No. Bitcoin uses ECDSA (secp256k1) for transaction signing, which is vulnerable to Shor's algorithm. Bitcoin addresses with exposed public keys are at direct risk.
Key Takeaway: Bitcoin is NOT quantum safe. Move Bitcoin to addresses that have never sent transactions (unexposed public keys). Monitor BIPs for PQC signature schemes.
Bitcoin is NOT quantum safe. Bitcoin's security relies on SHA-256 for mining (Grover-resistant) and ECDSA with secp256k1 for transaction signing (Shor-vulnerable). A quantum computer with approximately 2,500 logical qubits could forge Bitcoin transaction signatures. An estimated 25% of all Bitcoin (approximately $200 billion) is held in addresses with exposed public keys. No consensus PQC replacement exists yet — it would require a protocol-level fork.
| Full Name | Bitcoin Cryptocurrency |
| Category | infrastructure |
| Quantum Vulnerability | ECDSA (secp256k1) — Shor's algorithm breaks the discrete logarithm problem on elliptic curves. |
| NIST Status | ECDSA secp256k1 is not NIST-recommended and has no PQC migration path in the Bitcoin protocol. |
| Deprecation Timeline | Bitcoin ECDSA will be broken when a CRQC with ~2,500 logical qubits exists (estimated 2030-2035) |
| Replaced By | No consensus PQC replacement exists for Bitcoin yet. ML-DSA or SLH-DSA are candidates. |
Move Bitcoin to addresses that have never sent transactions (unexposed public keys). Monitor BIPs for PQC signature schemes.
QScout discovers every instance of Bitcoin across your infrastructure in 7 days — with zero operational disruption. 72-hour time to first findings.