Quantum Risk Institute
Methodology
The Bitcoin Quantum Index is a public evidence index. It rewards verifiable cryptographic capability, not headlines, market excitement, or raw physical-qubit counts.
What we measure
- Reliable logical qubits, not just physical qubit announcements.
- Logical error rates and the ability to maintain long computations.
- Maximum logical circuit depth.
- Largest public RSA key factored with a quantum method.
- Largest public ECC key broken with a quantum method.
- Public progress toward Shor's algorithm at cryptographic scale.
- Government, browser, cloud, HSM, and blockchain post-quantum migration status.
How the score should be read
A score of 12 does not mean Bitcoin is 12% broken. It means public capability sits just above the earliest logical-qubit and error-correction demonstration zone, while still far below Bitcoin-relevant cryptanalysis.
The scale is deliberately milestone-based because quantum progress is not linear. A jump from 10 to 20 is not the same engineering distance as a jump from 80 to 90.
Evidence policy
We prefer primary sources, reproducible research, standards documents, and public technical disclosures. Vendor announcements can matter, but only when they identify the cryptographic relevance of the result.
Related QRI pages
White paper
The full 0-100 capability model.
Sources
The source library behind QRI.
Editorial policy
How we avoid hype.
Sources and further reading
- Global Risk Institute - Quantum Threat Timeline Report 2025
- NIST CSRC - Post-Quantum Cryptography project
- NIST NCCoE - Migration to post-quantum cryptography
- CISA - Quantum-readiness migration to post-quantum cryptography
QRI content is educational research commentary, not financial advice, legal advice, or a prediction.
QRI analysis notes
Methodology should be read as part of a broader risk model, not as an isolated prediction. QRI separates three questions: what has been publicly demonstrated, what would be required for cryptographic relevance, and how long migration would take for systems that depend on vulnerable public-key cryptography.
The current public evidence still supports a low near-term Bitcoin threat level. At the same time, the 2025 expert timeline discussion, post-quantum standards activity, and harvest-now-decrypt-later risk all point to the same planning lesson: organizations should use the quiet period to inventory cryptography, understand data shelf life, and reduce future migration pressure.
How QRI reviews this topic
For this page, QRI looks for primary-source support, clear language, internal consistency with the 0-100 Quantum Threat Level, and explicit separation between Bitcoin-specific risk and broader public-key infrastructure risk. A page does not earn trust by sounding certain. It earns trust by explaining what is known, what is unknown, and what evidence would change the conclusion.
Readers should treat this page as educational research commentary. It is not financial advice, legal advice, or a prediction that a specific quantum computer will arrive by a specific date. The right operational response is proportional readiness: monitor credible evidence, follow standards, and prepare migration paths before urgency becomes expensive.