Bitcoin 4 min read

Researcher Wins Bitcoin for Record Quantum Attack on Elliptic Curves

Independent researcher Giancarlo Lelli claimed a 1 BTC bounty after breaking a 15-bit elliptic curve key on public quantum hardware, marking a 512x larger attack than previous demonstrations.

Researcher Wins Bitcoin for Record Quantum Attack on Elliptic Curves

The cryptocurrency security landscape shifted noticeably when independent researcher Giancarlo Lelli successfully demonstrated what is being called the largest public quantum attack against elliptic curve cryptography—the mathematical foundation underlying Bitcoin's transaction security. His achievement earned him 1 bitcoin from a bounty program and has reignited discussions about quantum computing's trajectory toward threatening blockchain security infrastructure.

Lelli's breakthrough involved breaking a 15-bit elliptic curve key using publicly accessible quantum hardware. This represents a monumental leap forward in quantum cryptanalysis, as it dwarfs the previous record by a factor of 512. While the specific target was far smaller than the 256-bit keys that actually protect Bitcoin wallets, the demonstration provides concrete evidence that quantum computing capabilities continue accelerating along predicted trajectories.

Understanding the Quantum Cryptography Challenge

Elliptic curve cryptography (ECC) forms the backbone of Bitcoin's security model. Specifically, Bitcoin employs the secp256k1 elliptic curve to generate public-private key pairs. Users sign transactions with private keys, which can only be feasibly verified with corresponding public keys through mathematical operations that would take classical computers thousands of years to reverse.

Quantum computers, however, operate under different computational principles. They leverage quantum mechanical phenomena like superposition and entanglement to explore multiple solution paths simultaneously. Shor's algorithm, a theoretical quantum algorithm published in 1994, can theoretically break elliptic curve cryptography exponentially faster than any known classical approach.

The transition from theory to practice has been the key bottleneck. Building quantum computers powerful enough to run Shor's algorithm effectively against real cryptographic keys requires overcoming extraordinary engineering challenges—error correction, qubit stability, and scaling. Lelli's demonstration suggests those engineering challenges are being overcome faster than some security professionals anticipated.

The Evolution of Quantum Attacks

Lelli's achievement builds upon a progression of quantum cryptanalysis milestones:

  • September 2025: Previous public record demonstrated breaking a 15-bit equivalent through quantum simulation—but Lelli's attack was 512 times larger
  • Historical quantum attacks: Earlier demonstrations focused on smaller key sizes, typically in the 4-8 bit range
  • Hardware accessibility: The use of publicly available quantum hardware represents a significant shift from laboratory-controlled environments
  • Reproducibility: Public quantum cloud services now offer sufficient capabilities for meaningful cryptanalysis research

This progression underscores a crucial reality: quantum computing capability is not merely theoretical anymore. Research institutions, technology companies, and now independent researchers can access quantum systems powerful enough to mount real attacks on cryptographic systems—even if those attacks currently target toy-sized keys.

Bitcoin's Current Vulnerability Window

Bitcoin enthusiasts should understand an important nuance: current Bitcoin security remains robust against quantum threats. The elliptic curve keys protecting Bitcoin wallets use 256-bit keys, incomprehensibly larger than the 15-bit keys Lelli attacked. Extrapolating from current quantum capabilities, a quantum computer powerful enough to break Bitcoin's secp256k1 encryption would require millions of stable qubits and thousands of logical qubits after error correction—technology that likely remains years or decades away.

However, a critical vulnerability window exists for users who reuse addresses. If someone publicly reveals their public key (which happens when you receive and spend from the same address), a sufficiently powerful quantum computer could theoretically derive the private key. This is why Bitcoin developers have long recommended address reuse avoidance—a practice that already mitigates this specific quantum threat.

The Bitcoin network also possesses a significant advantage: protocol upgrades are possible. Unlike legacy financial systems locked into older cryptographic standards, Bitcoin can eventually transition to quantum-resistant cryptography through soft forks or hard forks if quantum threats materialize faster than expected.

The Bounty Program and Security Research Incentives

The decision to award Lelli 1 bitcoin—currently valued at tens of thousands of dollars—reflects growing recognition in the cryptocurrency community that quantum security research deserves financial incentives. This bounty approach follows established security research practices in traditional technology industries.

Bounty programs serve multiple functions beyond simply paying for discoveries:

  • They encourage responsible disclosure of vulnerabilities rather than malicious exploitation
  • They accelerate security research by providing funding for independent researchers
  • They create transparent records of security progress and threat evolution
  • They maintain active monitoring of emerging quantum computing capabilities

The cryptocurrency industry's willingness to fund quantum security research reflects lessons learned from cryptographic failures in traditional finance and banking. Proactive research funding today prevents reactive crisis management tomorrow.

What This Means for Bitcoin's Future

Lelli's achievement functions as both a warning and a progress report. The warning is clear: quantum computing capabilities are advancing measurably, and the timeline for potential threats may compress faster than some projections suggested. The progress report is equally important: Bitcoin developers and the broader cryptocurrency community have years, not months, to implement quantum-resistant upgrades if needed.

Leading cryptographers and Bitcoin developers are already exploring quantum-resistant alternatives. Lattice-based cryptography, hash-based signatures, and multivariate polynomial cryptography represent mature quantum-resistant options. The Bitcoin development community has the technical capability and economic incentives to implement these upgrades before quantum computers pose realistic threats to the network's security.

Giancarlo Lelli's bitcoin bounty represents more than a payment for clever research—it signals that the cryptocurrency industry takes quantum threats seriously and will invest resources in staying ahead of the threat curve. As quantum computing continues its inevitable march toward practical applications, demonstrations like this ensure the Bitcoin network maintains its legendary security properties through whatever technological transitions the future holds.

This article was last reviewed and updated in May 2026.

Related Articles

More in Bitcoin →
Bitcoin Surges on CLARITY Act Optimism, But Santiment Warns of Reversal
Bitcoin

Bitcoin Surges on CLARITY Act Optimism, But Santiment Warns of Reversal

May 16, 2026
Bitcoin Drops to $78K as $500M in Crypto Longs Liquidated
Bitcoin

Bitcoin Drops to $78K as $500M in Crypto Longs Liquidated

May 16, 2026
Gemini Stock Soars as Winklevoss Twins Back Crypto Exchange With $100M Bitcoin Investment
Bitcoin

Gemini Stock Soars as Winklevoss Twins Back Crypto Exchange With $100M Bitcoin Investment

May 16, 2026
THORChain Halts Trading After Suspected $10M Exploit
Bitcoin

THORChain Halts Trading After Suspected $10M Exploit

May 15, 2026