Welcome,
This week at Project Eleven, our CEO Alex Pruden spoke at the Quantum Bitcoin Summit hosted at Presidio Bitcoin. He discussed the “Quantum Threat Model” as well as yellowpages.xyz. We have also released a new blog post “TEE Attestation from the Browser”, which explains why yellowpages does AWS Nitro Enclave attestation in the browser: to let the user verify the enclave before sharing anything. By binding the ML‑KEM session keys to the attestation, we ensure no sensitive data leaves the browser until the enclave proves itself.
This week, the U.S. passed the GENIUS Act, the first federal law to directly regulate stablecoins. The act creates a clear framework for “payment stablecoins” (digital tokens pegged to currencies like the dollar) and says only approved, licensed issuers can offer them in the U.S. It also imposes strict reserve rules: every stablecoin must be backed 1-to-1 by “safe assets”, like dollars in a bank or short-term Treasury bills, to ensure the coins are fully redeemable and stable. In short, stablecoin issuers will be regulated more like banks, aiming to prevent the kinds of risks and crashes seen in unregulated crypto markets. For the crypto industry and stablecoin users, this is an important milestone.
This week, a group of Bitcoin developers and cryptographers introduced a new Bitcoin Improvement Proposal (BIP) to future-proof Bitcoin against quantum attacks. Titled “Post-Quantum Migration and Legacy Signature Sunset,” the draft BIP outlines a phased plan to retire Bitcoin’s current ECDSA/Schnorr signatures in favor of quantum-resistant alternatives. The authors state that roughly 25% of all Bitcoin unspent outputs have exposed public keys on-chain (making those funds vulnerable to a quantum attacker). A successful quantum break of Bitcoin’s cryptography could be economically catastrophic, not only emptying wallets but even undermining miners’ ability to secure the network.
The proposal calls for three main phases. Phase A would begin ~3 years after adoption and prohibit sending BTC to old, quantum-vulnerable addresses, forcing users to utilize a new post-quantum address type called P2QRH (Pay-to-Quantum-Resistant-Hash). In effect, old address formats (with exposed public keys) can no longer receive funds. Phase B, expected ~2 years after Phase A, would go further – making all transactions using legacy ECDSA/Schnorr signatures invalid. Any coins still left in old addresses at that point would be “frozen” and unspendable until migrated. Finally, Phase C is an optional future step: the authors are exploring a recovery method for those frozen coins via a cryptographic proof of the owner’s BIP-39 wallet seed phrase (to prove ownership without relying on the now-invalid old key). This last phase would depend on further research.
Why such an aggressive plan? Time is running out to coordinate a smooth quantum-safe transition. Some forecasts put the arrival of quantum computers capable of cracking Bitcoin’s keys as soon as 2027–2030. The proposal says, “The longer we postpone migration, the harder it becomes to coordinate”, advocating for a clear timeline to align everyone and minimize chaos. By instituting a hard deadline (in essence, “upgrade your keys or lose access to your funds”), the plan creates a powerful incentive to act before Q-day hits. The ultimate goal is to secure the value of the entire UTXO set preemptively. This would eliminate the possibility of a quantum adversary capturing up to a quarter of all Bitcoin that is currently secured by vulnerable keys. It’s a bold proposal, effectively force-migrating Bitcoin, but its authors believe this may be necessary to preserve Bitcoin’s integrity in the quantum era. The idea has already sparked lively debate (e.g. about potentially freezing Satoshi-era coins), but it has undoubtedly moved the conversation forward on Bitcoin’s quantum readiness.
We’ve long known that, in theory, a quantum computer running Shor’s algorithm could break modern cryptography, and now we have a real-world experiment proving it. Researcher Steve Tippeconnic has published a paper documenting the first-ever quantum computer attack on an elliptic curve key using Shor’s algorithm. In the experiment, they successfully broke a 5-bit ECDSA-style key using IBM’s 133-qubit quantum computer. This research implemented a Shor’s algorithm variant that targets the elliptic curve discrete log problem (essentially the math underpinning Bitcoin’s keys), albeit on an intentionally small scale.
The quantum circuit they ran was remarkable both for its depth and success. It utilized 15 qubits (10 logical qubits for the computation, plus 5 ancilla/helper qubits) and was over 67,000 layers deep in quantum gates. In other words, the experiment had the quantum computer perform an extraordinarily long sequence of operations. Despite this complexity, the processor managed to maintain enough coherence to produce meaningful patterns in the output. After running the circuit 16,384 times and performing classical post-processing on the results, the correct secret key (k = 7 in the test case) stood out from the noise, appearing within the top candidates identified by the algorithm. In essence, the quantum run evaluated all 32 candidates at once, and the measurement results showed a clear peak at the real key, making it obvious which value was correct.
Now, a 5-bit key is astronomically far from any real cryptographic key (Bitcoin uses 256-bit ECC keys, for comparison). Breaking a 5-bit key does not compromise any actual systems, and this was strictly a proof-of-concept. But its significance is big: it demonstrates Shor’s algorithm working on real hardware. This is the first time a quantum computer has ever cracked an actual ECDSA cryptographic key (even a toy one) via Shor’s algorithm and the Quantum Fourier Transform, as opposed to merely factoring small numbers or simulating chemistry. The experiment shows that as quantum devices scale up in qubits and quality, they can indeed start to defeat classical cryptography. It is even emphasized that the pattern they observed is a physical phenomenon, and therefore not just simulation, but a direct validation of the quantum approach to key recovery. All of the code, circuits, and data from the experiment have been open-sourced, inviting others to reproduce or build on the result.
The immediate takeaway: quantum threats are moving from theory to reality. Of course, leaping from a 5-bit key to breaking 256-bit keys would require enormous advances- thousands or millions of times more capable quantum computers than we have today. But we now have a foothold: a tiny crack in the wall of elliptic curve cryptography has been made by a quantum device. It underscores why efforts to deploy post-quantum cryptography (PQC) must begin today. The clock is ticking, and both researchers and industry are treating it with urgency. Tippeconnic’s breakthrough arrives at a fitting time, just as Bitcoin developers are contemplating measures to migrate to PQC, and as standards bodies, companies, and governments worldwide ramp up their post-quantum transition plans. This successful key crack may be small, but it shows that quantum codebreaking is no longer just a thought experiment.
Denmark announces €80 million quantum computing initiative - Denmark’s export and investment fund EIFO and the Novo Nordisk Foundation are investing €80 million to create QuNorth, which will acquire and run “Magne,” expected to be the world’s most powerful commercial quantum computer. The machine will be open to European researchers and companies, bolstering Denmark’s bid to lead in quantum technologies.
Quantum computing is so fire — No, seriously. BofA says it could be humanity’s biggest breakthrough since the discovery of fire - Fortune says Bank of America analysts argue quantum computing could be humanity’s biggest leap since discovering fire, with the power to accelerate problem‑solving and knowledge growth dramatically. The note frames QC as a revolutionary shift beyond today’s semiconductor tech.
Quantum Blockchain Offers Potential Post-Quantum Security - University of Sussex researchers propose a “quantum blockchain” that blends time‑entanglement and phase encoding to make a tamper‑evident, scalable ledger resistant to future quantum attacks.
EnSilica unveils three-in-one IP block cutting post-quantum cryptography silicon area - EnSilica has introduced a three‑in‑one eSi‑CRYSTALS hardware IP block that runs Dilithium, Kyber and SHA‑3, cutting PQC silicon area, power and cost.