주)] A warning has emerged that “Q-Day,” when quantum computers can neutralise Bitcoin’s core cryptographic system, could arrive sooner than expected. Some researchers analysed that real attacks could become possible as early as around 2030, and that about 6.9 million bitcoin with exposed public keys could be at risk.

Cryptopolitan, a blockchain media outlet, reported on May 6 that quantum security research firm Project Eleven recently raised the possibility of long-term vulnerabilities in Bitcoin’s cryptographic system, based on results from experiments using quantum hardware.

At the centre of the issue is ECDSA, the elliptic curve public-key cryptography that Bitcoin uses for transaction signatures and proof of ownership. Bitcoin currently protects asset ownership through a public key and private key structure. If quantum computers advance enough, it could become possible to derive private keys from public keys.

Project Eleven explained that a recent controlled experiment produced a case in which a private key was successfully derived based on a public key. The experiment is still far from the 256-bit level used in real Bitcoin environments, but researchers assessed that the direction of advances in quantum computing itself is an important signal.

Project Eleven Chief Executive Alex Pruden (알렉스 프루든) called the result “the largest-scale demonstration disclosed to date.” He said the resources required for this type of attack are continuing to fall, and that barriers to actual execution are also being lowered.

Quantum computers, unlike conventional computers, may be able to solve certain mathematical problems overwhelmingly faster. In particular, cryptographic systems based on elliptic curve discrete logarithms, such as Bitcoin’s ECDSA, have long been flagged as potentially vulnerable to quantum algorithms.

The industry sees the debate as linked to “Mosca’s Inequality.” It holds that if the time needed to transition to quantum-resistant cryptography lags behind the point at which quantum attacks become possible, the system has already entered a risk zone. Standard-setting bodies also see the shift to quantum-resistant cryptography taking years or more, adding to concerns that ecosystem migration may not keep pace with technological progress.

There is also analysis that bitcoin whose public keys are already exposed, or bitcoin that repeatedly uses the same address, could be relatively vulnerable. Project Eleven estimated that about 6.9 million bitcoin could be exposed to risk under conditions where public keys are visible on-chain.

Inside and outside the industry, there has also been continued criticism that bitcoin with already revealed public keys and bitcoin that reuse addresses could be especially vulnerable. A separate study cited by Google in March 2026 also warned that advances in quantum computing could reduce the resources needed to break Bitcoin’s cryptographic assumptions.

Discussion of overhauling the Bitcoin protocol is also drawing attention again. One example is Bitcoin Improvement Proposal (BIP)-361, which is mentioned as aiming to introduce a quantum-resistant signature scheme. Supporters argue that early action is important because Bitcoin’s decentralised structure requires broad consensus and a long transition period. Opponents counter that current quantum hardware is still far from being able to break real 256-bit Bitcoin keys. They say early experimental results should not be overinterpreted.

Ultimately, the key issue is time. Some experts say a significant technology gap remains before Bitcoin’s cryptography actually collapses. Others warn that the preparation window is shrinking faster than expected, citing falling qubit requirements and accelerating research.

Project Eleven also said the outlook should be seen not as a definitive forecast but as a risk-based scenario. Still, the industry is raising the possibility that, regardless of the timing of any real threat, calls will grow again for the Bitcoin ecosystem to fully step up discussions on a quantum-resistant transition.