Italian independent researcher Giancarlo Lelli has claimed a 1 bitcoin prize from Project Eleven after successfully breaking a 15-bit elliptic curve key using publicly accessible quantum hardware — the largest such demonstration ever recorded publicly, and one that has renewed debate about how close the cryptocurrency industry is to a so-called 'Q-Day' reckoning.
Project Eleven, a quantum computing research initiative focused on cryptographic vulnerabilities, awarded the bounty to Lelli after he demonstrated a quantum attack on an elliptic curve key 512 times larger than the previous public benchmark, which had been set as recently as September 2025.
Elliptic curve cryptography underpins the digital signatures that Bitcoin and most other major cryptocurrencies rely on to secure wallets and authorise transactions. Breaking such keys — even at small bit sizes — has long been considered a key milestone on the path toward what researchers call 'Q-Day': the hypothetical point at which quantum computers become powerful enough to crack real-world cryptographic protections.
Lelli conducted the attack on publicly accessible quantum hardware, a detail researchers and commentators have highlighted as particularly significant. Until recently, the most advanced quantum computing resources were largely confined to well-funded laboratories and technology giants. The fact that a meaningful demonstration was achievable on hardware available to an independent researcher suggests the technology is maturing faster than some had anticipated.
It is important to note, however, that the cryptographic keys protecting actual Bitcoin wallets operate at 256 bits — vastly larger than the 15-bit key Lelli cracked. Current quantum computers remain far too limited in qubit count and error correction to threaten real-world Bitcoin security in the near term. What the demonstration does achieve is a measurable, empirical data point for tracking how quickly quantum capability is advancing.
Project Eleven established its bounty programme — known as the Q-BTC challenge — specifically to create transparent, reproducible milestones for the community to monitor. The initiative has argued that the cryptocurrency industry needs to accelerate work on post-quantum cryptographic standards before the gap between quantum capability and current protections narrows to a dangerous level.
The Bitcoin development community has been aware of quantum risks for years. Discussions around migrating to quantum-resistant cryptographic schemes have circulated in technical forums, though no consensus upgrade path has yet been finalised. Other blockchain ecosystems face similar challenges.
Security researchers generally caution against both dismissiveness and alarmism. The jump from breaking a 15-bit key in a controlled setting to threatening 256-bit keys used in live financial infrastructure would require improvements in quantum hardware and error-correction that most experts believe remain years — if not decades — away. Nevertheless, cryptographic migrations are slow, complex processes, and the window for preparation matters.
Analysis
Why This Matters
- Bitcoin's core security relies on elliptic curve cryptography; any credible progress toward breaking it — even at small scale — has direct implications for the long-term viability of cryptocurrency wallets holding trillions in value.
- The 512-fold leap in a single step between public demonstrations suggests quantum hardware is advancing more rapidly than incremental predictions assumed, compressing the timeline for the industry to act.
- Regulators, institutional custodians, and blockchain developers may face growing pressure to formalise post-quantum migration roadmaps sooner than previously planned.
Background
Elliptic curve cryptography has been a cornerstone of internet and financial security for decades. Bitcoin adopted the secp256k1 elliptic curve when Satoshi Nakamoto launched the network in 2009, and it has remained the standard for generating wallet addresses and signing transactions ever since.
The theoretical threat posed by quantum computers to elliptic curve cryptography has been known since mathematician Peter Shor published his landmark algorithm in 1994, which demonstrated that a sufficiently powerful quantum computer could solve the discrete logarithm problem — the mathematical hardness on which elliptic curve security depends — in polynomial time.
For most of the intervening decades, quantum hardware was too primitive and error-prone to pose a realistic threat. That began to shift in the early 2020s as companies including IBM, Google, and IonQ made rapid progress in qubit counts and error correction. Google's 2024 announcement of its Willow chip — which demonstrated significant improvements in error correction at scale — drew particular attention from the cryptographic research community. Project Eleven launched its bounty programme against this backdrop, seeking to create objective, public benchmarks for quantum progress against cryptographic targets specifically relevant to Bitcoin.
Key Perspectives
Project Eleven and quantum researchers: The organisation frames the milestone as a genuine warning signal, arguing that the pace of progress validates its decision to create structured public benchmarks. Proponents say the industry cannot afford to wait for an unambiguous near-term threat before beginning the complex, years-long work of migrating to post-quantum cryptography.
Bitcoin developers and technical community: Core developers have long acknowledged the quantum threat as real but distant. Some argue that a migration to quantum-resistant signature schemes — such as those being standardised by the US National Institute of Standards and Technology (NIST) — is technically feasible but would require careful consensus-building across a globally distributed network. The challenge is political and logistical as much as technical.
Critics and sceptics: Some cryptographers caution that breathless 'Q-Day is coming' coverage overstates the near-term risk. Scaling from 15-bit to 256-bit key attacks would require overcoming enormous engineering hurdles in qubit coherence, gate fidelity, and error correction — challenges that have historically taken far longer to solve than optimistic projections suggest. They argue alarmism could prompt premature or poorly designed cryptographic changes that introduce new vulnerabilities.
What to Watch
- Future entries in Project Eleven's Q-BTC challenge: the bit-size of the next successful public demonstration will be the clearest indicator of how fast real-world quantum capability is advancing.
- NIST's finalisation and adoption timeline for post-quantum cryptographic standards, and whether Bitcoin development discussions begin formally incorporating them into upgrade proposals.
- Announcements from major quantum hardware providers — particularly IBM's roadmap milestones and Google's follow-up to Willow — which could shift expert consensus on the realistic threat timeline.