Giancarlo Lelli, an independent Italian researcher, obtained a private encryption key from its public counterpart on April 24 by sitting down at a cloud-accessible quantum computer, the type that anyone can rent by the hour. As a result, he was given the Q-Day Prize—one Bitcoin—by quantum security startup Project Eleven for the most extensive public demonstration of the attack class that poses a threat to Ethereum, Bitcoin, and more than $2.5 trillion in digital assets secured by ECC. No government laboratory. No hardware that is classified. Somewhere in a server farm, just a researcher, an algorithm, and a rented machine.
He broke a fifteen-bit key. That sounds modest, and according to one interpretation, it is. In comparison to the 256-bit keys that secure actual Bitcoin wallets, a 15-bit key has a search space of just 32,767 possibilities. This was quickly pointed out by critics, and their math is correct. The gap between 15 and 256 bits is exponential rather than linear, which is why cryptographers refer to it in terms of geological timescales. The security community isn’t quite laughing this one off, though, for a reason.
In September 2025, researcher Steve Tippeconnic used IBM’s 133-qubit quantum computer to break the record, which had stood at a 6-bit key seven months prior. In less than a year, Lelli’s result shows a 512x increase in complexity. The focus is on that rate of advancement. People are more concerned about the train’s speed than its destination. Exponential curves appear slow until they don’t, as anyone who has observed them long enough will know.
Lelli employed a variation of Shor’s algorithm, a quantum method that aims to solve the Elliptic Curve Discrete Logarithm Problem, which is the mathematical foundation for digital signature schemes found in Ethereum, Bitcoin, and the majority of major blockchains.
Since 1994, the algorithm has been known. The hardware that can run it has changed, and the theoretical cost of scaling it up has been decreasing more quickly than most anticipated. The physical qubit requirement for a full 256-bit attack was estimated by Google in their April 2026 whitepaper to be less than 500,000, but a later paper from Caltech and Oratomic reduced that number to as low as 10,000 in a neutral-atom architecture. The direction of travel is clearly visible, even though those are still substantial numbers.
The accessibility of Lelli’s accomplishment sets it apart from earlier milestones. An independent researcher working on cloud-accessible hardware—neither a private chip nor a national lab—wrote the winning submission. The most unsettling aspect of the official announcement is that detail, which is essentially a footnote. The notion that institutional resources are necessary for serious quantum research is beginning to erode. The hardware side of this equation might look completely different in ten years.
Approximately 6.9 million Bitcoin are stored in wallets whose public keys are already visible on the chain, making them potentially vulnerable in the event that quantum computers are ever large enough. It’s not a rounding error. For the time being, those wallets are secure because there is still a significant gap between 15 and 256 bits, and no reliable expert is forecasting an impending break. However, the discourse has changed. What was once perceived as a theoretical caution now has a practical feel to it. As this develops, there’s a growing perception that the industry’s comfort level with “we’ll deal with it later” is getting harder to defend with every new benchmark.
As of March 2026, BIP-360, a Bitcoin enhancement proposal that introduces quantum-resistant address formats, was operational on the testnet. Google has pledged to achieve quantum security by 2029. The transition to post-quantum cryptography is becoming a more active agenda item rather than a distant one. It’s still genuinely unclear if the larger cryptocurrency ecosystem is moving quickly enough. Real friction comes from bureaucratic inertia and the difficulty of coordinating upgrades across decentralized networks. It’s possible that the math is developing more quickly than the governance.
There is a certain sardonic elegance to the prize itself, which is one Bitcoin paid to crack a very small portion of Bitcoin’s actual security. The reward for proving the threat is the asset that is in danger. Project Eleven is already working on its next challenge, which will center on the nexus between quantum cryptanalysis and cutting-edge AI models. The frontier is constantly shifting. Whether the defenses are keeping up with it is the only true question.
