TLDR
- Researcher Giancarlo Lelli broke a 15-bit elliptic curve key using a quantum computer, winning a 1 BTC bounty from Project Eleven
- This is the largest public quantum attack on elliptic curve cryptography to date
- Bitcoin uses 256-bit keys — far larger than the 15-bit key cracked, but the gap is narrowing
- Around 6.9 million BTC in wallets with exposed public keys could be at risk from future quantum attacks
- Experts are divided on timeline — some say years, others say decades before quantum poses a real threat
Independent researcher Giancarlo Lelli has broken a 15-bit elliptic curve cryptographic key using a publicly accessible quantum computer. Project Eleven, a post-quantum security startup, awarded him a 1 BTC bounty — worth over $78,000 — for the achievement.
Project Eleven Awards 1 BTC Q-Day Prize for Largest Quantum Attack on Elliptic Curve Cryptography to Date
Researcher breaks 15-bit ECC key on publicly accessible quantum hardware in a 512x jump from the previous public demonstration.
Project Eleven today awarded the Q-Day…
— Project Eleven (@projecteleven) April 24, 2026
Project Eleven called it the “largest quantum attack” on elliptic curve cryptography ever recorded publicly.
Lelli used a variant of Shor’s algorithm to derive a private key from its public key across a search space of 32,767 possible values. Shor’s algorithm targets the math that secures digital signatures on Bitcoin, Ethereum, and most other blockchains.
Before Lelli’s result, engineer Steve Tippeconnic had broken a 6-bit elliptic curve key in September 2025 using IBM’s 133-qubit quantum computer. Lelli’s 15-bit result extends that by a factor of 512.
Bitcoin uses 256-bit elliptic curve cryptography. That is a large gap from the 15-bit key broken here. But Project Eleven says the gap is “increasingly viewed as an engineering problem and not a fundamental physics problem.”
“The resource requirements for this type of attack keep dropping, and the barrier to running it in practice is dropping with them,” said Alex Pruden, CEO of Project Eleven.
How Much Bitcoin Is at Risk?
Project Eleven estimates that roughly 6.9 million Bitcoin are held in wallets where public keys are visible on-chain. Those wallets could be vulnerable if quantum computers become powerful enough.
Analysts at Bernstein put the figure at around $450 billion in Bitcoin held in older wallet addresses with exposed public keys.
The threat is not immediate. Current quantum systems remain far below the thresholds needed to break real-world cryptography.
A Google Research paper estimated that breaking 256-bit elliptic curve cryptography could require fewer than 500,000 physical qubits. A follow-up paper from the California Institute of Technology and quantum startup Oratomic suggested it could be as low as 10,000 qubits.
What the Industry Is Doing
Bitcoin developers have proposed migration paths to post-quantum cryptography. Ethereum, Tron, StarkWare, and Ripple have also outlined related plans.
Blockstream CEO Adam Back said at Paris Blockchain Week in April that preparation should start now, even if the real threat is decades away. “Quantum computing still has a lot to prove. Current systems are essentially lab experiments,” Back said.
Bernstein has cautioned against overreacting, describing quantum computing as a medium to long-term upgrade cycle rather than an immediate risk.
The Bitcoin community currently puts the preparation window at three to five years, according to Bernstein analysts.
Project Eleven, backed by Castle Island Ventures, Coinbase Ventures, and Variant, raised $20 million in a Series A round earlier this year at a $120 million post-money valuation.
