Main Points :
- Crypto-pioneer Adam Back asserts that Bitcoin (BTC) will face no meaningful threat from quantum computing for at least 20-40 years.
- The U.S. National Institute of Standards and Technology (NIST) has already finalised post-quantum cryptography (PQC) standards that can be adopted by Bitcoin or its ecosystem.
- Current quantum-computing hardware remains far from being able to break Bitcoin’s cryptographic foundation (SHA-256 and ECDSA) in any practical timeframe.
- The so-called “harvest now, decrypt later” threat remains real: adversaries may collect encrypted public-key data today to decrypt when quantum computers become capable.
- For investors and builders of blockchain systems, this means quantum risk is a long-term tail risk rather than an immediate crisis—but active migration strategies and monitoring remain prudent.
1. Back’s 20-40 Year Assessment: A Deep Dive
In a recent exchange posted 15 November 2025 on X (formerly Twitter), Adam Back responded to a user asking whether Bitcoin is at risk from quantum computing. He wrote: “Probably not for 20-40 years, if then. And there are quantum-secure signatures, NIST-standardised SLH-DSA last year. Bitcoin can add over time … long before cryptographically relevant quantum computers arrive.”
Back is the cryptographer credited in the Bitcoin white paper and currently the CEO of Blockstream. His position fundamentally contrasts with more alarmist views, such as those by Chamath Palihapitiya who suggested quantum threats to Bitcoin may arise within 2-5 years.
Why does Back set the horizon at 20-40 years? First, he emphasises the current state of quantum-computing hardware: although systems with thousands of physical qubits exist (for example a 6,100-qubit neutral-atom system at Caltech), they are nowhere near the level of error correction and logical qubit maturity required to run algorithms such as Shor’s algorithm to break SHA-256 or ECDSA.
Second, Back notes that the cryptographic ecosystem is not standing still: PQC standards exist now, and Bitcoin (or other layers) can integrate them ahead of threat arrival. Hence, for the Bitcoin investor or infrastructure builder, the takeaway is that the risk window is long and manageable.
2. Post-Quantum Cryptography: Standards Are Here
The NIST has completed an eight-year standardisation process for post-quantum cryptographic algorithms. In August 2024 it announced three FIPS (Federal Information Processing Standards) covering module-lattice key-encapsulation, digital signatures and stateless hash-based signatures.
These standards mean that systems today can implement cryptographic schemes resistant to both classical and quantum computers. For the blockchain world, this provides a foundation for quantum readiness: signature schemes can be upgraded, and protocols can plan migration paths.
What does this mean for Bitcoin specifically? It means that although Bitcoin uses ECDSA (Elliptic Curve Digital Signature Algorithm) and SHA-256 as core pieces of its security, a transition path exists. Some of the research argues Bitcoin’s upgrade to PQC will require careful coordination (see section 4).
For readers seeking new crypto assets or building blockchain applications, this context suggests that projects which adopt PQC early—or design systems with quantum-resilience in mind—may offer differentiated security value in the long term.
3. The Current State of Quantum Hardware
Although headlines often assert quantum computers will imminently break Bitcoin, the detailed technical picture remains conservative. For example:
- The Caltech neutral-atom machine with ~6,100 physical qubits is incapable of breaking RSA-2048 or Bitcoin’s ECDSA, because the estimate of ~4,000 logical qubits assumes perfect qubits (no noise) and no error correction overhead.
- At the same time, trapped-ion systems such as Quantinuum’s Helios have fewer than 100 physical qubits (98), functioning as ~48 error-corrected logical qubits.
- Gate-based systems such as Atom Computing recently hit ~1,180 physical qubits—an important technical milestone—but still far short of thousands of logical qubits required to compromise Bitcoin security primitives.
In short: while quantum computing research is vibrant and advancing, a “cryptographically relevant quantum computer” (CRQC) capable of breaking Bitcoin is still a multi-decade projection. This aligns with Back’s 20-40 year horizon.
4. Migration Challenges and the Harvest-Now, Decrypt-Later Threat
Long before quantum computers are operational at scale, infrastructure must prepare. One concept that has gained attention is the “harvest now, decrypt later” (HNDL) scenario: adversaries collect encrypted data or public-key information now, store it, and decrypt when quantum computing becomes available.
For Bitcoin, the vulnerability lies largely in addresses whose public key has been revealed (for example those spent, reused addresses or certain old formats). A protocol upgrade to PQC would ideally migrate funds to quantum-resistant addresses before a quantum threat becomes material.
However, the actual migration is non-trivial. Research (arXiv paper in 2024) outlines key challenges:
- The choice of post-quantum signature scheme matters (e.g., CRYSTALS-Dilithium, FALCON, SPHINCS+). These schemes tend to produce signatures significantly larger than ECDSA (for example FALCON signatures may be ~10× longer).
- A full migration of all UTXOs (unspent transaction outputs) to a new signature scheme would take substantial time—potentially months—and likely reduce throughput (fewer transactions per block) during migration.
- Consensus among miners, node operators and users would be required for any major fork or upgrade. Historically, even upgrades that seemed less dramatic have been contentious in the Bitcoin community.
From an investor or builder perspective, understanding this migration path matters: if a high-value token or protocol lacks a clear roadmap for PQC, it may carry latent long-term risk.
5. Implications for Crypto Investors, Asset Builders and Blockchain Use-Cases
A. For investors seeking new crypto assets
Knowing that quantum risk is not imminent (20-40 years, per Back) may reduce panic-selling among HODLers. At the same time, investing in projects that emphasise quantum-resilience or transition strategies may offer a margin of safety over time. Early-stage platforms that advertise PQC readiness (or hybrid cryptography) may become differentiated assets in a decade.
B. For blockchain infrastructure and developers
Given your interest in practical blockchain applications, the quantum horizon suggests that your design choices today can be forward-compatible:
- Design wallets and key management that can support signature-scheme upgrades (e.g., ability to migrate from ECDSA to a lattice-based scheme later).
- Monitor protocol changes, such as Bitcoin Improvement Proposals (BIPs) or alt-chain upgrades that include PQC support.
- Consider hybrid cryptography: employing classical signatures now and preparing for PQC later as NIST standards mature.
C. For asset defence strategies and token projects
Since one of your interests is asset defence strategies and bridging traditional finance and blockchain, the quantum context adds another layer: an asset or token with cryptographic brittleness could become a hidden liability decades later. Ensuring that token issuance, wallets and custody support key rotation, safe migration and quantum-resistance may enhance long-term durability and trust.
D. For new income opportunities and blockchain use-cases
Projects that offer quantum-secure services (e.g., quantum-safe custody, wallets, or sign-on chaining) may become niche opportunities as the field matures. While the timeline is long, early awareness can position you ahead.
6. The Missing Pieces & Risks
While the outlook is optimistic (or at least more relaxed) compared to near-term alarmism, some risks remain:
- If quantum-computing progress accelerates faster than expected (i.e., a breakthrough produces a CRQC earlier than mid-2030s), then the timeline could compress. Some reports still estimate 10-15 years.
- Coordination risk: even if PQC standards exist, achieving consensus and implementation in decentralised networks like Bitcoin can be slow. A delayed upgrade could leave a vulnerability window.
- Legacy exposures: coins held in older addresses (public key already revealed) or reused addresses may face higher vulnerability. Some analysts recommend moving funds out of those addresses.
- Perception and market trust: even the fear of quantum risk may affect sentiment, especially for long-term holders or institutions managing large positions. The move to upgrade may be as much about signalling as about technology.
From your perspective of designing and auditing token systems, it means integrating quantum-risk assessment into your overall risk framework is advisable—even if the probability is low in the near term.
Conclusion
For the crypto community, the quantum-computing narrative has often sounded like a far-off science-fiction scenario or a looming “apocalypse” for blockchain security. But according to Adam Back’s assessment—and backed by current NIST progress and quantum-hardware realities—the threat to Bitcoin is not imminent. In his view, Bitcoin is unlikely to face a meaningful quantum threat for 20-40 years.
That does not mean quantum risk should be ignored. Rather, it means that your timeframe for action can be rational, strategic and forward-looking instead of panic-driven. As an investor looking for new crypto assets, as a blockchain developer or asset-defence strategist, the quantum context adds a layer of future-proofing: projects that bake in quantum-resilient design now may offer longer-term upside and durability.
In summary:
- The “clock” for a quantum threat to Bitcoin is long but ticking.
- PQC standards exist today, giving pathways for migration.
- Quantum-resilience is an investible axis and a design axis for token systems.
- Incorporating quantum-risk into your strategic thinking now sets you apart from those who treat it as a distant abstract.
As you explore new assets, develop blockchain solutions (such as your non-custodial wallet ‘dzilla Wallet’), or prepare audit frameworks for VASPs and token issuance, framing quantum-resilience as part of your architecture may become a competitive advantage.
