Written by: Coach Liu

Upon waking up, BTC has once again fallen back to the 6-digit range.

Recently, Google dropped a bombshell: set 2029 as the deadline for quantum resistance migration. As soon as the news broke, various media rushed to report, and the Bitcoin community was in an uproar. After all, according to this timeline, Bitcoin has less than 3 years left, while over 6 million Bitcoins sitting in the network could potentially be "harvested" by quantum computers at any moment.

Does it sound scary?

But as someone who has been in the industry for many years, the first reaction of the blockchain community upon seeing such news is: here we go again...

Every few years, quantum computing comes out to make a splash, with the same formula and familiar flavor each time. Only this time, the mastermind has switched from academic institutions to tech giant Google, so the intimidation factor is naturally different.

Let's calm down first and see what Google actually said. Google announced that it plans to complete its own quantum resistance migration before 2029, with the reason being that advancements in quantum computing are "possibly closer than they seem." This statement itself is not problematic; as a tech giant, it should be prepared for the future. The problem is that many people directly interpret Google's internal migration plan as saying that quantum computers will threaten Bitcoin before 2029.

It’s like saying your neighbor is stockpiling food for war doesn’t mean that war is coming tomorrow.

In fact, Google's statement clearly mentions: 2029 is Google's own migration deadline, not a prediction that quantum computers will break encryption algorithms. There is a vast difference between the two. But the media needs a breaking point, and readers need panic, so the "Google Quantum Threat 2029 Countdown" was fabricated.

So when will quantum computers actually threaten Bitcoin? Let's see what truly knowledgeable people say.

a16z crypto recently published a lengthy article that detailed the timeline of the quantum threat. The article clearly states: the likelihood of a fault-tolerant quantum computer (CRQC) capable of breaking secp256k1 or RSA-2048 emerging within 5 years is extremely low. Current quantum hardware is still several orders of magnitude away from the requirements in terms of the number of physical qubits, gate fidelity, connectivity, and the depth of error correction circuits.

In other words, worrying about quantum computers breaking Bitcoin now is like worrying about being abducted by aliens—it's theoretically possible, but the reality is the probability is extremely low.

Adam Back, a cryptographer quoted by Satoshi Nakamoto in the white paper, has expressed similar views. He believes that it "will likely take several decades" for quantum computing to reach a level relevant to cryptography. Note that this means several decades, not three to five years. Michael Saylor is even more direct: Bitcoin's quantum-resistant upgrades must be very, very cautious, and upgrades should only happen when consensus is reached that quantum threats are present.

Interestingly, those who truly understand technology are cautious, while those most eager to hype the quantum threat are often media outlets with little technical understanding and some people with ulterior motives—such as those selling so-called "quantum-resistant coins."

The blockchain community specifically wrote an article last June titled "Beware of Quantum Scams." The article mentioned a key fact: the currently NIST-standardized quantum-resistant algorithms often have signature sizes of several KB or even tens of KB, while the ECDSA signature currently used by Bitcoin is only 64 bytes. The size difference is hundreds to thousands of times; what does this mean? It means that if you switch to these "quantum-resistant coins," transaction fees will skyrocket, node storage costs will soar, and decentralization will be severely weakened.

Satoshi Nakamoto said 15 years ago: why use ECC instead of RSA for Bitcoin? Because RSA has a signature size "that is an order of magnitude larger, which is impractical." If Satoshi saw today’s signature sizes of quantum-resistant algorithms, he would probably throw them in the trash.

Some may ask: does this mean Bitcoin doesn't need to deal with quantum threats? Of course not. The blockchain community emphasizes repeatedly that the quantum threat is a real long-term risk, and we need to prepare, but there is no need for panic selling.

The Bitcoin community has actually started preparing a long time ago. The Taproot upgrade activated in 2021 paved the way for future changes to the signature algorithm. BIP 360 also introduced a quantum-resistant address format called Pay-to-Merkle-Root. The community is steadily advancing related work.

However, for ordinary users, there are now some simple actions they can take to protect themselves. The blockchain community has summarized several key points in the "Practical Guide to Preventing Quantum Computing Threats":

First, stock Bitcoin only using P2PKH addresses (starting with 1) or P2WPKH addresses (starting with bc1q), rather than P2PK addresses (starting with 04) or P2TR addresses (starting with bc1p). The reason is simple: P2PKH and P2WPKH addresses store the hashes of public keys, leaving the public keys themselves undisclosed; while P2PK and P2TR addresses expose public keys directly. If quantum computers can crack ECDSA, the Bitcoins in these addresses will be at risk.

Second, avoid address reuse. Each address should only be used once. If you need to spend Bitcoins from a certain address, transfer all of them at once, clear the address, and never use it again. The benefit of this method is that even if practical quantum computing emerges in the future, the time window in which your public key is exposed is very short.

Third, do not wait until the last day to take action. If everyone waits until quantum computers actually appear before starting to migrate, on-chain fees will soar. It is wise to prepare in advance while the network is not congested.

Here, the blockchain community wants to emphasize one point: those so-called "quantum threat timelines" often overlook a key detail— the hash shell of Bitcoin addresses. As Satoshi Nakamoto said in 2010: "To make Bitcoin addresses shorter, they use the hash of the public key instead of the public key itself. Therefore, the security of transactions sent to Bitcoin addresses only relies on the security of the hash."

Hash functions have inherent resistance to quantum computing. Grover's algorithm can only improve the attack power against hashes by a square order of magnitude—for example, reducing the difficulty of attacking SHA-256 from 2^256 to 2^128, which is still an astronomical number. So, as long as you use P2PKH or P2WPKH addresses and have not exposed your public key, your Bitcoins remain safe against quantum computers.

Finally, the blockchain community wants to say that every time the quantum panic strikes, there are always people who jump out to claim Bitcoin will go to zero, then recommend that you buy gold. But these people never tell you that the threats facing gold are much greater than those facing Bitcoin. Just in our solar system, within the asteroid belt between Mars and Jupiter, there is a rock called 16 Psyche, which is estimated to contain hundreds of billions of tons of gold. Humanity has only mined a little over 200,000 tons of gold from the Earth over the past several thousand years. Do you think quantum computers will arrive first, or will humanity first have the capability to mine gold from asteroids?

Moreover, gold is dead, while Bitcoin is alive. Bitcoin can upgrade its code; what can gold upgrade?

Thus, facing the quantum threat, the blockchain community's stance is clear: stay informed but do not panic. Stock what needs to be stocked, prepare what needs to be prepared, but do not use this long-term, low-probability risk as a reason to cut losses today.

Google can complete its migration by 2029 because it controls its own system. Bitcoin cannot, because it is decentralized. But it is precisely this "slowness" that gives us greater security—because the real threat has not yet arrived, and we still have ample time to prepare.

When the day comes that quantum computing truly approaches, the Bitcoin community will naturally respond. And for now, instead of being led by the nose by these anxiety-driven marketing claims, it is better to calm down, take a good look at the Bitcoin you have, and think about how to hold it the right way.

After all, in order to survive in the market, the most important thing is not to run faster than the bears, but to not be scared to death by oneself.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。