Charles Edwards, founder and CEO of Capriole Investments, still issues his most rigorous warning at Quantum Computing, claiming that Bitcoin must move to an accelerated timeline or existential risk after this decade or to a successful signature. “We’ll need to upgrade Bitcoin to become quantum proof next year. 2026. Otherwise it’s a mess,” Edwards writes to X early Monday, escalating a series of posts claiming “Q-Day is the last decade.”
Can Bitcoin crash to $0?
Edwards’ paper rests on a rapid compression of the resource estimates required to run Shor’s algorithm against Bitcoin’s elliptic curve digital signature (ECDSA/Schnorr in SECP256K1). Pushing back to the skeptics of “Tekura Quantum over 20 years apart,” he argued that “~2,000 logical Qubits” could be enough to beat ECC-256 within the actual time frame, making a credible attack in “2-6 years.” In another exchange, he frankly surrounded the stakes: “Do you want $1 million in Bitcoin in five years, or $0?”
Related readings
Edwards’ timeline closely tracks new research and industry messaging from Pierre Luc Darrele Demars, founder of the Pauli Group, a startup focusing on quantum-resistant money. In a pre-study and public thread in August, Dallaire-Démers and co-authors introduced the ECDLP challenge graded on the Bitcoin curve. Assumption.
Pauli Group has clearly summarized this finding. “The first attack on the 256-bit ECC will happen plausibly between 2027 and 2033,” the company has also been provocatively stated via X: “PQC BTC will be over $1 million by 2030. ECCBTC will not.”
Core risk vectors are established. By revealing the on-chain of public keys or using a legacy format that fully exposes the key, you can use a quantum computer that is powerful enough to run Shor’s algorithm, in principle, to derive a private key quickly enough to steal funds.
Security researchers and industry teams are noting that coins with already exposed keys are still more secure until the coins are still in the first line, while coins are still safe until the hashed (obscure) public keys move. Some analyses estimate that the outstanding non-trivial share of BTC is present in exposed key output, including early “payment” era coins often associated with Satoshi. Edwards leaned against the risk of its tail and insisted that “Satoshi’s coins will be dumped by the market.”
Related readings
Not everyone agrees with clock speed. Some conservative estimates point to millions of error-corrected qubits for practical and fast ECDSA breaks, and the reference agency has published transition guidance implicitly assuming an implicit runway.
In the second half of 2024, materials were distributed in the NIST/PQ ecosystem, sketching the transition away from vulnerable algorithms by about 2035. Many security engineers see niche breakthroughs as realistic for a wide range of IT systems, even if they arrive earlier. The spread between “thousands” and “millions” logical Qubits camps reflects the optimization of accelerated algorithms, different error correction models, and various assumptions about gate speeds and code distances.
In particular, Edwards will receive a message this week at Token 2049 and announce “Double Threat: Quantum & The Treasury Bubble” at 10:45am on Wednesday, October 1st.
At the time of pressing, BTC was traded for $112,150.
Featured images created with dall.e, charts on tradingview.com
