A coordinated warning from Citi, Google, and blockchain security firm Project Eleven has sounded the alarm on a looming threat to Bitcoin: quantum computing. Security researchers say nation-state actors and sophisticated hackers are employing a strategy known as “harvest now, decrypt later” (HNDL), essentially stockpiling encrypted blockchain data with the intent to decrypt it once sufficiently powerful quantum computers become operational.
According to Project Eleven’s May 2026 report, “Q-Day” - when quantum computers can break current encryption - could arrive between 2030 and 2033. The deep vulnerability lies in publicly visible keys on Bitcoin’s blockchain, particularly legacy pay-to-public-key addresses and spent UTXOs that expose public keys. Estimates suggest 6.5 to 6.9 million BTC are visible on-chain, representing roughly a third of Bitcoin’s entire supply and valued at approximately $450-$500 billion at current prices.
Google’s March 2026 whitepaper estimated that fewer than 500,000 physical qubits could break Bitcoin’s elliptic curve digital signature algorithm in minutes. Citi’s May 18, 2026 report flagged Bitcoin as more exposed than Ethereum, noting that Ethereum has been advancing post-quantum cryptography (PQC) integration at a faster pace. Project Eleven estimates that migrating Bitcoin to quantum-resistant cryptography could take up to a decade.
Proposed solutions range from optional key migration to more aggressive approaches like recycling vulnerable supply. The US Department of Commerce announced a $2 billion investment in quantum chip foundries in May 2026. Investors should watch for Bitcoin Improvement Proposals (BIPs) addressing quantum resistance and the pace of qubit scaling from Google, IBM, and government-backed programs.