Bitcoin Can Be Quantum-Safe Without Protocol Upgrade
By Daniel Francis
Editor CoinSpeaker Editorial Team
Updated
3 mins read
StarkWare chief product officer Avihu Levy has proposed a crypto scheme that he claims would render Bitcoin transactions quantum computing-safe today – without requiring a soft fork, a hard fork, or any modification to the existing protocol.
Published Thursday on GitHub, the Quantum Safe Bitcoin (QSB) proposal operates entirely within Bitcoin’s legacy script constraints and is designed to remain secure, Levy argues, even against an adversary running Shor’s algorithm on a large-scale quantum computer.
The catch is substantial: each transaction would cost the sender between $75 and $150 in GPU compute, making the scheme impractical for routine use and limiting its relevance, at least initially, to large-value transfers.
Quantum-Safe Bitcoin Transactions Without Softforkshttps://t.co/1lx5waX9VV pic.twitter.com/Ni7pA6dEsC
— Avihu Levy ✨🐺 (@avihu28) April 9, 2026
DISCOVER: Best crypto to buy right now – CoinSpeaker’s updated guide
Bitcoin’s current signature scheme – the elliptic curve digital signature algorithm, or ECDSA – derives its security from the computational hardness of the elliptic curve discrete logarithm problem. That hardness does not hold against a sufficiently powerful quantum computer running Shor’s algorithm, which can solve the problem in polynomial time.
As recent research from Google Quantum AI has made increasingly concrete, the hardware threshold for executing such an attack may be closer than previously modeled – with estimates suggesting ECDLP-256 could be broken using roughly 500,000 physical qubits, a 20-fold compression from prior projections.
Levy’s proposal sidesteps ECDSA entirely by replacing the proof-of-work signature-size puzzle with what he terms a hash-to-sig puzzle.
Rather than proving knowledge of a private key through elliptic curve math, the spender must find an input whose hash output randomly resembles a valid ECDSA signature – a brute-force search task that offers no shortcut to quantum computing algorithms. The security model, in other words, shifts from a mathematical structure that Shor’s algorithm can exploit to hash preimage resistance, which it cannot.
Far more computing power is required for QSB. Source: GitHub
The key implication: QSB does not patch ECDSA – it replaces the cryptographic assumption underlying the spending condition, while leaving Bitcoin’s transaction format, consensus rules, and script engine untouched.
Levy’s proposal, which has not been peer-reviewed or formally published through an academic venue at time of writing, outlines a transaction construction that encodes the hash-to-sig puzzle within existing Bitcoin script primitives. No new opcodes are required.
No miner coordination is needed. From the network’s perspective, a QSB transaction is indistinguishable from a legacy transaction – it simply spends an output using a scriptSig that satisfies an unusually constructed scriptPubKey.
The computational burden falls entirely on the sender. Finding a hash preimage that mimics a valid ECDSA signature requires significant brute-force GPU work – Levy estimates $75 to $150 per transaction at current compute prices. That cost figures to be irrelevant for, say, a treasury-scale cold storage transfer; it is prohibitive for coffee. Levy acknowledges this directly, framing QSB as a stop-gap for large BTC positions while the community deliberates a longer-term protocol-level solution.
THIS IS HUGE. Bitcoin is Quantum-Safe TODAY.
Even if a quantum computer appeared, one that breaks the conventional Bitcion signatures, it shows a practical way to create safe Bitcoin transactions. WITH NO CHANGE TO BITCOIN PROTOCOL!!! https://t.co/ireGc3ai7W
— Eli Ben-Sasson | Starknet.io (@EliBenSasson) April 9, 2026
StarkWare CEO Eli Ben-Sasson characterized the proposal in stark terms on X, stating that it “essentially makes Bitcoin quantum-safe today.” That framing is doing significant argumentative work – the scheme makes specific large-value crypto transactions quantum computing resistant under its defined threat model, which is not equivalent to Bitcoin-the-network becoming quantum-safe in any comprehensive sense. The proposal has not been independently verified, and no Bitcoin Improvement Proposal has been filed to formalize or standardize the approach.
EXPLORE: Best meme coins to watch – CoinSpeaker’s updated rankings
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.
Daniel Frances is a technical writer and Web3 educator specializing in macroeconomics and DeFi mechanics. A crypto native since 2017, Daniel leverages his background in on-chain analytics to author evidence-based reports and deep-dive guides. He holds certifications from The Blockchain Council, and is dedicated to providing "information gain" that cuts through market hype to find real-world blockchain utility.
