Bitcoin Prepares for Quantum Threats: What Is BIP-360 and Why It Matters
If sufficiently powerful quantum computers ever emerge, they could break certain Bitcoin addresses—especially older ones. The new proposal BIP-360 offers a way to reduce this risk without breaking the system itself. It’s like replacing door locks before lockpicks exist.
Why Are Quantum Computers a Problem for Bitcoin?
Bitcoin is secured by mathematics: to spend coins, you need the private key—a secret code. The public key (like a mailbox) is visible on the blockchain, but without the private key, it’s useless. Classical computers cannot derive the private key from the public key—it would take billions of years.
But quantum computers, if they become powerful enough, could do this quickly. Addresses where the public key has already been published are especially vulnerable—for example, during the first transaction from that address. Estimates vary, but over one million BTC—including early coins mined by Satoshi—could be at risk.
It’s important to understand: this isn’t about Bitcoin “collapsing tomorrow.” It’s about the community preparing proactively for a potential threat—like building flood defenses before the flood arrives.
How Does BIP-360 Work?
BIP-360 is a technical protocol improvement proposal. It introduces a new address type called P2MR (Pay-to-Merkle-Root). The idea is simple: never reveal the public key—not even when spending coins.
Currently, Bitcoin offers two ways to spend funds:
- The key path—fast and cheap, but publishes the public key.
- The script path—more flexible (e.g., adding conditions like “only after one year”), but more expensive and complex.
P2MR eliminates the first option entirely. All transactions go through scripts, keeping the public key hidden. This reduces the risk of attacks where an adversary waits years for a quantum computer to appear and crack a known key.
Pros and Cons of the New Approach
Advantages:
- Significantly lower risk of long-term quantum attacks.
- Preserves flexibility: supports multisig, time-locks, and other advanced use cases.
- Requires no full network overhaul—compatible with the existing architecture.
Disadvantages:
- Transactions become larger—and therefore more expensive.
- Wallets and exchanges must update their software.
- Users must manually move funds to new addresses—there is no automatic migration.
Additionally, BIP-360 does not protect against attacks where the key is exposed only briefly (e.g., while a transaction sits in the mempool). Addressing those requires entirely different solutions—so-called post-quantum cryptographic algorithms, which are not yet ready for deployment in Bitcoin.
Key Takeaways
- BIP-360 is not a silver bullet, but an intermediate step toward quantum resistance.
- It protects only new addresses created after implementation.
- Legacy UTXOs (especially early BTC) remain vulnerable.
- Adoption will take years—as was the case with SegWit and Taproot.
- The proposal is already under discussion among developers, but has not yet been approved.
What This Means for Everyday Users
If you hold Bitcoin on an older address (especially one that has already made a transaction), consider moving your coins to a more modern wallet over time. New addresses based on BIP-360 will be safer in the long term—even if quantum computers arrive 10–15 years from now.
For now, no action is needed: the threat remains hypothetical. But the fact that the community is already working on safeguards is a strong signal. It shows Bitcoin can adapt—without compromising its core principles.
— Editorial Team