Check If Your Bitcoins are Threatened by Quantum

A new tool to check if your bitcoins are vulnerable to the quantum computer is online. Are your BTC safe?

Project Eleven watches over bitcoin

Are your bitcoins threatened by the quantum computer? Maybe. There are two modus operandi.

The first consists of picking among the transactions in the “mempool,” where transactions wait to be mined (added into a block). The reason is that public keys are revealed at that very moment.

However, a quantum computer capable of deducing a private key from a public key in less time than it takes to confirm a transaction—about 10 minutes—would be needed.

The second method, more probable, is an attack called “harvest-now-decrypt-later.” It involves addresses reused by users, or those of a very old format.

Project11 just launched a tool allowing you to check if your addresses are vulnerable. It contains the complete list of addresses whose public keys are already exposed.

To leave this list, you must transfer your bitcoins to a new address. You can keep the same wallet if the problem stems from address reuse.

However, if the problem is the address format, you should transfer them to a newer wallet generating addresses resistant to the quantum threat .

Why are some addresses resistant and others not?

Some address formats are vulnerable because they are simply bare public keys. For example, P2PK (Pay-To-Public-Key) addresses and some types of P2TR (Pay-To-Taproot) addresses.

P2PK addresses being simple public keys, they don’t start with an identifiable header at first glance. P2TR addresses start with “bc1p” (not to be confused with addresses starting with “bc1q”).

Conversely, resistant addresses are encodings of public keys. That is, they are obfuscated by passing through the SHA-256 hashing function, which is resistant to quantum computers.

Address types resistant to quantum attacks are P2PKH, P2SH or P2WPKH. They respectively start with “1”, “3”, and “bc1q”.

• Example of P2WPKH address:
  bc1qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t4
  
• Example of P2PKH addresses:
  1HsK3s3o1nBVsB7rKAvwF7v9mvhT2HwZq8
  
• Example of P2SH addresses:
  3DymAvEWH38HuzHZ3VwYAQr8YTzTUpmsnA

Nowadays, wallets no longer generate addresses in the P2PK format. So unless you downloaded your wallet before 2011, you very probably do not use inherently vulnerable addresses (P2PK and some P2TR types).

If your bitcoins are on vulnerable addresses, it is much more likely that you made the mistake of reusing them.

Two frequently asked questions:

Do all addresses in a wallet become vulnerable if just one is known?

No. Wallets like Trezor, Ledger, or Electrum are “HD” (Hierarchical Deterministic). In other words, each address has its own private key. Simply put, if one public key is reused, only that one is vulnerable. The other addresses remain protected.

Unless the master public key (xpub) is compromised… Explanation:

An HD wallet generates all private and public keys from a seed (the 12 or 24 words you must carefully keep) according to a hierarchical structure defined by the BIP-32 standard.

The principle is that the same seed always produces the same xpub from which all other keys are derived. That is why the seed alone is enough to restore access to all bitcoins.

The downside is that revealing your xpub means exposing all public keys of your wallet. It must not be done. Everyone who, for example, shared their xpub with Samourai’s coinjoin might regret it…

Second question: Suppose I have 1 bitcoin on a single address. And I spend 0.4 bitcoin. Are the remaining 0.6 bitcoin vulnerable?

No. To spend 0.6 BTC, your wallet must spend all funds associated with that address, i.e., 1 bitcoin. During the transaction, 0.4 BTC go to the recipient’s address, and 0.6 BTC to a new wallet address of yours (plus some satoshis as fees for the miner).

The initial address is now vulnerable, but it does not matter since it is now empty. However, you must no longer reuse that address to receive funds.

Don’t miss this article to learn more: Bitcoin, the quantum threat is approaching.