Key Points
- Independent researcher Giancarlo Lelli successfully compromised a 15-bit elliptic curve encryption key through quantum computing, earning a 1 BTC reward from Project Eleven
- The achievement represents the most significant publicly documented quantum assault on elliptic curve cryptography
- While Bitcoin employs 256-bit encryption — substantially stronger than the compromised 15-bit key — the technological divide continues to shrink
- Approximately 6.9 million BTC stored in addresses with visible public keys face potential vulnerability to advancing quantum technology
- Security experts remain split on urgency — projections range from several years to multiple decades before quantum computing poses genuine danger
Giancarlo Lelli, working independently, has successfully compromised a 15-bit elliptic curve encryption key utilizing a publicly available quantum computing system. For this accomplishment, Project Eleven, a startup focused on post-quantum security solutions, granted him a bounty of 1 BTC — valued at more than $78,000.
According to Project Eleven, this represents the “largest quantum attack” on elliptic curve cryptography documented in the public domain.
Lelli employed a modified version of Shor’s algorithm to extract a private key from its corresponding public key, searching through 32,767 potential values. Shor’s algorithm specifically exploits the mathematical foundations securing digital signatures across Bitcoin, Ethereum, and the majority of blockchain networks.
Prior to Lelli’s accomplishment, engineer Steve Tippeconnic successfully broke a 6-bit elliptic curve key in September 2025 utilizing IBM’s 133-qubit quantum processor. Lelli’s 15-bit achievement represents a 512-fold increase in complexity.
Bitcoin’s security relies on 256-bit elliptic curve cryptography. A substantial distance exists between this standard and the 15-bit key Lelli compromised. However, Project Eleven characterizes the remaining gap as “increasingly viewed as an engineering problem and not a fundamental physics problem.”
“The resource requirements for this type of attack keep dropping, and the barrier to running it in practice is dropping with them,” said Alex Pruden, CEO of Project Eleven.
Quantifying Bitcoin’s Exposure
Project Eleven’s analysis indicates that approximately 6.9 million Bitcoin reside in wallet addresses where public keys remain exposed on the blockchain. These holdings could face jeopardy should quantum computing capabilities advance sufficiently.
Bernstein analysts estimate this exposure represents roughly $450 billion in Bitcoin stored within legacy wallet formats featuring visible public keys.
The danger remains theoretical at present. Existing quantum computing infrastructure falls well short of thresholds necessary to compromise production-grade cryptographic systems.
Research from Google suggested that compromising 256-bit elliptic curve cryptography might demand fewer than 500,000 physical qubits. Subsequent research from the California Institute of Technology in collaboration with quantum firm Oratomic proposed the requirement could drop to approximately 10,000 qubits.
Industry Response and Preparation
Bitcoin core developers have put forward transition strategies toward post-quantum cryptographic standards. Ethereum, Tron, StarkWare, and Ripple have similarly announced preparatory initiatives.
Blockstream CEO Adam Back emphasized at Paris Blockchain Week in April that preventative measures should commence immediately, regardless of whether genuine threats materialize in years or decades. “Quantum computing still has a lot to prove. Current systems are essentially lab experiments,” Back said.
Bernstein has recommended measured responses, characterizing quantum computing as a medium to long-term technological evolution rather than an imminent crisis.
Within the Bitcoin community, consensus places the preparation timeline at three to five years, per Bernstein’s research.
Project Eleven, supported by Castle Island Ventures, Coinbase Ventures, and Variant, secured $20 million in Series A funding earlier this year, achieving a $120 million post-money valuation.
