For years, quantum attacks on Bitcoin have been considered a problem of tomorrow, only becoming less theoretical.
Quantum security startup Project Eleven says it has been awarded 1 Bitcoin Independent researcher Giancarlo Lelli won a Q-Day Award on Friday after cracking a 15-bit elliptic curve key on publicly accessible quantum hardware, deriving a private encryption key from the public key.
At current prices, the bounty is worth approximately $78,000. It is said to be the largest public demonstration of a class of attacks that could one day threaten Bitcoin, Ethereum (ETH) and most major blockchains.
Project Eleven wins 1 BTC Q-Day Award for largest quantum attack on elliptic curve cryptography to date
Researchers cracked a 15-bit ECC key on publicly accessible quantum hardware, a 512-fold improvement over previous public demonstrations.
The eleventh project won the Q-Day Award today…
— Project Eleven (@projecteleven) April 24, 2026
Elliptic curve cryptography is a mathematical method that allows crypto wallets to prove that they control funds without revealing their private keys. The public key is visible to everyone, but deriving the corresponding private key is actually impossible.
Quantum computers running Shor’s algorithm, a quantum technology first proposed in 1994, challenge this assumption by attacking the underlying logic that protects these signatures.
Riley’s results don’t mean Bitcoin is about to be cracked. Bitcoin uses 256-bit elliptic curve security. The search space for a 15-bit key has 32,767 possibilities, which is small in comparison. The award aims to measure whether quantum attacks on real cryptography-based products are moving from white papers to public hardware experiments.
The last public breakthrough was Steve Tippeconnic’s 6-bit demonstration in September 2025 using IBM’s 133-qubit quantum computer. Lelli’s 15-digit result amplified it 512 times in 7 months.
A bit is the smallest unit of information in a conventional computer, and qubits are equivalent to quantum computing.
Read more: A simple explanation of what quantum computing is and why it’s scary for Bitcoin
Theoretical resource estimates decline even faster. A paper published by Google Research last month stated that a full 256-bit attack would cost less than 500,000 physical qubits, down from previous estimates of millions.
Alex Pruden, CEO of Project Eleven, said: “The resource requirements of such attacks continue to decrease, and with them the barriers to running such attacks in practice.”
Pruden noted that the winning entry came from an independent researcher working on cloud-accessible hardware, not a national lab or private quantum chip.
This concern is most acute for wallets whose public keys are already visible on-chain. Project 11 estimates that there are approximately 6.9 million Bitcoins in such addresses, accounting for approximately one-third of the total supply, including Nakamoto’s estimated 1 million Bitcoins that have not been touched since the network’s inception. Any quantum computer capable of breaking 256-bit ECC can easily work through these wallets.
Bitcoin developers have proposed migration paths that include BIP-360, a proposal for improvements to Bitcoin that would add quantum-safe address types. Ethereum, Tron, StarkWare, and Ripple have all released plans for post-quantum transition.
15-bit is not 256-bit, but it is the latest point of rapidly growing interest among Bitcoin developers and the wider community.
