Q-Day Countdown: Will Quantum Computing End Cryptocurrencies?

marsbitXuất bản vào 2026-07-06Cập nhật gần nhất vào 2026-07-06

Tóm tắt

Quantum Computing's Threat to Cryptocurrency: A Countdown to Q-Day Quantum computing, specifically Shor's algorithm, poses a fundamental threat to the public-key cryptography (e.g., ECDSA, RSA) that secures blockchain networks like Bitcoin and Ethereum. This critical juncture, known as Q-Day, is estimated to occur potentially within the next 5-15 years. The core vulnerability stems from the public and immutable nature of blockchains. Assets in addresses where the public key is already exposed on-chain (e.g., spent outputs) are at direct risk, as a sufficiently powerful quantum computer could derive the private key. This threatens the very trust model of cryptocurrencies. The response lies in Post-Quantum Cryptography (PQC)—algorithms like lattice-based ML-DSA and hash-based SLH-DSA, which are resistant to quantum attacks. NIST has standardized key PQC algorithms (FIPS 203, 204, 205), providing a migration path. However, the primary challenge is not technical but socio-economic and involves complex governance: * **Bitcoin's** path is constrained by its conservative ethos. Migrating requires a soft-fork to new address types, facing hurdles like significantly larger signature sizes and, most critically, the divisive governance question of how to handle at-risk legacy UTXOs without violating core principles. * **Ethereum** is pursuing a "cryptographic agility" strategy, with a multi-layered roadmap. It leverages account abstraction for user accounts and is developing comp...

Author|0xjacobzhao @ IOSG

 

Imagine one early morning in 203X, when an on-chain monitoring alarm suddenly shatters the peace: a batch of early BTC addresses dormant for over a decade begins to transfer assets like ghosts. No hacker intrusion, no private key leakage, only 'legitimate' signatures generated out of thin air. As high-value dormant UTXOs are successively drained, the market finally awakens: some unknown quantum computing entity can already directly derive private keys from historically exposed public keys. Panic instantly rips through the market. In the deep web, public key libraries hoarded for a decade with the strategy 'harvest first, decrypt later' are being frantically auctioned, waiting for computing power to cash in on the wealth. Meanwhile, the Bitcoin community is torn by unprecedented ideological rifts: when facing dormant coins plundered by quantum computing, should they rigidly adhere to the principle of 'code is law' and immutability, or enforce a hard fork to freeze the legacy assets? The collision between the narrative of property rights and the law of survival has ignited a governance deadlock. That day, blocks continue to be produced in order, and the network never pauses for a second. Quantum computing isn't an apocalyptic magic spell that erases everything, but it pushes the entire Web3 ecosystem into the protracted game of cryptographic reconstruction and consensus abyss.

Quantum computing is often interpreted as the apocalyptic 'Sword of Damocles' hanging over the blockchain. Re-examining the biggest 'security debt' the Web3 world is about to face, we find that the impact of the quantum threat on blockchain is essentially an ultimate stress test of its three-layered foundational architecture: 'open ledger, irreversible assets, self-custody of private keys.' As the dawn of Cryptographically Relevant Quantum Computers (CRQC) emerges, the industry faces the challenge of navigating the extremely complex social consensus and governance struggles within the remaining 5 to 8-year 'engineering comfort window' before Q-Day arrives.

Quantum Computing: Technical Principles, Value, and Threats

Quantum computing is a new computational paradigm based on quantum mechanics principles. It uses quantum bits (qubits) as information carriers, breaking through the binary limitation of classical bits which can only represent 0 or 1. By leveraging quantum properties like superposition, entanglement, interference, and measurement, it achieves computational efficiencies difficult to reach with classical computing:

  • Superposition – Expanding the state space: A qubit can exist in a linear combination of 0 and 1.

  • Quantum Entanglement – Establishing global correlation: Strong non-local correlations formed between multiple qubits.

  • Quantum Interference – Manipulating probability amplitudes: The essence of quantum algorithm acceleration, where probability amplitudes for wrong answers cancel each other out (destructive interference), while amplifying the amplitude for the correct answer (constructive interference).

  • Quantum Measurement – Collapsing the quantum state into a single classical result. The core of a quantum algorithm is not 'reading all the answers,' but ensuring the correct answer has a significantly higher probability of appearing upon measurement.

Figure 1: The Four Pillars of Quantum Computing

(①) Superposition expands the state space – a qubit exists as a continuous mixture of |0⟩ and |1⟩ on the Bloch sphere.

(②) Entanglement creates non-local correlations; measuring one qubit instantly determines its partner.

(③) Interference is the engine of acceleration: destructive interference cancels amplitudes for wrong answers, constructive interference amplifies amplitudes for the correct answer.

(④) Measurement collapses the quantum state into a single classical result – the algorithm's task is to ensure the correct result appears with an overwhelming probability beforehand.

The Two Core Algorithms of Quantum Computing: Shor's 'Dimensionality Reduction Attack' and Grover's 'Brute-Force Accelerator'

  • Shor's Algorithm (1994): The 'Dimensionality Reduction Attack' on Public-Key Cryptography: Shor's algorithm can leverage quantum properties to directly 'see through' the mathematical patterns of integer factorization and discrete logarithms, thus completely destroying the trust foundation of the modern internet and blockchain, such as RSA and Elliptic Curve Cryptography (ECC). However, constrained by real-world quantum error correction overhead, cracking mainstream cryptography still requires millions of physical qubits, though aggressive algorithmic optimizations could significantly lower this threshold.

  • Grover's Algorithm (1996): The 'Brute-Force Accelerator' for Symmetric Encryption: Grover's algorithm cannot directly break cryptographic structures. Instead, it provides a square-root speedup for 'guessing passwords' (e.g., reducing the effective security strength of 128-bit encryption to 64-bit). Its threat is far less fatal than Shor's, and the countermeasures are straightforward – typically, increasing the key length, hash output length, or security parameters can restore the safety margin (e.g., upgrading to AES-256 or SHA-512).

Figure 2: The Two Core Algorithms of Quantum Computing: Shor's Algorithm and Grover's Algorithm

 

The Commercialization Path of Quantum Computing: The 'Battle of the Titans' Among Five Technical Camps

No single qubit technology has established a clear engineering lead. Five distinct approaches are currently being commercially pursued, each with its own advantages and disadvantages.

The Positive Value and Negative Threat of Quantum Computing

The core value of quantum computing lies in breaking through the capability boundaries of classical computing for specific complex problems, driving paradigm-level leaps in fundamental science and engineering. Its positive value primarily focuses on two main directions: first, the simulation of complex quantum systems, including quantum chemistry, drug discovery, new materials, and energy technology; second, solving highly complex optimization problems, including logistics, finance, supply chain, chip design, and industrial scheduling. Among these, quantum simulation is widely considered a long-term application scenario with higher certainty, while complex optimization remains in the exploration and validation phase. Currently, quantum computing is at a critical stage transitioning from lab prototypes to engineering applications, with decoherence, physical noise, error correction overhead, and system scalability remaining the core barriers to crossing the industrialization chasm.

The quantum threat fundamentally targets the foundation of modern public-key cryptosystems, spreading layer by layer along the logic of 'data lifetime × migration difficulty × attack payoff': National security, military, and intelligence systems are the first to face the strategic-level risk of 'Harvest Now, Decrypt Later' (HNDL). Financial and payment infrastructures, deeply reliant on TLS, HSMs, and identity authentication systems, will be the first to enter the compliance migration track. Internet trust roots and the Blockchain/Web3 ecosystem face multiple systemic risks including code signing, cloud-based key management (KMS), the irreversibility of on-chain assets, and governance migration. In contrast, sectors like healthcare, energy, industrial control, and IoT will form long-term, difficult-to-eradicate tail risks due to long device lifecycles and narrow upgrade windows.

Time Window and Planning Rule: Q-Day and Mosca's Inequality

Q-Day refers to the time point when a quantum computer first possesses the practical capability to crack mainstream public-key cryptography. It is not a fixed date but a probability interval influenced jointly by hardware progress, error correction capabilities, algorithmic optimizations, and the secrecy of national projects. The current mainstream expectation is roughly concentrated between 2035 and 2045, with fast scenarios potentially advancing to 2030-2035, while before 2030 is considered a low-probability tail risk.

Mosca's Inequality X + Y > Z explains why post-quantum migration has real urgency even before Q-Day arrives. Here, X is the time data needs to remain confidential, Y is the time required to complete cryptographic migration, and Z is the remaining time until Q-Day. As long as the sum of the data lifecycle and the migration period exceeds the remaining time until Q-Day, the system is already in a migration lag zone: data collected today may be decrypted by quantum computing in the future. Therefore, quantum-resistant security is not an emergency engineering task after Q-Day arrives but a long-term infrastructure migration that must be initiated in advance.

Figure 3: Distribution of Expert Q-Day Predictions in 2026. Each bar shows a single source's plausible window; dots mark central estimates.

Color coding represents speaker category: Red = Aggressive Industry; Orange = Benchmark Survey/Consensus; Blue = Hardware Roadmap; Green = Skeptics.

Post-Quantum Cryptography (PQC): Technical Routes, Standardization, and Industry Migration Overview

Post-Quantum Cryptography (PQC), also known as quantum-resistant cryptography or quantum-safe cryptography, refers to a new generation of cryptographic algorithm systems designed to resist future attacks by quantum computers. Its core feature is that it still runs on existing classical computing architectures, but its security is based on mathematical problems that are also difficult for quantum computers to solve efficiently. PQC has become the most realistic and scalable mainstream approach for quantum-resistant migration of global digital infrastructure.

Main Technical Routes: The Duel Between Lattice-based and Hash-based Signatures

Current PQC research and implementation primarily focus on several major mathematical families:

  • Lattice-based Cryptography: Security is based on hard problems in high-dimensional lattices (e.g., Module-LWE). It combines efficiency and security, making it the core direction for current standardization and engineering implementation. Representative algorithms are ML-KEM and ML-DSA.

  • Hash-based Signatures: Rely solely on the collision resistance of hash functions. The mathematical assumptions are extremely simple and conservative. The representative standard is SLH-DSA.

  • Other Routes: Code-based cryptography (HQC) was selected by NIST as the fifth PQC algorithm in March 2025, serving as a non-lattice backup to ML-KEM, with a draft standard expected in 2026 and a final standard in 2027. Multivariate and Isogeny-based cryptography have not entered NIST's first batch of standardization mainstream due to security or efficiency concerns. The Isogeny route, in particular, suffered a major setback when the SIKE algorithm was broken.

Standardization Milestone: NIST Establishes the 'One KEM, Two Signatures' Landscape

The FIPS standardization process led by the National Institute of Standards and Technology (NIST) is the key turning point driving PQC from theory to application. In August 2024, NIST officially released three core standards, establishing the basic division of labor for PQC migration:

  • FIPS 203 (ML-KEM): A lattice-based Key Encapsulation Mechanism (KEM), responsible for key exchange.

  • FIPS 204 (ML-DSA): A lattice-based digital signature algorithm, responsible for general-purpose digital signatures.

  • FIPS 205 (SLH-DSA): A stateless hash-based digital signature algorithm, serving as a backup option for high-security signatures.

Industry Implementation Ecosystem: A Three-Tier Architecture of Mainstream, Transitional, and Auxiliary

In addition to the core algorithms, building a quantum-resistant security system relies on multi-layered engineering strategies:

  • Hybrid Deployment: Adopting a parallel signature/encryption model of 'Traditional Algorithm (e.g., ECC/RSA) + PQC,' serving as a risk-hedging measure in the early stages of migration, ensuring baseline security is still provided by the traditional algorithm even if the new algorithm has unknown vulnerabilities.

  • Cryptographic Agility: Designing architectures to enable systems to quickly replace, upgrade, or roll back algorithms to respond to future risks of algorithm compromise.

  • Auxiliary Enhancement Technologies: Include Quantum Key Distribution (QKD) (suitable for government/military private networks but cannot replace internet signature verification), Quantum Random Number Generation (QRNG), and Hardware Security Modules (HSM/Secure Enclave), used to enhance random number quality and key storage security.

Figure 4: Panorama of Quantum-Resistant Routes

Quantum Risks and Quantum-Resistant Practices in the Blockchain Industry

Blockchain is not the primary target of quantum threats, but it is one of the most valuable 'stress test' scenarios. Compared to traditional Web2, which relies on centralized mechanisms (like certificate rotation, account freezing) to buffer data breach risks, blockchain directly and instantaneously transforms underlying cryptographic crises into asset loss and governance deadlocks. Its architecture's underlying 'triple irreversibility' – permanent public ledger, irreversible asset transfer, and private key self-custody – means assets with exposed public keys may face private key recovery and signature forgery, with no centralized safety net. More critically, the elliptic curve and BLS signature systems heavily relied upon by mainstream public chains face structural collapse in the face of Shor's algorithm; once a Cryptographically Relevant Quantum Computer (CRQC) emerges, attackers could derive private keys from publicly exposed on-chain public keys and forge signatures, fundamentally shaking the trust foundation of blockchain.

Threat Map of Cryptographic Components in Blockchain Systems

For the blockchain industry, the core proposition is not dealing with immediate hackers but initiating a 'migration countdown' race against time. Quantum computing won't instantly destroy blockchain, but it will force the industry through a more difficult underlying cryptographic reconstruction than Web2. The real risk is not the lack of standardized post-quantum algorithms, but whether the entire ecosystem can complete a full-chain coordinated migration from underlying protocols to existing assets before Q-Day (the critical time point when CRQC gains practical cracking capability).

In this process, the quantum threat does not descend uniformly but propagates level by level along the five-layer architecture: 'Assets, Protocol, Infrastructure, Applications, Governance.' The key insight is that high-value infrastructure layers (e.g., exchanges, custodians, cross-chain bridges) will face pressure before the L1 mainnet protocol. The ultimate bottleneck determining the success of this full-chain migration is not the replacement of cryptographic technology but the extremely complex social consensus and governance struggles.

Bitcoin and Ethereum's Quantum-Resistant Practices

Bitcoin's Quantum Risk: Public Key Exposure, Signature Bloat, and Governance Friction

Bitcoin's quantum risk is not evenly distributed across all BTC but highly depends on whether the public key has already been exposed on-chain. The real high risk is not all UTXOs network-wide but concentrated in early legacy outputs, addresses with exposed public keys that still hold a balance, and long-dormant, high-value UTXOs. Bitcoin's hash components (SHA-256, SHA256d, and RIPEMD-160) mainly face a reduction in security margin due to Grover's algorithm, rather than the structural collapse of ECDSA/Schnorr by Shor's algorithm.

  • High Risk: UTXOs with Statically Exposed Public Keys: Early P2PK, Taproot (P2TR) outputs, and already spent, reused P2PKH/P2WPKH addresses that still hold a balance. Their full public keys are permanently on-chain; they will be the first to be directly broken by Shor's algorithm once CRQCs emerge.

  • Medium Risk: UTXOs with Public Keys Not Yet Exposed but Will Be in the Future: Unspent and unreused P2PKH/P2WPKH addresses. Only the public key hash is exposed on-chain; risk exists only within the brief 'quantum preemption window' from when a future transaction is broadcast until confirmation.

  • Low Risk: Assets Migrated to Quantum-Safe Addresses: Assets migrated to Post-Quantum (PQ) addresses via a soft fork in the future will see significantly reduced risk, but this highly depends on the long-term coordinated upgrade of the entire ecosystem.

Engineering Challenges: Signature Bloat and the 'Soft Fork First' Path

Under Bitcoin's governance structure, the political cost of a one-time hard fork to phase out ECDSA/Schnorr is extremely high. Introducing new quantum-safe output types via a soft fork is a more realistic incremental path. Current discussions include directions like BIP-360 / P2MR (Pay-to-Merkle-Root), but they are still far from full network consensus and activation.

This move must pay a high 'engineering tax': current ECDSA/Schnorr signatures are only about 64–72 bytes, while candidate algorithms like ML-DSA (2.4–4.6 KB) and SLH-DSA (7–49 KB) see their size increase by tens to hundreds of times. This magnitude of bloat triggers systemic chain reactions: directly increasing block weight and transaction fees, exacerbating node storage and bandwidth burdens, significantly worsening the UTXO set and wallet UX, ultimately creating negative feedback that increases resistance to network-wide quantum-resistant migration.

More importantly, Bitcoin lacks rapid algorithm switching capability. Unlike centralized systems that can be upgraded by a single entity replacing certificates or algorithms, Bitcoin requires synchronous adaptation of consensus rules, address formats, wallets, mining pools, exchanges, custodians, and hardware wallets. Therefore, quantum-resistant migration is not a single-point technical upgrade but a long-term coordinated engineering effort across the entire ecosystem.

Governance Dilemma: The 'Values Conundrum' of Legacy UTXOs

Even if PQ addresses are successfully launched, how to handle legacy UTXOs that remain un-migrated for a long time, including what the market generally considers early, long-dormant BTC from the Satoshi era, remains the ultimate dilemma. Two extreme solutions conflict with Bitcoin's core values:

  • Do Nothing: Legacy coins become a 'free lunch' for the first attacker possessing CRQC capability, triggering market panic.

  • Forcibly Freeze/Invalidate: Directly violates the property principle of 'Not your keys, not your coins' and the immutability narrative, easily tearing apart community consensus and potentially causing a chain fork.

A pragmatic compromise path is implementing a multi-year 'Legacy Sunset' mechanism: issuing long-term deprecation warnings, gradually increasing relay policy friction for spending old outputs, and finally imposing constraints via a soft fork under multi-party coordination. Discussions like BIP-361 regarding a legacy signature sunset essentially explore this path.

Therefore, Bitcoin migration is fundamentally not a cryptography problem. PQ algorithms already exist and can be integrated; the real bottleneck lies in the social consensus around issues like immutability, property rights, and the legitimacy of 'declaring assets quantum-unsafe.' In other words, Bitcoin's quantum risk is not a doomsday scenario where everything suddenly goes to zero one day, but a gradual process from theoretical feasibility, economic costliness, to practical executability; what the industry truly needs to strive for is completing migration coordination before the attack economics become viable.

Figure 5: Bitcoin Quantum-Resistant Migration: A Long-Term Governance Process

Ethereum Quantum-Resistant Migration – Full-Stack Refactoring and the 'Lean' Roadmap

Ethereum is actively addressing the quantum threat. Led by the Ethereum Foundation (EF) Post-Quantum team (https://pq.ethereum.org/), research is steadily progressing through open governance processes like All Core Devs. Its core strategy is not 'betting everything on a single PQ algorithm at once' but comprehensively enhancing the network's Cryptographic Agility – ensuring that account authentication, consensus signatures, proof systems, and data layer commitments have long-term replaceable, upgradable, and verifiable capabilities.

Ethereum's quantum risk is highly concentrated in four cryptographic components: EOA accounts (ECDSA/secp256k1), validator consensus (BLS signatures), data availability (KZG commitments), and some ZK proof systems. Accordingly, EF has designed a 'Lean' roadmap advancing in parallel along three tracks: execution, consensus, and data.

  • Execution Layer (User Accounts): Account Abstraction as Buffer and L2 as Testing Ground

    Facing the vast number of EOAs, direct hard fork resistance is immense. Ethereum leverages Account Abstraction (e.g., ERC-4337 and EIP-7702) to grant smart contract wallets 'signature agility,' supporting hybrid signatures and incremental migration, avoiding forced full-network coordination. Simultaneously, L2s, with their flexible governance, serve as natural testing grounds for PQ deployment.

  • Consensus Layer (Validator Signatures): The 'One-Two Punch' of leanXMSS and leanVM

    Aims to completely replace BLS signatures which rely on elliptic curve pairings. The core strategy is to adopt the hash-based leanXMSS combined with a minimal zkVM (leanVM) for SNARK aggregation. Key engineering breakthrough: leanVM is expected to compress the bulky hash signature data by approximately 250 times, offsetting PQ signature size bloat, preserving the 'multi-signatures aggregated into one' scaling advantage while entering the post-quantum era.

  • Data Layer (Blobs, DA & KZG): Long-Term Refactoring of Underlying Commitments

    Under CRQC conditions, the underlying security assumptions of KZG still need to be re-evaluated, with long-term migration to more PQ-friendly commitment or proof systems. Its ultimate direction is evolving towards hash-based STARKs or lattice-based commitment schemes. This is a multi-year, protocol-level refactoring, not an immediate failure.

Furthermore, Ethereum's quantum risk is not evenly distributed. EOAs represent the largest value pool; exchange, bridge, custodial hot wallet, governance/upgrade keys, L2 sequencer, and admin keys are high-value operational keys that may face pressure before the protocol itself. Overall, Ethereum's quantum-resistant migration is not a single-point signature replacement but a multi-year, full-stack engineering effort involving accounts, consensus, DA, ZK, L2s, bridges, custody, and formal verification.

Figure 6: Ethereum Post-Quantum Migration: Execution (User Accounts), Consensus (Validator Signatures), and Data (Commitments & Proofs).

Bitcoin vs. Ethereum Post-Quantum Migration Profile Panoramic Comparison

Theoretically, all public chains relying on traditional public-key cryptography face quantum risks. However, the chains that truly constitute a systemic quantum-resistant migration proposition are primarily Bitcoin and Ethereum: the former involves legacy UTXOs, immutability, and property rights governance; the latter involves full-stack refactoring of accounts, consensus, DA, ZK, and L2s. Other public chains are better suited as supplementary references for technical paths and risk scenarios.

  • Solana represents high-throughput chains' engineering exploration of PQ signature verification costs. Its community has had discussions about validating syscalls for Falcon-512 / FN-DSA, but this scheme remains exploratory and supplemental, not replacing existing Ed25519, nor does it represent an official migration roadmap for Solana.

  • Starknet / STARKs represent the more PQ-friendly ZK route of hash-based proof systems. Compared to SNARK systems relying on pairings/KZG, STARKs' underlying proof mechanisms are more suitable as a post-quantum ZK direction. However, this does not mean the entire Starknet network is already quantum-safe; wallet signatures, hash parameters, bridging mechanisms, and Ethereum L1 settlement still require synchronous migration.

  • QRL, Quantus, Abelian and other native or quasi-native PQ chains provide technical references for clean-slate post-quantum designs: QRL represents the early hash-based signature route, Quantus represents the narrative of native PQ L1 with new-generation NIST PQC, and Abelian leans towards lattice-based privacy-preserving L1. Their path 'building quantum-resistant chains from day one' is feasible, but their network effects, liquidity, and application ecosystems remain far weaker than BTC/ETH, making them better suited as technical samples.

Conclusion: Security Debt Maturity and the Entire Ecosystem's 'Q-Day' Countdown

Quantum computing is not an apocalyptic 'doomsday weapon' to end blockchain but a systemic reset of modern public-key cryptosystems. The core threat lies in future large-scale, fault-tolerant quantum computers (CRQC) possessing strategic-level cracking capabilities. The industry's real risk is not the lack of post-quantum algorithms (PQC), but whether the entire Web3 ecosystem can complete a full-chain coordinated migration before Q-Day (the quantum cracking critical point). In the short to medium term, the risk of current signature systems failing and the high cost of full-stack upgrades constitute a heavy 'security debt.' In the long run, survival pressure will transform into an industrial catalyst, directly spawning new security infrastructure sectors like PQ hybrid wallets, quantum-resistant institutional custody, quantum risk radar, and PQ signature aggregation.

Although the macro preparation period may be as long as 5–15 years, the truly comfortable 'engineering window' may only be 5–8 years left. This requires high-level coordination across the entire chain (from BIP/EIP proposals, node implementations, wallet adaptations, to exchange and custodian compliance upgrades). More importantly, market re-pricing may occur before Q-Day itself: if quantum resource estimates continue to be revised downward, hardware roadmaps significantly accelerate, or regulatory agencies and large custodians first propose PQC compliance requirements, the market may begin re-evaluating the cryptographic security model of blockchain assets earlier. Within this window, the two core ecosystems will face distinctly different ultimate tests:

  • Bitcoin: The core challenge is not cryptography but global social consensus and property rights governance. How to handle long-dormant Legacy UTXOs with exposed public keys is a political battle concerning the foundational narrative of 'immutability.'

  • Ethereum: The core challenge lies in the engineering complexity of multi-layered protocols and the full-stack ecosystem. How to complete cryptographic replacements across account, consensus, DA, and ZK layers without causing network paralysis, while offsetting signature size bloat.

In long-term asset allocation, post-quantum governance friction constitutes a 'structural tail risk' for BTC but is by no means a reason for immediate bearishness. Its 'difficult-to-change' extremely conservative governance presents a double-edged sword effect: it is both the greatest resistance to quantum-resistant migration and the core moat maintaining its value storage narrative and resisting centralized intervention. This requires investors to discard the static belief that 'BTC never needs major upgrades.' In the future, if any of the following scenarios occur – the Q-Day timeline is substantively accelerated, the community refuses to advance PQ migration while the peripheral ecosystem has already taken action, high-value exposed public key UTXOs trigger panic selling, or the handling of legacy assets leads to complete division – the market will re-discount BTC's security model and underlying consensus.

Tiền kỹ thuật số thịnh hành

Câu hỏi Liên quan

QWhat are the two core quantum algorithms discussed in the article, and how do they pose threats to cryptography?

AThe two core quantum algorithms are Shor's algorithm and Grover's algorithm. Shor's algorithm represents a 'dimensional reduction' threat as it can efficiently solve integer factorization and discrete logarithm problems, thereby breaking the foundational trust of modern public-key cryptosystems like RSA and Elliptic Curve Cryptography (ECC). Grover's algorithm acts as a 'brute-force accelerator,' providing a quadratic speedup in searching, which effectively halves the security level of symmetric encryption (e.g., reducing 128-bit security to 64-bit). The threat from Shor's is more fundamental and structural.

QAccording to the article, what is the 'Q-Day' and what does the Mosca Inequality explain?

AQ-Day refers to the critical point in time when a quantum computer first gains the practical capability to break mainstream public-key cryptography. It's not a fixed date but a probabilistic interval influenced by hardware progress, error correction, algorithm optimization, and state secrecy. The Mosca Inequality (X + Y > Z) explains the urgency of post-quantum migration *before* Q-Day arrives. X is the data's required confidentiality lifetime, Y is the time needed to complete the cryptographic migration, and Z is the time remaining until Q-Day. If the sum of data lifespan and migration time exceeds the time to Q-Day, the system is already in a migration lag and vulnerable to future 'harvest now, decrypt later' attacks.

QWhat are the key post-quantum cryptography (PQC) technical standards established by NIST, and what are their respective purposes?

ANIST has established three core PQC standards: FIPS 203 (ML-KEM), which is a lattice-based Key Encapsulation Mechanism for secure key exchange; FIPS 204 (ML-DSA), a lattice-based Digital Signature Algorithm for general-purpose digital signatures; and FIPS 205 (SLH-DSA), a stateless hash-based Digital Signature Algorithm serving as a highly conservative backup option for signatures. This establishes a 'one encapsulation, two signatures' framework for the industry's migration.

QHow does the quantum threat profile differ between Bitcoin and Ethereum, and what are their respective core migration challenges?

AFor Bitcoin, the threat is highly non-uniform and depends on whether a UTXO's public key has been exposed on-chain. The core challenge is not cryptographic but one of global social consensus and property rights governance, particularly regarding how to handle legacy, high-value, exposed UTXOs (like potential Satoshi-era coins) without violating the 'immutability' and 'code is law' narratives. For Ethereum, the threat permeates its full-stack architecture (EOA accounts, consensus BLS signatures, data availability layers like KZG). Its core challenge is the immense engineering complexity of coordinating a multi-layered cryptographic overhaul across its entire ecosystem (execution, consensus, data layers, L2s, bridges, custodians) without causing network paralysis, while also managing the signature size inflation inherent to PQC algorithms.

QWhat is the article's overall conclusion regarding whether quantum computing will 'end' cryptocurrency?

AThe article concludes that quantum computing is not an 'apocalyptic weapon' that will end blockchain or cryptocurrency. Instead, it represents a systemic reset of modern public-key cryptography. The real risk is not a lack of post-quantum algorithms but the ability of the entire Web3 ecosystem to complete a coordinated, full-chain migration before Q-Day. The industry faces a 'security debt' with a limited 'engineering comfort window' of roughly 5-8 years. The ultimate test is less about technology and more about navigating complex social consensus (for Bitcoin) and immense full-stack engineering coordination (for Ethereum). Survival pressure may, in fact, catalyze new security infrastructure sectors.

Nội dung Liên quan

MSTR tiết lộ bán 3,588 Bitcoin, giá cổ phiếu lao dốc 5% trong ngày

Công ty Strategy, chủ sở hữu doanh nghiệp lớn nhất thế giới, đã công bố việc bán 3.588 Bitcoin trong khoảng thời gian từ 29/6 đến 5/7 để thu về khoảng 216 triệu USD, nhằm chi trả cổ tức cho các cổ phiếu ưu đãi. Đây là lần bán Bitcoin lớn nhất trong lịch sử công ty, đánh dấu sự thay đổi từ chiến lược "chỉ mua, không bán" trước đây sang việc sử dụng Bitcoin như một tài sản để quản lý thanh khoản. Động thái này diễn ra trong bối cảnh giá Bitcoin và cổ phiếu MSTR đều chịu áp lực giảm. Sau thông báo, giá cổ phiếu Strategy đã giảm hơn 5% trong phiên. Công ty trước đây từng tuyên bố "không bao giờ bán Bitcoin", nhưng đã có hai lần bán nhỏ vào tháng 5 và giờ là đợt bán lớn với quy mô gấp hàng trăm lần. Nguyên nhân chính đến từ áp lực tài chính. Strategy phải chi trả khoảng 1,5 tỷ USD cổ tức ưu đãi hàng năm, trong khi dòng tiền từ hoạt động phần mềm không đủ trang trải. Khi huy động vốn mới khó khăn, công ty buộc phải bán Bitcoin để duy trì hoạt động. Mô hình hiện tại của Strategy là tiếp tục mua Bitcoin khi điều kiện tài chính thuận lợi và bán một phần khi cần thanh khoản, tạo thành một vòng vận hành khép kín. Tính đến ngày 5/7, công ty vẫn nắm giữ 84.377 Bitcoin với giá vốn trung bình khoảng 75.700 USD.

华尔街日报1 giờ trước

MSTR tiết lộ bán 3,588 Bitcoin, giá cổ phiếu lao dốc 5% trong ngày

华尔街日报1 giờ trước

Donald Trump, Tổng thống Mỹ biết 'chơi' chứng khoán nhất

Donald Trump, tổng thống Mỹ giàu có nhất lịch sử, đã kiếm được 2,2 tỷ USD trong năm 2025, theo báo cáo tài chính công khai. Phần lớn thu nhập đến từ tiền điện tử (1,4 tỷ USD), đặc biệt là đồng meme $TRUMP và token WLFI của công ty World Liberty Financial do gia đình ông thành lập. Lĩnh vực bất động sản truyền thống mang về 575 triệu USD, với các khu nghỉ dưỡng và sân golf như Mar-a-Lago có doanh thu tăng mạnh nhờ sự hiện diện của ông. Trump cũng thực hiện hơn 22.000 giao dịch chứng khoán trong năm, với tần suất cao bất thường và thời điểm giao dịch trùng khớp với các sự kiện chính sách quan trọng, dấy lên lo ngại về xung đột lợi ích. Dù Nhà Trắng cho biết các giao dịch do đội ngũ chuyên nghiệp quản lý, việc Trump không sử dụng ủy thác mù (blind trust) như các tổng thống tiền nhiệm vẫn là điểm gây tranh cãi. Bài viết nhận định Trump đã biến vai trò tổng thống thành một "cỗ máy kinh doanh", khai thác triệt để ảnh hưởng chính trị để thu lợi nhuận cá nhân và gia đình, từ tiền điện tử, bất động sản đến chứng khoán. Điều này làm dấy lên cuộc tranh luận mới về ranh giới giữa quyền lực công và lợi ích tư trong chính trị Mỹ.

marsbit2 giờ trước

Donald Trump, Tổng thống Mỹ biết 'chơi' chứng khoán nhất

marsbit2 giờ trước

Chịu lỗ 55 triệu USD cũng phải bán tiền điện tử, Ngày đáo hạn cho niềm tin của Strategy

Vào ngày 6/7, Michael Saylor thông báo MicroStrategy đã bán 3,588 BTC (trị giá khoảng 216 triệu USD) để trả cổ tức cho chứng khoán ưu tiên số. Giao dịch này ghi nhận khoản lỗ thực tế lên tới 55 triệu USD so với giá mua trung bình của công ty. Đây là lần bán đầu tiên kể từ năm 2022 và đánh dấu sự đảo chiều so với chiến lược "không bao giờ bán" trước đây. Động thái này xuất phát từ áp lực tài chính bắt buộc. MicroStrategy phát hành nhiều loại chứng khoán ưu tiên (như STRC) với nghĩa vụ trả cổ tức/lãi hàng năm lên tới khoảng 1,76 tỷ USD. Khi giá Bitcoin giảm, cổ phiếu MSTR mất phần premium so với tài sản ròng (mNAV), khiến việc huy động vốn mới bằng cách phát hành cổ phiếu trở nên bất lợi. Do đó, bán Bitcoin để chi trả trở thành lựa chọn khả thi duy nhất. Tác động chính là sự thay đổi cơ cấu thị trường: từ một nhà mua kiên định lớn nhất, MicroStrategy nay trở thành một nguồn bán có lịch trình, ước tính cần bán khoảng 29,000 BTC mỗi năm để đáp ứng nghĩa vụ. Điều này gây áp lực tâm lý lên giá Bitcoin và đặt dấu hỏi về mô hình DAT (Kho bạc tài sản số) của nhiều công ty khác. Tuy nhiên, với dự trữ tiền mặt 2,55 tỷ USD, MicroStrategy vẫn có khả năng chi trả trong khoảng 17 tháng mà không cần bán thêm Bitcoin. Lối thoát cho công ty phụ thuộc vào việc giá Bitcoin phục hồi, giúp chứng khoán ưu tiên STRC trở lại mệnh giá 100 USD và mở lại kênh huy động vốn, từ đó khởi động lại "bánh đà" tăng trưởng cũ.

链捕手3 giờ trước

Chịu lỗ 55 triệu USD cũng phải bán tiền điện tử, Ngày đáo hạn cho niềm tin của Strategy

链捕手3 giờ trước

Giao dịch

Giao ngay

Bài viết Nổi bật

Làm thế nào để Mua ONE

Chào mừng bạn đến với HTX.com! Chúng tôi đã làm cho mua Harmony (ONE) trở nên đơn giản và thuận tiện. Làm theo hướng dẫn từng bước của chúng tôi để bắt đầu hành trình tiền kỹ thuật số của bạn.Bước 1: Tạo Tài khoản HTX của BạnSử dụng email hoặc số điện thoại của bạn để đăng ký tài khoản miễn phí trên HTX. Trải nghiệm hành trình đăng ký không rắc rối và mở khóa tất cả tính năng. Nhận Tài khoản của tôiBước 2: Truy cập Mua Crypto và Chọn Phương thức Thanh toán của BạnThẻ Tín dụng/Ghi nợ: Sử dụng Visa hoặc Mastercard của bạn để mua Harmony (ONE) ngay lập tức.Số dư: Sử dụng tiền từ số dư tài khoản HTX của bạn để giao dịch liền mạch.Bên thứ ba: Chúng tôi đã thêm những phương thức thanh toán phổ biến như Google Pay và Apple Pay để nâng cao sự tiện lợi.P2P: Giao dịch trực tiếp với người dùng khác trên HTX.Thị trường mua bán phi tập trung (OTC): Chúng tôi cung cấp những dịch vụ được thiết kế riêng và tỷ giá hối đoái cạnh tranh cho nhà giao dịch.Bước 3: Lưu trữ Harmony (ONE) của BạnSau khi mua Harmony (ONE), lưu trữ trong tài khoản HTX của bạn. Ngoài ra, bạn có thể gửi đi nơi khác qua chuyển khoản blockchain hoặc sử dụng để giao dịch những tiền kỹ thuật số khác.Bước 4: Giao dịch Harmony (ONE)Giao dịch Harmony (ONE) dễ dàng trên thị trường giao ngay của HTX. Chỉ cần truy cập vào tài khoản của bạn, chọn cặp giao dịch, thực hiện giao dịch và theo dõi trong thời gian thực. Chúng tôi cung cấp trải nghiệm thân thiện với người dùng cho cả người mới bắt đầu và người giao dịch dày dạn kinh nghiệm.

Tổng lượt xem 592Xuất bản vào 2024.12.12Cập nhật vào 2026.06.02

Làm thế nào để Mua ONE

Thảo luận

Chào mừng đến với Cộng đồng HTX. Tại đây, bạn có thể được thông báo về những phát triển nền tảng mới nhất và có quyền truy cập vào thông tin chuyên sâu về thị trường. Ý kiến ​​của người dùng về giá của ONE (ONE) được trình bày dưới đây.

活动图片