Google's Willow Sparks Quantum Panic: Is Bitcoin’s Future in Jeopardy?

Can Bitcoin Survive the Quantum Revolution? Some Believe the Clock Is Ticking

Earlier this week, Ben Sigman and Fred Krueger, the authors behind “The Big Bitcoin Book,” dove deep into a lively X Spaces discussion on quantum computing and its potential impact on Bitcoin’s cryptography. Ian Smith from quantumevm.com also joined the conversation, offering his expertise. The panel explored the theoretical possibility of a quantum computer cracking elliptic curve cryptography (ECC), RSA, or Bitcoin’s SHA256 hash functions, raising thought-provoking questions about the future of blockchain security.

The discussion dove into the technical side of Bitcoin, diving into its different address styles, like Pay-to-Public-Key (P2PK), and how a quantum computer might just break through elliptic curve cryptography (ECC) or SHA256 with Shor’s or Grover’s algorithms. Some folks guessed that these mighty qubit-powered machines could pop up as soon as 2027 or before the clock strikes 2030. Sigman, Krueger, and Smith all seemed to agree, suggesting that the dangers might loom large sooner rather than later. When it comes to Bitcoin addresses, they highlighted that certain types are just naturally more at risk than others.

Bitcoin sports a variety of address types, from P2PK (Pay-to-Public-Key) to P2PKH (Pay-to-Public-Key-Hash), P2SH (Pay-to-Script-Hash), P2WPKH (Pay-to-Witness-Public-Key-Hash), P2WSH (Pay-to-Witness-Script-Hash), and the newer Taproot (P2TR – Pay-to- Taproot). At the X Spaces event, cheekily named “What can Bitcoin do about Quantum attacks?” the speakers pointed out that the legacy addresses, especially those rocking the P2PK format, are more at risk from quantum shenanigans since they flaunt their public keys for all to see.

Shor’s algorithm could enable quantum computers to reverse-engineer a private key from a public key, leaving P2PK addresses at risk. Unlike modern formats, P2PK lacks the additional hashing layers that help safeguard public keys. Although today’s quantum computing is not yet advanced enough to exploit this vulnerability, future developments could spell trouble for older formats. More modern addresses like P2PKH, P2SH, and P2WSH benefit from extra hashing layers, enhancing their protection against such threats. Later that day, Krueger took to X to share highlights from the discussion with his followers.

“Spent 2 hours diving into quantum risk with Ben Sigman. This is real. Watch the space and follow BenSig’s X,” Krueger insisted. “There will be 1 million [qubit] computers before 2030. It’s possible that [ECDSA] will be broken in 10-20 years. There are solutions – but they involve forking Bitcoin and moving coins to unspent quantum-resistant addresses. Side benefit: we flush out or obsolete the Satoshi addresses.”

Not everyone was convinced, with many brushing off the idea that the threat was imminent. Forbes contributor Ansel Lindner chimed in, saying, “Nah. IBM has changed [its] road map to stay at 1000 qubits for many more years to like work on error correction. Google’s claims are methodologically iffy. Wrote about this just today,” Lindner doubled down by sharing a link to his recent article on the topic. Hashcash inventor and Blockstream CEO, Adam Back, jumped into the conversation, responding to Krueger’s post with skepticism. “‘There will be 1 million [qubit] computers before 2030’ I highly doubt that btw,” Back said.

Satoshi: ‘If the Hash Breakdown Came Gradually, We Could Transition to a New Hash in an Orderly Way’

We can also look back to Satoshi Nakamoto’s thoughts on the matter, shared during a 2010 Bitcointalk discussion titled “Dealing with SHA-256 Collisions.” In the conversation, someone posed a straightforward question: “A mathematician friend of mine pointed out that there are very few if any hash protocols that have survived for 10 years or more. What would Bitcoin’s solution be if SHA256 were to be cracked tomorrow?” Nakamoto didn’t hesitate to provide a response.

“SHA-256 is very strong,” Bitcoin’s inventor said at the time. “It’s not like the incremental step from MD5 to SHA1. It can last several decades unless there’s some massive breakthrough attack. If SHA-256 became completely broken, I think we could come to some agreement about what the honest block chain was before the trouble started, lock that in and continue from there with a new hash function.”

Nakamoto continued:

If the hash breakdown came gradually, we could transition to a new hash in an orderly way. The software would be programmed to start using a new hash after a certain block number. Everyone would have to upgrade by that time. The software could save the new hash of all the old blocks to make sure a different block with the same old hash can’t be used.

At the time, the Bitcointalk crew pondered over the unlikely scenario of hash collisions messing with user accounts, while others pondered possible future upgrades, like hopping to the SHA-3 standard. One person pointed out the headache of building a whole new protocol from scratch, but a few enthusiasts pushed for a nifty transition plan that could set the stage for new rules in future blocks, stirring up the conversation the following year sans Satoshi.

‘Shadow of Harbringer’ and the gang acknowledged the far-off threats from quantum computing, yet they were all for taking proactive steps. This old-school chat showcased bitcoin’s enduring design at the time and the community’s readiness to evolve against tech curveballs, keeping the protocol strong against new-age crypto dangers. Fast forward over a decade, and many are thinking: action must be taken now to shield BTC from quantum attacks.

Palihapitiya Describes a ‘2-5 Year Shot-Clock’

During the X Spaces event with Sigman, Krueger, and Smith, a major point of concern was the vulnerability of Satoshi Nakamoto’s older legacy addresses to potential attacks. Nakamoto’s unspent BTC stash is believed to range between 750,000 and 1.2 million coins. If this treasure trove were accessed by the wrong people, the impact on the Bitcoin community would be catastrophic. The discussion also caught the attention of venture capitalist and entrepreneur Chamath Palihapitiya, who speculated that quantum computers might achieve the power to break Bitcoin’s encryption in as little as 2-5 years.

Palihapitiya said he saw Sundar Pichai’s X post about Willow, Google’s new cutting-edge quantum computing chip. “I saw it in my feed, I ended up missing my next meeting because I had to figure out how long will it take for us to crack the encryption standards that we use for Bitcoin,” Palihapitiya remarked. “Here’s the answer, because I was so tilted about this idea, so if you think of Willow as essentially like one stable logical cubit equivalent in a chip, we need about 4,000 to break RSA-2048 and we need about 8,000 to break SHA256 which is the underlying encryption framework for Bitcoin.”

Palihapitiya described the timeline as a “2-5 year shot-clock,” while acknowledging that quantum computing still faces significant challenges that need to be tackled. The question is: Are developers playing a waiting game, holding off until tech gets better to build quantum resistance, or will they scramble to fix things after an attack? The big debate is whether Bitcoin can stand up to the leaps in quantum computing, highlighting the ever-changing dance between tech wizardry and the art of code protection.

While some predict quantum leaps by 2030, others doubt we’ll see such swift strides. One thing’s for sure: Bitcoin’s future might depend on taking action, like moving towards quantum-resistant protocols. If this shift becomes necessary, it could shake up blockchain governance and security, forcing the community to balance the price of new ideas with keeping trust and decentralization intact.

With Google’s Willow chip stirring up excitement, the talk turns to the importance of staying alert in blockchain security. Satoshi Nakamoto’s early wisdom on tweaking Bitcoin for possible crypto dangers still rings true, showing off the protocol’s built-in adaptability. But, the danger to old-school Bitcoin addresses and untouched funds brings up bigger issues about protecting digital wealth.

Whether quantum computing becomes a real bogeyman this decade or not, gearing up for it might just cement Bitcoin’s role as the unshakable foundation of decentralized finance. Following Back’s X statement in Krueger’s X thread, the Hashcash creator also chimed in with a similar retort to the X account Autism Capital, who had shared Palihapitiya’s video. “No you can’t increase entangled qbits by wiring lots of 105 qbits chips,” Back replied. “We are not remotely close to 1m qbit computers this decade or likely next either.”