Whalesbook
The Shift from Theory to Present Reality
Recent advancements in quantum hardware, including major breakthroughs reported by Google Quantum AI in early 2026, have dramatically compressed the timeline for cryptographically relevant quantum computers (CRQCs). While early estimates once projected the need for tens of millions of physical qubits to compromise the Elliptic Curve Digital Signature Algorithm (ECDSA) securing Bitcoin, updated models suggest as few as 500,000 physical qubits could suffice. This acceleration has shifted the narrative from a distant, academic concern to a present-day operational risk.
The Anatomy of the HNDL Strategy
Unlike an active hack, the 'harvest now, decrypt later' (HNDL) approach is passive and silent. State-sponsored actors and sophisticated adversaries are currently capturing vast amounts of encrypted blockchain traffic, specifically targeting transaction signatures and public keys. By stockpiling this data, attackers aim to bypass the need for an immediate breakthrough, waiting instead for the moment when a CRQC can perform the modular exponentiation required by Shor’s algorithm to derive private keys from public ones. This strategy renders current encryption useless for long-term data security, creating an existential challenge for assets deemed 'quantum-exposed,' which include millions of coins in legacy addresses that cannot be migrated.
The Governance and Engineering Bottleneck
Bitcoin’s decentralized nature presents a unique hurdle for cryptographic agility compared to centralized financial institutions that are already deploying NIST-finalized post-quantum standards. While proposals such as BIP-360 and BIP-361 outline potential pathways—including the adoption of lattice-based signature schemes like Dilithium and the forced migration of legacy addresses—they remain in the proposal stage. These upgrades involve significant technical trade-offs, such as increased signature sizes that could bloat the blockchain and reduce network throughput. The community is caught in a difficult balance: implementing radical protocol changes risks the immutability and stability that define Bitcoin, yet waiting too long risks leaving a significant portion of the circulating supply vulnerable to future decryption.
Structural Vulnerabilities and Risks
Beyond the protocol level, the primary risk lies in the uneven distribution of security across the ecosystem. Assets held in older address formats, such as P2PK and P2SH, are inherently more vulnerable than those utilizing newer Native SegWit or Taproot structures, which incorporate better forward-security properties. Custodians and exchanges, which act as central repositories for vast amounts of signing traffic, are arguably the most attractive targets for HNDL campaigns. If these entities do not aggressively modernize their infrastructure and enforce quantum-resistant address usage, they risk becoming the weak link in the chain, potentially exposing institutional-grade holdings to retroactive theft when the quantum era arrives.