February 18, 2026 — The Bitcoin community faces a critical, multi-year timeline to secure the network against an emerging quantum computing threat, according to a lead researcher behind a key upgrade proposal. Ethan Heilman, co-author of the newly submitted BIP-360 specification, exclusively tells Cointelegraph that a full migration to post-quantum security could require seven years of coordinated effort. This urgent forecast arrives as academic and industry experts warn that fault-tolerant quantum computers capable of breaking current encryption may emerge within a similar five-to-seven-year window, creating a precarious race against time for the world’s largest blockchain.
The Seven-Year Roadmap to a Quantum-Resistant Bitcoin
Ethan Heilman, a respected cryptography researcher, provided a detailed, phase-by-phase estimate for a potential Bitcoin upgrade. His timeline begins with the assumption of immediate community consensus. “Three years until it activates,” Heilman explains. “This assumes two and a half years to get the BIPs done and the code reviewed and tested. Assuming everyone wants it, half a year to activate.” The subsequent migration period for users, wallets, and infrastructure constitutes the bulk of the forecast. Every Bitcoin holder must move funds to new, quantum-safe addresses—a logistical challenge for a network processing only 3-10 transactions per second. Heilman notes that wallets, custodians, and layer-two systems like the Lightning Network would need extensive updates. “Likely, some future-forward parties will have prepared to upgrade while the softfork was activating. If we are lucky, 90% will have updated five years after activation,” he states, emphasizing that the perceived level of danger would dictate the speed of adoption.
This lengthy process highlights the inherent difficulty of upgrading a decentralized, consensus-driven system like Bitcoin. The timeline is not merely technical but social, requiring unprecedented coordination across developers, miners, businesses, and millions of users globally. Heilman’s work on BIP-360 now is a direct response to this slow-moving reality. “The main reason I’m working on this now is that I could see this process taking many years,” he says. “The more we can get done now, the more time we will have when we have to move quickly.”
Quantum Computing Advances Shorten the Threat Timeline
While Heilman’s seven-year estimate is sobering, parallel advances in quantum hardware suggest the window of safety may be closing faster than previously thought. Notably, Professor Scott Aaronson, founding director of the Quantum Information Center at UT Austin, suggested in late 2025 that a fault-tolerant quantum computer running Shor’s algorithm could arrive “before the next US presidential election.” This acceleration stems from breakthroughs like Google’s Willow chip, which in late 2024 demonstrated scalable quantum error correction—a fundamental hurdle. Antonio Sanso of Ethereum’s post-quantum team confirms the shift: “There are not a lot of theoretical issues at the moment. At the moment, it’s an engineering problem. It’s going to be solved for sure.”
- Shrinking Qubit Requirements: The resources needed to break encryption are plummeting. A 2025 Google study revised the qubits needed to break 2048-bit RSA encryption down to 900,000. A recent preprint paper, ‘The Pinnacle Architecture,’ suggests it could be under 100,000.
- Bitcoin’s Specific Vulnerability: Professor Aaronson points out that Bitcoin’s elliptic curve cryptography (using 256-bit keys) is likely to fall to quantum computers before larger RSA keys, making it a priority target.
- The Exposed Coin Problem: Analysis from groups like Project 11 indicates approximately 6.9 million Bitcoin (roughly one-third of the supply) currently has its public key exposed on-chain, making it immediately vulnerable once a quantum computer is operational.
Expert Consensus: The Threat is Real, Timing is the Debate
The core debate is no longer about if but when. Caltech president Thomas Rosenbaum recently aligned with Heilman’s danger zone, publicly stating a belief in “a functioning, fault-tolerant quantum computer in five to seven years.” This academic perspective contrasts with some within the Bitcoin community who dismiss near-term quantum threats as FUD (Fear, Uncertainty, and Doubt), pointing out that Shor’s algorithm has only factored the number 15 on a quantum computer. However, researchers like Sanso anchor their 2035 prediction in the engineering roadmap, a timeframe also cited by the U.S. National Institute of Standards and Technology (NIST). The rapid progress in adjacent fields like AI, which is optimizing error-correction and materials science for qubits, adds further uncertainty and potential for acceleration.
BIP-360: A Conservative First Step in a Long Journey
The updated BIP-360 proposal, co-authored by Heilman, Hunter Beast, and Isabel Foxen Duke and merged for consideration last week, represents the initial technical path forward. It proposes a new output type called Pay-to-Merkle-Root (P2MR), an upgrade to Taproot (P2TR) that hides the public key and removes a quantum-vulnerable key path. Crucially, it’s a soft fork—backward compatible so unupgraded nodes simply ignore the new transaction type. “BIP 360 is step one,” Heilman clarifies. “It proposes a quantum-resistant output type that has the upgradability and features of P2TR without the quantum vulnerability.” This design protects against “long-range attacks,” such as cracking the private keys of Satoshi’s unmoved coins, but not against “short-range attacks” on recently broadcast transactions.
For full protection, a second, more complex step is required: integrating a post-quantum signature algorithm into Bitcoin’s tapscript. This presents a major scaling challenge, as these signatures are 10 to 100 times larger than current ones. Consequently, the community must confront hard choices about increasing block sizes, implementing a witness discount, or using zero-knowledge proofs to compress data—all historically contentious topics. The debate may extend to the philosophical dilemma of Satoshi’s coins: freeze them forever or risk them being stolen and dumped.
| Blockchain | Post-Quantum Status | Key Challenge |
|---|---|---|
| Bitcoin | BIP-360 proposed; 7-year upgrade estimate | Reaching consensus on scaling solutions for large signatures |
| Ethereum | Dedicated PQ team; target overhaul by 2029 | Overhauling entire chain; majority of funds at risk |
| Solana | Experiments completed; fast upgrade capability | All coins have exposed public keys by default |
The Daunting Consensus Challenge Ahead for Bitcoin
Technically, Bitcoin’s path to post-quantum security is clearer than for chains like Ethereum or Solana, where more funds are immediately at risk and consensus mechanisms are directly threatened. However, Bitcoin’s greatest hurdle is its decentralized governance. The community remains divided on the downstream effects of the Taproot upgrade five years later, signaling how difficult forging agreement on fundamental changes will be. The required technical decisions—potentially altering block size or core scripting—touch on sacred principles for many stakeholders. Furthermore, the possibility of cross-chain collaboration emerges. Ethereum’s post-quantum team has developed a signature aggregation prototype using ZK-STARKs and has expressed a desire for Bitcoin to adopt it, creating a potential industry standard. Researcher Justin Drake stated the solution is “built with Bitcoiner security in mind,” highlighting ongoing, if low-key, collaboration between researchers across the ecosystem.
A Community at a Crossroads: Preparation vs. Complacency
The reaction within the Bitcoin community is split. A contingent, often labeled “post-quantum big blockers,” recognizes the urgency and is prepared to support necessary protocol changes. Others remain skeptical of the imminent threat, viewing quantum concerns as similar to past debates about energy use—a problem to be solved when it materializes. This divergence sets the stage for what could be Bitcoin’s most significant governance test since the block size wars. The coming months will reveal whether the community can prioritize long-term security over ideological purity and procedural inertia.
Conclusion
Ethan Heilman’s seven-year warning is a clarion call for the Bitcoin ecosystem. The post-quantum upgrade is not a single event but a marathon of research, development, testing, and—most challenging—community consensus. While BIP-360 offers a technically sound starting point, the larger battle will be social. With quantum computing milestones arriving faster than anticipated, Bitcoin’s legendary resilience will be tested not by market volatility, but by its ability to adapt its core protocols in the face of a theoretical-turned-existential threat. The countdown, however imprecise, has arguably begun.
Frequently Asked Questions
Q1: What is BIP-360 and how does it help Bitcoin?
BIP-360 is a proposed Bitcoin Improvement Proposal that creates a new, quantum-resistant transaction output type called Pay-to-Merkle-Root (P2MR). It is a conservative first step that hides public keys to protect against long-range quantum attacks, acting as a foundation for future post-quantum signature algorithms.
Q2: Why does a post-quantum upgrade take an estimated seven years?
The timeline includes approximately three years for technical specification, code review, and testing, followed by a network activation period. The bulk of the time is for the global migration of users, wallets, exchanges, and services to the new standard—a massive coordination challenge for a decentralized system.
Q3: How much Bitcoin is immediately at risk from a quantum computer?
Analysis suggests about 6.9 million BTC (roughly one-third of the supply) is currently vulnerable because its public keys are exposed on the blockchain. Coins in addresses that have never been spent from (like Satoshi’s) or where the public key has been revealed during a transaction are at risk.
Q4: How does Bitcoin’s quantum threat compare to Ethereum’s or Solana’s?
Technically, Bitcoin’s upgrade path is considered simpler, and its Proof-of-Work consensus is less immediately threatened. However, Ethereum has a dedicated team and a 2029 target, while Solana can upgrade faster. A larger portion of funds on Ethereum and Solana are exposed because of their different address systems.
Q5: What is a “short-range” versus a “long-range” quantum attack?
A long-range attack targets static, exposed public keys (like unmoved coins). A short-range attack attempts to crack the private key of a transaction between the moment it is broadcast (revealing its public key) and when it is confirmed in a block—a matter of minutes. BIP-360 only protects against the former.
Q6: What are the biggest obstacles to Bitcoin achieving post-quantum security?
The primary obstacles are social and governance-based: reaching consensus on potentially controversial technical changes like increasing block sizes to accommodate larger signatures. The philosophical debate over how to handle permanently frozen coins like Satoshi’s also presents a major hurdle.
