Quantum Computing's Bitcoin Kill Shot? Nah, It Just Needs the Energy Output of a Small Star

The doom-and-gloom crowd has been screaming from the rooftops again. Quantum computers are coming for Bitcoin, they're gonna crack the code, drain your bags, and send crypto to the grave — or so the FUD merchants would have you believe. But actual peer-reviewed research paints a different picture: launching a quantum attack on Bitcoin would require more energy than most civilizations could produce in their entire existence. So maybe calm down, Twitter.

The numbers don't fib. Running Grover's algorithm — the quantum technique that could theoretically speed up Bitcoin mining — against SHA-256 would need roughly 10²³ qubits slurping down 10²⁵ watts. That's roughly 3% of what the Sun vomits out constantly. Meanwhile, the current Bitcoin network is out here using a measly 15 gigawatts. A quantum 51% attack isn't cost-prohibitive. It's physically impossible with any hardware we can actually construct — or even imagine constructing, frankly.

"Quantum factoring records are mostly theater," according to a paper from University of Auckland's Peter Gutmann and Zürcher Hochschule's Stephan Neuhaus. They stress-tested every major quantum factoring "breakthrough" from the past twenty years. Results: solved using a 1981 VIC-20 home computer, an abacus, and a mutt named Scribble trained to bark exactly three times.

The joke lands because the underlying problem isn't a joke. Plenty of quantum "breakthroughs" run on rigged benchmarks — primes parked suspiciously close together — or preprocessing done on boring classical machines before handing the quantum box an artificially warm-up problem. One flashy D-Wave announcement claimed they'd cracked RSA-2048? The researchers fed those same numbers into a VIC-20 emulator and broke each one in roughly 16 seconds using a technique from 1945. That's not a quantum supremacy moment. That's a vintage computing flex.

So what should you actually be worried about?

Wallets, not mining. Shor's algorithm — which could theoretically derive a private key from a public key — remains the genuine long-term headache. Millions of Bitcoin sit in older or reused addresses where key data is already chilling on-chain, fully exposed to anyone with a quantum computer and a few trillion years to spare. That's the actual vulnerability surface area.

The silver lining: devs aren't twiddling their thumbs. BIP-360 and related upgrades aim to shrink wallet exposure and roll out quantum-resistant signatures. Markets appear relaxed, pricing roughly 40% odds on wallet-protecting upgrades before 2027 and almost zero chance of mining algorithm changes in that window.

The verdict? Quantum computing genuinely threatens Bitcoin's cryptographic bones down the road. But if you're bracing for an actual quantum machine to menace the network, you might want to first solve the small problem of powering a small star. Maybe stake some ETH to fund the research.