The computation must survive many error-correction cycles.
Quantum Risk Institute
Shor's Algorithm and Bitcoin
Direct answerNot today
Shor's algorithm is relevant to Bitcoin's signature risk, but today's public quantum computers cannot run it at the scale needed to crack Bitcoin keys.
What Shor's algorithm does
Shor's algorithm is a quantum algorithm that can solve mathematical problems underlying major public-key systems. For RSA it relates to factoring. For elliptic curve systems, including the kind used by Bitcoin signatures, it relates to the discrete logarithm problem.
Why an algorithm is not enough
An algorithm describes a path. Hardware must still execute that path reliably. For Bitcoin-relevant attacks, that means fault-tolerant quantum computing with enough logical qubits, low error rates, and enough circuit depth to complete the computation before errors dominate.
What Bitcoin uses
Bitcoin transactions use digital signatures to prove authorization. When a public key is exposed, a future sufficiently capable quantum computer could in principle attempt to derive the private key from that public key. This is why public key exposure and migration planning matter.
What average people should understand
- Using Bitcoin today does not mean a public quantum computer can steal coins.
- Reusing addresses can increase public-key exposure over time.
- The practical risk depends on future quantum capability and Bitcoin ecosystem migration.
- The issue is about signatures and exposed keys, not a sudden failure of the entire Bitcoin network.
Technology required before it matters
Many reliable logical qubits would be needed.
The attack would require a large number of high-quality operations.
Hardware, control, decoding, and software all need to work together.