SHA

Low-Albatross-9246

yes because when you understand first the rarity, and 2)the security via SHA(don't remember the numbers) you will see that it's an amazing thing yet not discover by civilization and the way we are going into tech and energy use btc is one of the most important pillar of that for the futur but let that sink in and i'll take yours

jrakibi

thank you will probably add support for other hash functions soon (SHA-1, SHA-512, RIPEMD-160, BLAKE2, ...)

downtherabbit

What does that even mean. Quantum computing is a THEORY. A lot of quantum mechanics isn't even proven, it is just pretty maths. The closest we will get to "Quantum computing" is figuring out how to store a bit on an electron spinning around a neutron. And to make this useful for computing you would need something that could 'read' that particle to ask if it is a zero or one without changing it from a zero to one. Then you would need another mechanism that changes the way the electron spun from a zero to one. Then you would need to create another standard of defining what an electrons position around a neutron constitutes a one or a zero. Traditional gates with electrical current passing through them wouldn't work. Another option would be to leave our entire binary system behind (for which you would need to throw away UNIX, and create a completely new software and electrical engineering field from the ground up) and use the cosine of the angle of the electron from the neutron to give out a number between 1-360. You could use every group of subsequent four numbers and create an entire new field using base-60 (Sexagesimal) and using every group of subsequent four numbers would be a form of error correction (ECC). So each bit in sexagesimal would be represented by a possibility of four numbers from 1-360. And it would be the same as before, you would need to define what the electrons position around the nucleus correspods to what number. You would need to create a completely new invention that could reliably keep an electron in a certain space or side of the particle (using electromagnetism), and you would need one of these completely new inventions attached to EACH particle. Then you would need a completely new invention that could read the electrons position reliably, whilst corresponding to the input of the other new invention. None of these inventions work. And figuring out how to make them so small that could attach to a single particle without having an impact on other particles around it would require also an entirely new field of technology and physics that doesn't even exist yet. So even if you did all of this. You would have a series of particles running in series that would have to be insulated from all total outside EMF inteference like a faraday cage of sorts which again would require completely new inventions and a new field of science in itself. After all that. You would just have.... a very fast CPU..... And it still wouldn't be able to "speed up" the block speed. It could only be used to increase the hashrate of bitcoin mining. And it still wouldn't break SHA-256 encryption. All faster compute power over the next century is going to do is this. Wont break Bitcoin encyption, and wont break Bitcoin's fundamental code (block rate). It will only increase the hashrate. In short, whoever breaks moore's law and sees a massive improvement in CPU compute power over a very short time without other people having the technology yet will be able to take over the mining pool instantly and take up a large portion of the hashrate, and effectively own all brand new bitcoin. This is the possibility of "QuAnTuM ComPutInG" and the only thing we should be scared of. As this would centralise all new bitcoin to a single entity.

Chuu

How could bitcoin adapt though? SHA-256 is basically hard coded into the protocol.

666Sayonara

Im afraid its the worst option : the CIA. What a fucking bummer that would be. Im afraid the hashing algorithms in all our computers is all controlled by the CIA. Even SHA256. Basically they control the central server our computer clocks are based off of. (And thus how our RNG is generated). Notice how in windows its almost impossible now to set your own time. Im really fed up of the governments across the world and their blatant overreach. Its really time for a revolution, or maybe a great reset (but not for us).

pop-1988

> The last word in BIP39 is a checksum of the first 11 The last 8 bits of the 264 is a checksum of the random 256 bits (first 8 bits of the SHA256 hash of the 256 bits) So the last word is the last 3 bits of the random and the checksum Your brute force count is 2^47

sogo00

Oh, 2026 the year of the quantum doomers? * it does not break all cryptographic routines equally, but more likely asymmetric cryptography like elliptic curves like ECDSA (Bitcoin, old Eth), Schnorr (Cardano, Polkadot) or BLS (Eth 2.0) or DH (signatures) * Hash functions like SHA-256 (Merkle trees) & friends are weakened by factor 2 * most chains will be able to upgrade (if needed their sig scheme), though some need to get their shit together (looking at bitcoin). It is really individual - eth has for example the account abstraction that allows to swap out the sig...

Scottex99

Yeah but if they’re able to hack SNs wallet you can assume they can hack other encrypted stuff other than SHA based 1bn is cool, you know what’s cooler? 1tn

ReelTech

It does matter though as the value of breaking encryption of Satoshi’s wallet is far easier and more valuable than many other use cases of SHA-based uses of encryption.

riscten

Sounds like you're trying to crack encryption. Fundamentally, you're looking at reversing the SHA256 function. If you have a way to "calculate an answer to a complex problem VERY quickly", use it to reverse the SHA256 operation. You can validate results by simply running the function again on your output and validating that you're getting your input back. Once you've got that, you're a few vibecoding prompts away from breaking Bitcoin (and the entire modern world).

Aussiehash

You need to triple check the GPG pubkey of the wallet's developer. check the official site (not just the first hit in google), the official GitHub repo (there are many fakes for Electrum) and another site like the official Twitter or Telegram. Once you've added the genuine GPG and bookmarked the official website and GitHub, you must then check the GPG signature and SHA/MD5 every time you download or update the wallet.

Pezotecom

To add, 'most performant data center for mining bitcoin' is not accurate given that bitcoin mining has little to do with data. 'most performant computing farm' might do, and even then, calculating SHA-256 is not exactly the idea of modern computing.

skydiver19

Bitcoin’s proof of work may be resistant to logic based attacks, but that only protects the network, not the user. You do not need to hack SHA-256, outspend miners, or break consensus. You only need to compromise the weakest link in the chain, which is the human. That has always been true. AI does not need to defeat physics. It simply bypasses it. Social engineering operates above the protocol layer. A sufficiently advanced AI will not attack Bitcoin directly. It will manipulate people into signing transactions, revealing keys, or trusting interfaces it controls. It will do this better than any human ever could, personalised, persistent, emotionally aware, and at massive scale. Bitcoin is not taking jobs away. AI is. The same capability gap applies to persuasion, deception, and coercion. So proof of work may survive an age of powerful AI, but that does not mean Bitcoin holders automatically do. Physics protects consensus. It does not protect cognition. The real question is not can AI break Bitcoin. It is what happens when AI can reliably break humans.

Puny-Earthling

It's also just the sheer structure of Cryptocurrency. The algorithms that make the bitcoin blockchain are very vulnerable to Shor's algorithm. You can't secure this without some form of centralisation. The entire chain already exists in a manner that can be harvested now and decrypted later. It's going to die at this point and there is quite literally nothing that can be done about it. Your tiny chain pieces you keep in your offline wallets aren't going to be safe either. I see a lot of people here claiming "BUT SHA256!!" completely misunderstanding that the hashes are irrellevant so far as chain integrity goes. The signature accumulator algorithm BLS is no different either. It would take every single bitcoin holder surrendering their coins for complete blockchain key rotation into a Kyber encapsulated hybrid chain, which would also destroy any future coin mining opportunities. Then theres the problem of trying to secure the signature scheme, of which right now the only option is SPHINCS+ which is a hash based digital signature algorithm that can technically handle accumulation through kekkac based scheme's, but the algorithm is so slow, it is literally only recommended for code signing. The whole scheme is doomed.

VariatCA

Most people absolutely sleep on how absolutely, ridiculously gigantic 2^256 is when it comes to the possible amount of combinations in a SHA256 system, and immensely overestimate how fast *and* error-free they believe a quantum computer could run through these. It's only a couple orders of magnitude off from the number of *atoms* in the **entire observable universe**. A single U.S. penny has somewhere around *2.3 to 3.0 x 10^22* atoms in it.

disruptioncoin

Quantum attacks like Shor's algorithm break ECDSA **given the public key is already known**. It does not meaningfully help with HASH160/RIPEMD160/SHA256. Grover's algorithm gives only a square-root speedup, which is still not enough to break 160 bit hashes. So unless Satoshi's addresses have been spent from and were re-used, then this article only reveals a misunderstanding of how Bitcoin keys are actually revealed.

Evening-Patience9801

SHA-256

proXtu

Bulls*it. Miners can do only one thing: SHA256. AI doesnt need that function, so a miner is useless for AI.

r2tincan

Doesn't this keep happening? Is SHA 256 Hacked?

Oxizee

Is the real deal, but its low performance hash miner. Like they state before. Its like winning a ticket in a lottery. If you want faster chance on Bitcoins in a few years, then you need device with multiple Asics processors. And those are not cheap (1K - 3K). Mia Cooper (Support Manager from Oneshotminer told me this. *"Thank you for raising this concern. I understand why you’d want clear, factual confirmation, and I’m happy to explain this properly.* *First, I want to be very clear, the device is not fake and it is actually hashing. The display you see is not a pre programmed animation. The One Shot Miner is a real, open source, ESP32 based Bitcoin solo (lottery) miner, and its behavior can be independently verified.* *Here is how you can confirm that it is truly hashing:* *Open source firmware The miner runs open source NerdMiner firmware. The source code is publicly available and widely reviewed by the community. If the device were “fake,” this would be immediately exposed by developers who inspect and compile the firmware themselves.* *Real stratum connection When configured, the miner establishes a real Stratum TCP connection to a Bitcoin solo pool (such as nerdminers, tazmining, or public pool). You can verify this by:* *Checking the pool’s dashboard for your worker connection, or* *Viewing connection logs in the miner’s web interface* *Actual hash calculations The hashrate displayed is calculated from real SHA256 work performed by the ESP32 chip. While the hashrate is extremely low compared to ASICs, it is still genuine hashing. This is why the device is marketed as a hobbyist / lottery miner, not a profit generating miner.* *Community verification Thousands of users worldwide run the same firmware on self built NerdMiners using identical ESP32 hardware. The One Shot Miner uses the same architecture. Independent users have verified:* *Stratum handshakes* *Valid share submissions* *Pool side worker visibility* *No guarantees are made As clearly stated on our product page, the One Shot Miner:* *Is a hobbyist device* *Does not guarantee rewards, income, or financial returns* *Has odds comparable to a lottery ticket* *This disclosure exists precisely because the hashrate is real but extremely small, which can make it feel like nothing is happening.* *We are absolutely not trying to mislead anyone, and we’re more than willing to help you if you have other questions.* *Warm regards,* *Mia K. Cooper* *Customer Support Manager "* Do what you want with this info.....

tracedef

Well let's loook at the history: The Intelligence Community literally wrote the pre-Bitcoin white paper and built the algorithm Bitcoin runs on. **1. The Blueprint (1996):** Twelve years before Satoshi, the NSA released a paper titled **"How to Make a Mint: The Cryptography of Anonymous Electronic Cash."** * **Authors:** Laurie Law, Susan Sabett, Jerry Solinas (NSA Cryptographers). * **What it did:** It laid out the framework for secure, anonymous digital currency using public-key cryptography. It identified the exact "double-spending" problem Satoshi later solved. They didn't just predict crypto; they designed the prototype. **2. The Engine (2001):** Bitcoin cannot exist without **SHA-256**. That is the hashing algorithm used for every block, address, and mining transaction. * **Who made it?** The NSA. * **When?** Published in 2001. * **The Reality:** You literally cannot use Bitcoin without running code written by the US Intelligence Community. **3. The Precedent (Operation Rubicon):** We already know the CIA/NSA playbook: The NSA builds the tech, and the CIA deploys it. For decades, they secretly owned **Crypto AG** (the world’s biggest encryption company) to spy on global comms. It is historical fact that they create "secure" tech to monitor adversaries. I mean, this is relevant, no?

jpetros1

The key sentence you’re saying is “SHA-256 at a minimum”. Why use something that barely works (and won’t as quantum computers improve) when there’s a solution (Hedera) that’s natively SHA-384? As to ECC do you know the differences between a blockchain and a hashgraph right? Blockchains are fundamentally broken (mathematically) and unable to adjust to scale in a post-quantum computing world. No matter how many forks they have.

Cryptizard

>I disagree, quantum computers will drastically reduce the safety margin Well then you're just fucking wrong. It is factually incorrect. >Show me a government or global corporate enterprise that’s willing to bet their technology stack on anything less than sha-384. Uhhh... basically all of them. >NIST encourages application and protocol designers to implement SHA-256 at a minimum [https://csrc.nist.gov/projects/hash-functions/nist-policy-on-hash-functions](https://csrc.nist.gov/projects/hash-functions/nist-policy-on-hash-functions) >As to ECC my point is Hedera is much better positioned to adapt to this change vs every other blockchain that will require forking. Said with no reasoning to back it up whatsoever.

ConfidentialX

There is no need to panic, Bitcoin will sort itself out by migrating to a PQC sig, it will take time. Some chains are already quantum resistant (as are their wallets. On the other side of the coin, something which is pretty cool is Qubitcoin (not Qubic) which is an L1 is currently testing Super Dense Consensus; multi-task PoW architecture that integrates verifiable quantum circuit simulations into the blockchain's mining process. Unlike traditional PoW (like SHA-256 puzzles eg Bitcoin) where computational work has no external value, the Super Dense Consensus mechanism leverages miners' computational power (GPUs) to perform useful scientific calculations. In other words, pre set optimized libraries can be "plugged in" to Qubitcoin's software and the miner's computational power can be used to solve real world quantum problems. Currently, Nvidia's CuQuantum library is the default option. Very neat indeed, I am following closely as quantum simulation is very much an emerging space. The Qubitcoin team (headed up by academics from MIT & Vanderbilt) have found a way to decentralise quantum simulators.

fan_of_hakiksexydays

That's not at all what I said. Read it again. I'm not talking about breaking SHA-256, as I mentioned already in other comments, that's too difficult and not something the architecture of QC is most suited for, but in theory, QC could be used for mining down the line. Right now that technology is not there. It can't do it more efficiently, isn't built for it, and is insanely expensive. But with improvement in the technology in the future, in theory it could mine more efficiently and much more quickly.

fan_of_hakiksexydays

Actually, Bitcoin doesn't use RSA that many public key system use, it uses ellipitic curve cryptography. Signature and ownership is based on secp256k1 curve. And keep in mind that unlike the classic public key system, Bitcoin uses a hash function protected by SHA-256, for most of its security, rather than rely on just a public key system. In fact it doesn't have to rely on that for any of its consensus system. Guess why the entire computing power in the entire world has never been able to crack Satoshi's wallet, that would have made any country, any Saudi Prince, or any computer wizard much richer. And why QC will probably break social security, banking, WallStreet, etc...before coming close to cracking a wallet.

pop-1988

The people quoted in the article attempted to explain this, but their explanations were clueless QC: In theory, a sufficiently powerful QC running Shor's algorithm can discover a private key from a public key in a few days What's a Bitcoin address? Most addresses are a RIPE160 hash of a SHA256 hash of a public key. That is, Bitcoin spending is cryptographically protected by not publishing the public key, and by the impossibility of reversing the 2 hashing functions (QC can't reverse a hash fast enough to be a threat) In the early period of Bitcoin mining, the addresses of the 50-BTC mining reward coins are not hashes. They are public keys. Also, the miners from that period couldn't do anything with their rewards, so they recklessly deleted their wallet keys until trading markets began to appear some time in 2010. There are approximately 24,000 unspent 50-BTC mining reward coins with pubkey addresses --- Extra: the pubkey is published beside the signature in a spending transaction. Two steps are necessary for proof of the right to spend 1. hash the pubkey (pubkey -> SHA256 -> RIPE160) and verify that the hash matches the address stored on the coin being spent 2. use the signature and pubkey to verify that the signature was created using the correct privkey If a Bitcoin user repeatedly uses the same address for multiple coins, then spends one of them, the pubkey revealed in the spending transaction is exposed for all the other coins - so those coins become vulnerable in the same way as the old pubkey address coins

unthocks

You seem to be Bitcoin genius, now explain to me what shor's algorithm can do and it's limitation to SHA256. No AI, no chat gpt, explain it well.

LargeSnorlax

I've been thinking a lot about why people who so clearly don't understand the space they're in would stick around in it to complain about it. They watch 1 second charts, constantly following crypto news, consuming influencer swill, and interacting with the market multiple times a day. They obsessively check their portfolio and get raging mad when the price goes down, and feel nothing when the price goes up because they bought way higher. The average "crypto investoor" is someone who's never heard of Bitcoin or cryptocurrency before. They have no idea what blockchain does, they've never heard of SHA256, Satoshi Nakamoto isn't a name they've ever been familiar with. The only reason they've even heard about the market is because they were scrolling youtube (without an adblocker) and saw some ad from one of their favourite influencers talking about making SO much money in cryptocurrency! 100x coins WOW! GET RICH HERE! At the very height of the run, at all time highs. They clicked the embedded ad and got a video of the influencer saying how he was going balls deep in this hot new coin, WIF! It's a picture of a dog with a hat! WOW! It's at $4.50, which is a 5000x gain from when people originally bought it, but it has SO MUCH ROOM to go up still! Smiling, the investoor follows the steps in the video, slapping down a huge chunk of change on Coinbase that he sends from a wire transfer after KYCing and verifying his identity. He goes back to his life, completely forgetting he ever bought WIF but is confident that in a year he will be richer than king midas, holding the newest in digital technology. He comes back a few months later, wondering what is happening with his huge investment. Surely it's at least $20 each by now he thinks, logging into coinbase. He looks in shock - The price is $0.40, a 90% loss! How could this happen! What's going on! Did my account get hacked! He goes to look at his favourite influencers recent videos and there is no mention of WIF, instead he is talking about something called PI Network. The investoor is shocked. Why would the influencer abandon such a sure thing? He watched the video and was so sure he was going to make money. He logs into Reddit, angrily decrying the coin as a scam. He was set up! The market is rigged! Cryptocurrency is nothing but a sham! After a few months of decrying it as a scam, he finds a place called buttcoin, where people like him also say the market is rigged. He becomes a buttcoin poster, making sure to log in every day to post about how Bitcoin is now dead and the market is a hoax. The investoor could sell and cut his losses, but to do so would mean accepting that he is to blame for his own decisions. To push that button, that awful sell button would make him responsible for the things he's done, so it becomes something growing inside of him, something he can never do, something he can never accept responsibility for. Maybe it'll go up eventually, he thinks. Years pass, eventually even spamming Reddit and buttcoin grows old. He forgets the password to his coinbase account, and the coins are forgotten forever. He never learned about Bitcoin. He never had a need to enter a space where you trade person to person, or had a reason to get off the banking rails the rest of society uses. He wasn't a cypherpunk, he wasn't even an idealist or libertarian. He was just a gambler who thought he pushed the right combination of numbers because someone else told him to.

CanadianCompSciGuy

> SHA256 graph networks leading to quantum entanglement based clairvoyance I understand SHA256. I understand the concept of a SHA256 graph. I understand what a network is. I understand the concept of quantum entanglement. I understand the concept of 'clairvoyance.' Putting those words together like that, is complete nonsense as far as I'm concerned. You may as well said "Quick, hand me the headlight fluid" or "Go get me the elbow grease"

skydiver19

Correct, but that is only known now, or more recently known because of the Snowden leak. Before that, no one outside the NSA had the information needed to tell which algorithms were safe and which ones were quietly weakened. So the question is why Satoshi chose SHA-256. Was it random? I do not believe that. Was it just personal taste? Possible, but unlikely given how many other hash functions were more common and more widely adopted at the time. The stronger explanation is that someone involved had access to knowledge the public did not. Either they were a genuine expert with insider level understanding of cryptographic weaknesses, or they were in a position where they already knew SHA-256 was the only safe choice based on information that did not become public until years later. It is hard to deny that this makes a strong argument.

6thcoin

SHA-256 was invented in 2001 by the NSA. However, btc is based on a lot of other technology dating back decades before that.

skydiver19

You are arguing against something I never claimed. I never said SHA-256 has a backdoor. In fact I said the opposite. The entire point is that SHA-256 is one of the few NSA designed primitives that does not have a backdoor, while others from the same era did. That is exactly why it raises the question. Back then the public could not tell which algorithms were safe and which ones were weakened. Only the NSA had that internal knowledge. Bitcoin then ends up using the one NSA linked algorithm that actually turned out to be solid. We cannot prove it has no backdoor, but all current evidence and more than 20 years of analysis strongly indicate that SHA-256 is clean. It has had even more scrutiny since the Snowden leaks, and nothing suspicious has ever been found.

RobotAlfie

I see your point but it is speculation to assume just because the Snowden leaks revealed that the NSA had implemented a backdoor in Dual\_EC\_DRBG, it does not automatically mean SHA-256 has a backdoor. Claiming that SHA-256 is compromised without any direct evidence is guesswork in my opinion.

skydiver19

That would make sense if people already knew which algorithms were genuinely secure at the time, but they didn’t. The only group that had the internal knowledge to know which designs were actually solid and which ones were quietly weak was the NSA. The rest of the world found out years later, in 2013, when the Snowden leaks exposed the fact that some NSA promoted algorithms were intentionally compromised. So the idea that SHA-256 was simply “the most secure and everyone knew it” does not hold up. Back then there was no proven way for the public to know which hash functions had hidden weaknesses. The NSA, however, did know. And Bitcoin happened to use the one NSA linked algorithm that turned out to be the genuinely safe choice. Which is why there is a strong argument to say the NSA was involved in some way either directly or an employee who was exposed to this knowledge.

skydiver19

It is quite clear why they created weak algorithms alongside strong ones. You promote the encryption that you can break so the rest of the world adopts it, and you keep the one that you know is solid for your own use. That is exactly what happened with Dual_EC_DRBG. They pushed it as a secure option while keeping the backdoor to themselves. SHA-256 ended up being one of the few primitives with no weakness, which fits the pattern of an agency knowing exactly which designs were safe and which were compromised. Now ask why SHA-256 was used when other more popular and widely adopted hash functions existed at the time. Why was the one truly secure option chosen for Bitcoin. And often the simplest answer is the right one.

skydiver19

The really question is why SHA-256 was chosen at that time, over the others. SHA-256 was developed by the NSA, and it is one of the few NSA designed primitives that has held up with no evidence of a backdoor. This matters because the NSA has pushed algorithms in the past that did contain a backdoor. The best example is Dual_EC_DRBG, which the Snowden leaks confirmed was intentionally weakened. There is also the often referenced research paper titled “How to Make a Mint - The Cryptography of Anonymous Electronic Cash” written inside a US government agency in the mid 1990s. It describes a digital cash system with several ideas that later appeared in modern cryptocurrencies. That shows the concept of government researchers thinking about anonymous digital money long before Bitcoin existed. So the question is, and it is a valid one, how did Bitcoin end up using the one NSA linked algorithm that actually turned out to be safe, at a time when only the NSA would have known which designs were truly solid. It does not prove anything, but it does make it more believable that the NSA had some involvement, or that an employee with insider knowledge of which algorithms were secure played a part.

skydiver19

SHA-256 was developed by the NSA, and it is one of the few NSA designed primitives that has held up with no evidence of a backdoor. This matters because the NSA has pushed algorithms in the past that did contain a backdoor. The best example is Dual_EC_DRBG, which the Snowden leaks confirmed was intentionally weakened. There is also the often referenced research paper titled “How to Make a Mint - The Cryptography of Anonymous Electronic Cash” written inside a US government agency in the mid 1990s. It describes a digital cash system with several ideas that later appeared in modern cryptocurrencies. That shows the concept of government researchers thinking about anonymous digital money long before Bitcoin existed. So the question is, and it is a valid one, how did Bitcoin end up using the one NSA linked algorithm that actually turned out to be safe, at a time when only the NSA would have known which designs were truly solid. It does not prove anything, but it does make it more believable that the NSA had some involvement, or that an employee with insider knowledge of which algorithms were secure played a part.

skydiver19

SHA-256 was developed by the NSA, and it is one of the few NSA designed primitives that has held up with no evidence of a backdoor. This matters because the NSA has pushed algorithms in the past that did contain a backdoor. The best example is Dual_EC_DRBG, which the Snowden leaks confirmed was intentionally weakened. There is also the often referenced research paper titled “How to Make a Mint - The Cryptography of Anonymous Electronic Cash” written inside a US government agency in the mid 1990s. It describes a digital cash system with several ideas that later appeared in modern cryptocurrencies. That shows the concept of government researchers thinking about anonymous digital money long before Bitcoin existed. So the question is, and it is a valid one, how did Bitcoin end up using the one NSA linked algorithm that actually turned out to be safe, at a time when only the NSA would have known which designs were truly solid. It does not prove anything, but it does make it more believable that the NSA had some involvement, or that an employee with insider knowledge of which algorithms were secure played a part.

Victor_Pedron

The quantum issue is a global problem. Not reusing addresses, using segwit, maybe taproot, and everything else, are some possible solutions. We have 1211 QUBITS today, if I remember correctly, running unstable for micro seconds. To break SHA256, it takes around millions, for about 9 hours in a stable way. We are very far away. Until then, there will be a solution. And if there isn't, relax, it's not your share on the stock market that's safe, it's not your bank balance.

HodlVitality

SHA-256

im-a-smith

Do people compute SHA256 hashes in their head if they aren’t at a computer? Schiff is a goof but this is nonsense. 

9yqOW85P8XNcEze38

So House Democrats and Jamie Raskin say Donald Trump ran the “most corrupt crypto startup” because he made money, held billions in assets, pardoned executives, and dismantled regulators. That’s political turbulence. Bitcoin is aerodynamics. You can accuse presidents, shut down agencies, write reports, and chase scandals — none of that changes the thermodynamic truth of a decentralized monetary network that produces a block every ten minutes, immune to politics, corruption, or human error. You can investigate a politician. You can’t investigate SHA-256. So honestly… what does any of that have to do with Bitcoin?

9yqOW85P8XNcEze38

Look, talking about the U.S. invading Venezuela for resources is like arguing over how to shovel more coal into a steam engine while everyone else is flying in hypersonic jets. Bitcoin is an energy-optimized thermodynamic monetary network. Oil, land, borders… that’s outdated tech. Trying to secure prosperity through invasion is basically running 20th century geopolitics on a system that’s already been replaced by encrypted digital scarcity. You can invade Venezuela. But you can’t invade SHA-256. You can’t occupy a decentralized consensus mechanism spread across the planet like a self-repairing electrical grid. If anything, more geopolitical chaos just speeds up the move into Bitcoin because people want the strongest, most energy-anchored asset ever engineered. So really… what does any of that have to do with Bitcoin?

excelance

Used Grok to answer your question since I didn't want to type the entire thing out myself: Bitcoin mining in 2025 is basically solving complex math puzzles to validate transactions and earn newly minted BTC plus fees. You do this with specialized hardware called ASICs (Application-Specific Integrated Circuits) that crunch the SHA-256 hash function nonstop. The network difficulty is extremely high, so solo mining with anything you can buy as an individual is effectively impossible—you’d win a block maybe once every few centuries. **What to buy (realistic home/retail level):** * A modern ASIC miner: Bitmain Antminer S21, S21 Pro, or MicroBT Whatsminer M60S series (200–350 TH/s, 3,500–6,000 W power draw). Expect to pay $2,000–$6,000 new, less on secondary market. * Cheap electricity (under 6–8¢/kWh) or you’ll lose money. Good cooling/ventilation (these things are loud and hot). * A decent power supply (PSU) if not included, and a mining-friendly wallet. **Pool or solo?** Always join a pool. Pools combine thousands of miners’ hash power and pay you tiny fractions of every block proportionally (e.g., Foundry USA, AntPool, F2Pool, ViaBTC). Solo mining today is like playing the lottery with one ticket while pools give you steady, small payouts (think salary vs. hoping to hit Powerball). Even with one S21, a good pool will pay you $5–20/day before electricity costs (at \~7¢/kWh you might break even or slightly profit, depending on BTC price). Bottom line: Unless you have access to very cheap power (<5¢/kWh) and can handle noise/heat, mining at home is usually not profitable in 2025. Most people buy Bitcoin directly instead.

FeelessTransfer

NSA created SHA256 remember.

hole-in-the-day

If quantum computing becomes a threat, the safety of your bitcoin is in your own hands, anyone can quantum proof their btc as quickly as they'd like to. The safety of any money you have in a bank is out of your control, tied to its institutional timeline. Banks need to coordinate with regulators, migrate their legacy systems, update the payment clearing networks, etc. You avoid all of this. SHA-256 is quantum resistant for the foreseeable future, so you can even do it today if you want to. All that involves is creating a SHA256-only UTXO, wrapping it in P2WSH or Taproot (this allows the network to accept custom scripts) and sending your coins to it. Moving them out is harder, you'd need to manually build the transactions (though there are libraries like python-bitcointx that make this easier) and broadcast them from a node.

javi830810

serious question, if SHA-256 is breakable or whatever. What do we need to do, re-encrypt the whole ledger? How is something like that even feasible. We would need to render disabled all the ledgers out there, and force clients to re-download? just curious

Rent_South

Quantum FUD comes up every few months but the reality is pretty simple. First, hardware capable of breaking SHA-256 might never exist in practice. The theoretical requirements are so absurd that even experts in the field agree we are nowhere near it. Second, Bitcoin can adapt. If quantum ever became a real threat, the network can upgrade its cryptography long before anything breaks. There is nothing sacred about SHA-256. Bitcoin is not a static rock. And honestly the question is almost irrelevant. If quantum computers could crack Bitcoin’s security, they would also break banks, the military, nuclear command systems, the entire internet, pretty much every form of encryption we rely on. Bitcoin would be the least of humanity’s problems at that point. So no, quantum does not “render Bitcoin useless.” If anything, it exposes how little people understand the scale of the problem.

Renowned_Molecule

SHA-256 is NSA patent on their website. Bitcoin Core devs will try to quantum proof SHA-256. At least I hope they try or else..

Mediocre-Monitor8222

I see, well this is what Ive learned so far if you’re interested: The expectation now is that a quantum computer capable of breaking the SHA-256 hashing algorithm (what basically the entire internet uses for security among other things) wont appear until a few decades in the future. In the meantime scientists are already researching quantum proof algorithms. Since this is top priority for the entire world I believe they’ll get it done long before quantum becomes a threat. That said, Satoshi’s wallets with 1 million btc are on legacy wallets. If quantum can “break SHA-256”, it means it can simutaneously try a ton of combinations and brute force the private key of these old wallets. The market will be flooded with new btc, which will inevitably cause a crash. Once all old wallets are quantum hacked, all btc will be on quantum secure wallets and we can all move on with our lives.

IndigoRoot

If the hashing algorithm is then BTC can and will be improved to overcome that. The transition would be chaotic, but even Satoshi has already thought and talked about this. The biggest concern would be getting everyone to agree on the new hashing algorithm, since miners who have dumped a lot of money into hardware specific to SHA256 would stand to lose a lot switching to an algorithm their hardware can't perform on.

binary_quasar

Lmao ya'll are so naive and shortsighted, it's actually mind-blowing. >old technology Lmao it's a first-of-its-kind decentralized network that can be upgraded as necessary. People like you are the same types that fall for the quantum-resistant crypto narratives, and have almost no idea that if SHA-256 was broken we would literally have to change the entire traditional TradFi system first. Crypto would be the least of our worries in that scenario. We can see WLFI wallets. They are still accumulating BTC. If you are talking about altcoins like Melania, or Trump coin then anybody who purchased those absolutely deserve to get pwned in a rug pull.

External_Spite_7079

Not really man. Quantum computing is decades away from being applicable in the manner you think and really if it made SHA-256 and other encryption redundant, there's much bigger problems we face than the price of BTC.

Bigfella0077

SHA256 is the hashing method. Encryption scrambles the data. Hashing ensures the data hasn’t changed.

Pure_Beat2623

SHA-256 = NSA Federal reserve 2.0 15year prime mover advantage. Genesis block is US GOV The NSA and Bitcoin: Origins of the SHA-256 Hashing Algorithm https://share.google/WCtA2WoZFQiA8vZk2

mynutsrbig

Zcash wallet has Tor integrated and you should always use a SHIELDED address. I just said the public SHA256 transaction is corrupted. What’s the problem? Fu** the NSA.

FeelessTransfer

It will all make sense when you lookup who created SHA265... It was the NSA.

dookiehat

with CBDC’s coming up on the horizon and virtually everybody being against them I don’t see crypto being more than a speculative counter currency, and even possibly we’ll go all the way to zero like the tulip bubble in Holland. We aren’t there yet though. Institutions are trying to force crypto on people, and it’s basically surveillance capitalism mixed with the complete demise of Fiat so people are wising up to the facts that banks in central banks are the ones creating CDCs and all crypto NSA created SHA256 encryption which runs bitcoin, and isn’t particularly special given that cell towers use it email uses it. It’s not special. The only difference is that bitcoin app pens, a ledger to each coin. I think the idea of proof of work being an energy battery is almost interesting, except that the energy could be used to create actual physical products instead of having to basically double that energy to do the same thing. So instead of “storing “the energy in bitcoin it should just immediately be spent because you’re not actually getting the energy back, it is literally pretend, and everybody is agreeing that it has value, but when you actually think about it you are just having to expend energy twice. It is similar to debt as money. That’s part of why it works, but also part of why it’s volatile which makes it bad as a currency. For a currency to be adopted, it needs universal adoption, which is why it’s being forced on us through CBDCs, the problem, though is that the money inside of cryptocurrency is being gambled by the ultra wealthy, so they actually have access to the keys of CBD sees at the very least, if not bitcoin, which I believe was created by the NSA. It would be absolutely idiotic to think that the NSA creates SHA256 encryption in 2009 then bitcoin comes out. Nobody knows who Satoshi yakamoto is, then at the same time the bank of international settlements in Basel Switzerland, which is the central bank for central bankers, has all of these endeavors to re-engineer the financial, digital infrastructure, and at the same time all of these countries are fighting them while the media doesn’t show these revolutions happening in Mexico in London etc. Bitcoin was not a grass roots movement, it was a top down movement created by governments in order to experiment with currency and to keep the US dollar predominant across the globe, which is why Trump is now backing the US dollar with bitcoin. Paper money and Fiat is so much better for an anonymity that it’s almost farcical to think that a digitally traced currency could possibly be more anonymous. If you understand anything about how data is transferred through servers, you would know this is a joke. It’s just too complex for most people to wrap their heads around. But you don’t need to understand it on a technical level to realize it’s just locked up money in a cage that elite people can access while you’re not using it to gamble with it in highly risky, so-called assets like derivatives, other meme coins, scam, coins, and rug poles in order to transfer wealth from the lowest classes to the upper class “legitimately”. That is the narrative that will end cryptocurrency, but unfortunately, I don’t even know what will take its place.

dookiehat

bitcoin is only protected with SHA-256 encryption, like most internet traffic.

aprx4

Addresses that exposed their public key (by sending coins) aren't protected by SHA256. They are only protected by ECDSA, which will be vulnerable sometimes in future. Estimated 6-6.5 million BTC has public key exposed. Some of them would move once quantum-proof cryptography is ready, but inactive coins including those belonging to Satoshi likely won't. The only way to prevent a gold rush to crack exposed public key is to freeze them, but that is very controversial because it is against principle that who has the key control the coins.

RetiredAvocado

Bitcoin keys use ECDSA. All articles about "seized" bitcoin should be read as "surrendered" bitcoin. No they did not use some imaginary SHA256 backdoor to crack ECC based bitcoin keys. Those are not the same things. Pull up a grokipedia page on both and read them.

Fun-Requirement7941

"The origins of SHA-256 can be traced back to ***intelligence services in the US***, namely the National Security Agency, or the NSA for short." quick google search can prove it

Fun-Requirement7941

"SHA-256 was developed by the U.S. National Security Agency (NSA) in 2001"

Fun-Requirement7941

Because the government has a backdoor to all crypto, bitcoin uses SHA-k algorithm, which was created by the NSA funnily enough, decentralized my ass..

Maybe_Factor

Yes and no. Any new cryptocurrency using PoW in the way Bitcoin uses it has a decision to make: 1. Use SHA-256 like bitcoin, and get access to huge amounts of hashrate from existing bitcoin miners 2. Use another hash algorithm and go through the process of building hashrate in the same way bitcoin did (CPU mining > GPU mining > FPGA mining > ASIC mining) In any case, it doesn't mean bitcoin is unique. Bitcoin was just first.

longonbtc

You aren't going to make any money mining bitcoin unless you have access to very cheap electricity and you are willing to buy some efficient SHA-256 hashing application specific integrated circuits. If you just want to buy a cheap bitcoin miner to tinker with and do some mining for fun, then you can buy a small cheap lottery miner like a Bitaxe.

reddit4485

I think this would be true for an altcoin that uses SHA256 as a hash to mine by itself. However, you can use an alternative hash incompatible with the ASIC mining rigs used for bitcoin. Also, some coins (e.g. Rootstock) use merged mining that piggybacks on bitcoins hashrate but doesn't harm it. When done, it actually makes the crypto more secure and provides miners with extra revenue. https://www.binance.com/en/academy/glossary/merged-mining

Street_Outside_7228

Don’t store raw crypto private keys (seed phrases / raw private keys controlling funds) in SafeNotes or any general-purpose note app on a phone if you value those funds. You can store lower-value secrets there with strong mitigations, but private keys/seed phrases deserve hardware-backed storage (hardware wallet / secure element) or a dedicated wallet with audited key management.  Why — quick threat rundown • Mobile note apps (even “encrypted” ones) rely on symmetric encryption derived from a passphrase. If the KDF, AES mode, IV/tag handling, or backup format are implemented incorrectly, ciphertext can be weakened or integrity lost. I could not verify the exact KDF & AES-mode from the repo page alone. That’s a critical implementation detail.  • Even correctly-implemented local encryption can be defeated if the device is rooted, infected with malware, or if backups are stored unencrypted in cloud storage. SafeNotes explicitly warns features can’t be guaranteed on rooted devices and there are open issues suggesting backup encryption concerns. That increases risk for keys.  • Phone memory, clipboard, screenshots, Android/iOS backups, ADB access, or poorly-protected export files are all common leakage vectors for secrets stored in apps. An attacker with device access or a malicious app can often escalate to extract key material unless the app uses hardware-backed key stores and zeroes memory properly. Specific things I found (relevant to key storage) • Project claims AES-256, local storage only, and automated encrypted backup. Those are good signals, but claims ≠ proof — the security depends on how keys are derived, which cipher mode is used (AEAD like AES-GCM vs. CBC+HMAC), and whether backups are actually end-to-end encrypted.  • There are issues on the repo regarding backups and decryption (e.g., “Backup Date Not Encrypted”, “Decryption of json-backup”). That suggests backup handling and encryption of exported files is an active pain point. I’d treat backups as suspect until confirmed otherwise.  If you must store keys in SafeNotes (how to reduce risk) If you absolutely must keep a private key on the phone in SafeNotes, apply all of the following — missing any one substantially raises risk: 1. Use a very long, high-entropy passphrase (passphrase ≫ password). No dictionary words. Treat it like a seed. (If an attacker brute-forces your passphrase, the app encryption collapses.)  2. Confirm the app uses a strong KDF (Argon2 or PBKDF2 with ≥100k iterations for PBKDF2-SHA256) and per-note salt. If not, don’t store keys. (I couldn’t confirm the KDF/iterations from the public repo pages — you should check the code.)  3. Ensure the app uses AEAD (AES-GCM or ChaCha20-Poly1305) for encryption so ciphertext integrity is enforced (no silent tampering). If it uses AES-CBC, verify an HMAC is applied correctly. (Again: confirm in code.)  4. Disable cloud backups of the app data and do not allow automatic cloud sync of backups (unless the backup file itself is E2EE with the same passphrase). Exported JSON/backup files must be encrypted with the passphrase-derived key and authenticated. If the app exports plaintext JSON or a backup that’s not protected by the passphrase, treat it as plaintext. (Repo issues suggest this area needs checking.)  5. Enable biometric/OS-protected keystore wrapping if the app supports it: keep derived keys wrapped by Android Keystore / iOS Keychain (hardware-backed) rather than writing them to plaintext secure storage. Verify the code uses flutter_secure_storage or platform keystore correctly.  6. Don’t copy seed phrases to clipboard or screenshots. Use the app’s secure display only. Revoke clipboard content immediately. 7. If you remove the key later, overwrite the note and backups and rotate passphrases. On many phones, secure deletion is not guaranteed — assume recovery is possible unless device encrypts at disk level and key is destroyed. 8. Keep device firmware and OS patched. No amount of good app crypto helps a rooted/compromised device. Better alternatives (ranked) 1. Hardware wallet (Ledger, Trezor, or equivalent) — best for real funds. Keys never leave secure element. 2. Dedicated, audited mobile wallet that stores keys in the hardware-backed keystore and is designed for private key security (use audited apps with reproducible builds). 3. If you must use a note app: use it only for low-value secrets and apply all mitigations listed above.

rush87y

Blockchain isn’t secured by CPU power alone it’s secured by complex mathematics, specifically cryptographic hash functions like SHA-256. CPU or ASIC power just performs the math at massive scale but actual security comes from the cryptographic difficulty of reversing or faking those hashes. Without that math all the computing power in the world wouldn’t matter. and even that math isn’t invincible because quantum computing will eventually break the cryptography it relies on. Once quantum machines can efficiently reverse SHA-256 or derive private keys from public ones BTC entire security model collapses. It’s not a question of if, but when. The only defense will be migrating to quantum-resistant algorithms, and that’s not a trivial upgrade for a global decentralized networks. Now about that “the traditional banking system would fail before BTC,” I'm sorry but man that's just wishful thinking. Banks depend on regulation, liquidity, and policy, not hash power. Bitcoin’s network is technically resilient, but its value still relies on human trust and speculative belief. Don't get me wrong, Bitcoin can survive a bank run, but not a collapse in confidence and DEFINITELY not the inevitable quantum breakthrough.

Casakas

Bitcoin solved a very specific technical problem: the double-spend problem in a decentralized setting. Before Bitcoin, you couldn't have digital money without a central authority keeping the ledger clean. Bitcoin's consensus mechanism and proof-of-work made it possible for a global network of strangers to agree on one transaction history without trusting each other. Things like manipulation, institutional hoarding, or general "means of exchange" are secondary effects or use cases, not the core breakthrough. Is Bitcoin natural or artificial? It’s an artificial system built by humans, but it relies on natural economic and mathematical principles: scarcity, game theory, thermodynamics, and cryptographic hardness. Utility: \- censorship-resistant value transfer \- predictable monetary policy \- global access without permission \- strong settlement guarantees \- store-of-value potential, especially where local currencies fail As for the algorithm: Bitcoin uses SHA-256, which was designed by the NSA and standardized by NIST in 2001. Satoshi(whoever it is) simply adopted it for Bitcoin.

AutoModerator

Post is by: YokubariMP and the url/text [ ](https://goo.gl/GP6ppk)is: /r/CryptoMarkets/comments/1oqf8jt/bitcoin_ii_bc2_a_second_chance_to_join_the/ **Bitcoin II (BC2)** is a proof-of-work cryptocurrency using the **SHA-256 algorithm**, just like Bitcoin, with a **maximum supply of 21 million coins**. But unlike simple forks, BC2 launched with its **own genesis block**, giving everyone a **fresh start** : no pre-mine, no baggage, and a level playing field. 👉 **Project Philosophy:** BC2 isn’t trying to replace Bitcoin. It aims to be its **“sister chain”**, built on proven technology but designed for wider adoption and real-world use. The core idea: *“What if you had a second chance?”* That’s the essence of Bitcoin II : a fair opportunity to join a PoW blockchain from the ground up, without the massive entry barriers of BTC today. 🪙 **Key Features:** * **Algorithm:** SHA-256 (same as Bitcoin) * **Max Supply:** 21,000,000 BC2 * **Not a fork:** brand-new chain * **Fresh genesis block:** fully independent from BTC * **Low initial difficulty:** accessible mining for everyone * **Halving schedule:** every 210,000 blocks * **Goal:** simple, decentralized, and fair PoW crypto for daily use * **Current price :** around $0.70 ⚡ **Why It’s Exciting:** BC2 is one of the few chances today to join a **proof-of-work network early**, built on Bitcoin’s fundamentals — scarcity, security, and transparency. It’s a modern “reboot” of the Bitcoin concept, bringing back fair mining, community growth, and true decentralization. 🌐 **Official Links:** Website: [https://bitcoin-ii.org](https://bitcoin-ii.org) The explorer, whitepaper, and technical details are available right there. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CryptoMarkets) if you have any questions or concerns.*

mord_fustang115

We can all get together and do SHA over and over and over again by hand! Mining the old school way

pajanraul

Q. What problem did bitcoin solve exactly? Manipulation? Institutional hoarding? A meams of trading and exchange? Is it even natural or artificial? What utility does it hold? Who wrote the algorithm for bitcoins SHA-256? Love to know ppls thoughts apart from hyperbole

bogobogo50

LOL thanks for the comics. I do not have ANY problem finding my addresses now that I know in detail what does it means P2WPKH, P2SH, P2PKH, Purpose Coin type Account Receiving or change Index BIIP32/44/49/84/86/141, Entropy, BIP39, Checksum, Seed, Bech32, PBKDF2-HMAC-SHA512 ​(Password; Salt; Iterations; dkLen), HMAC(Password;m) =SHA-512((K′⊕opad) ∣∣ SHA-512((K′⊕ipad) ∣∣ m)), IL, IR, xprv, xpub, zpub, RIPEMD160, base58, digest, Witness program, etc etc. It is just that I find very strange that I had to build my own tool for calculating and printing all this, i want just to keep a simple paper wallet, no hardware wallets BS. I made the following tentatives : 1) Excel -> no way (it does not have built-in crypto hash functions, too complicated with VBA/Python outer call) But it was useful as a learning experiment. 2) Python -> do you really want me to learn another programming language? Even with chatGPT help it is too complicated to get there. 3) Html by Ian Coleman : even for the version offline I do not trust code with fetch() - network requests , document.cookie, Long Base64-like strings, XMLHttpRequest - classic XHR snippet, sorry. 4) [learnmeabitcoin.com](http://learnmeabitcoin.com) same as above, call me paranoic At the end i just resigned myself to copy and paste by hand all the values to a txt file and print it offline for each wallet - password, mnemonic, script, path, seed, xpriv, address, key of the address, etc. For the wallet apps there is less and less options : Exchange -> not your keys not you coins Exodus -> closed source so no (BTW it creates one BIP44, one BIP84 and one BIP86 address and then decides by itself which one use as receiving/change). So pratically only Electrum, but if you want all your address (BIP44, BIP84, BIP49) you need different wallets (only one script type per wallet? WTF). Even if there is no official organisation, still complicated standards have been negociated and approved, so why not a simple wallet derivation tool? I mean how "normal" people who does not want to engage with all this complicated mess can trust this system?

zenxro

Maybe someone found a way to crack SHA-256 algorithm and he only targets dromant lost wallets. Just saying

detectiverylan12

"Quantum ready" is just marketing fluff. Since Bitcoin hasn't yet updated to be quantum ready, we don't know current wallets would support it. It uses conventional ECC and SHA-256 like any other wallet.

moitch

Never heard of it but I own several old *scrypt* ASICs in that same form factor. Zeus Blizzard / GawMiners Fury You can unscrew it and slide it out and read the chips. Google the chips to see if they are SHA256 or Scrypt.

flying-fox200

Not all lost BTC is in P2PK outputs (though, yes, most of it). Any lost Bitcoin sitting as P2PKH, P2WPKH, P2SH or P2WSH UTXOs will actually be lost forever, since the RIPEMD160(SHA256(x)) hash is irreversible, even in a post-quantum era.

Rare-Energy-4357

the LunaBit modular Bitcoin miner, pitched as "LEGO for Bitcoin mining," is a highly appealing concept that successfully targets the niche market of Computer Science and Blockchain students with free dorm electricity. The device’s core value proposition lies in its educational utility providing hands-on experience with SHA-256 hashing and network protocols in a silent, desk-friendly format, which is a significant advantage over loud, industrial equipment. However, the projected €3.50 monthly earning is highly vulnerable to the Bitcoin network's ever-increasing difficulty (especially post-Halving), which means the product must be marketed almost exclusively on its learning features and modularity, not its profitability. To maximize appeal, you should position it as a "Blockchain Compute Unit," open-source the controller software to engage the DIY community, and address the high cost of expansion boxes to fully realize the promise of "grow as you want" customization.

PlanNo3321

Incorrect. Bitcoin mining requires specialized hardware (ASICs) to perform billions of SHA-256 hash calculations per second. AI models (like LLMs) run on GPUs/TPUs optimized for matrix math, not hashing — they’re orders of magnitude too slow for profitable mining. Even if you used AI to control mining rigs (e.g., optimize pool selection or difficulty prediction), the actual hashing must still be done by ASICs.

electricshadows4

The threat of quantum computers breaking Bitcoin’s ECDSA and SHA-256 cryptography isn’t imminent — it’s probably 8 to 12 years away at best. Even if you’re all in, it’s a good idea to re-evaluate every 2–3 years based on the current environment. We should all keep an eye on upcoming BIPs and to push for community consensus on migrating to quantum-secure cryptography by around 2030. If the network drags its feet or remains too rigid about forking, I will start to worry in 5 years. I think we’ll figure it out, but there will inevitably be some hard-headed holdouts who overestimate the safety of the current protocol and resist change. Anyone all-in on BTC should advocate early and often for a move to quantum-secure signatures to help ensure the network stays strong for the long term.

Financial-Nature5745

I get it… but quantum computers won’t actually “break” SHA-256. The real vulnerability lies with **ECDSA (Elliptic Curve Digital Signature Algorithm)** ...jd that’s what secoures Bitcoin’s private-public key pairs. So, technically, **only addresses that have already revaeled their public keys** (like old walets, early miner addreses, and even Satoshi’s coins) are exposed if quantum supremacy ever becomes real. SHA-256 itself remains solid… it’s ECDSA that could be craked to derive private keys from public ones. In that sense, whoever achieves true quantum supremaycy could, in theory, **claim or steal** those old, untouched coins. But once that happens, the rest of the network will just migrate to **quantum resistant cryptography**, leaving those few early addresses as the only real casualties. So yeah… the first one to reach quantum supremacy might get “rewarded”(ethically wrong in my opinion but thats how the world works I guess)… but the rest of Bitcoin will evolve and survive...so nothing to worry,, and this assumes that we truly achieved quantum supremacy which is exciting as it will be aweesome,, more cool inventions...

Wonderful_Writer_133

The article doesn't specifically mention bitcoin and talks about encryption security where messages are made unreadable without a decryption key. If you want to see the current state of the future quantum computing concern run some searches on your favorite AI: What is the difference between encryption and cryptography? Follow ups: What cryptographic method does Bitcoin use? Will Bitcoin's use of ECDSA and SHA-256 for authentication and blockchain security have vulnerabilities to attacks using quantum computing in the future?

Axe_Raider

do you think it takes 2^2 bits to solve SHA-2? mining is just brute-forcing operations until you find one with a sufficient number of 0 bits. it's not like you are factoring a number. you're just generating sha sums as fast as possible. 2^256 is the number of possible outputs. there are an infinite number of inputs. is a quantum computer really going to find inputs that generate all possible 2^256 outputs?

TheGreatMuffin

That's above my paygrade, tbh. From what I understand, the current consensus seems to be that there is no sufficiently strong algorithm to reverse SHA256 functions, that's why it's considered quantum safe. There's Grover's algorithm, but it's not considered to be powerful enough. For ECDSA there's Shor algorithm, which can be used with quantum computing. Can't claim to understand much about it though, so if you have more knowledge, I'm happy to learn :)

Turbulent_Progress_4

# 🧑‍💻 Satoshi Nakamoto still being alive **Odds:** Plausible but uncertain — maybe a **few percent** chance. * If Satoshi was middle-aged when active (2008–2011), they’d likely be in their 40s–60s today, so survival is not inherently improbable. * The disappearance could’ve been voluntary — a desire for privacy, legal caution, or ideological consistency — not death. * There’s also no direct evidence of their death; no known PGP keys revoked, no coins moved, etc. So while unlikely we’ll ever *hear* from them again, it’s very reasonable to think they could still be alive and silent. # ⚛️ Quantum computing “cracking” crypto this year **Odds:** Essentially **zero** for 2025. * Breaking Bitcoin (e.g., cracking SHA-256 or ECDSA) would require a *fault-tolerant* quantum computer with **millions** of stable qubits. * As of late 2025, the largest demonstrated quantum systems are still in the **hundreds to low thousands of qubits**, and none are close to the required error correction scale. * Even the most optimistic public roadmaps (Google, IBM, IonQ, etc.) talk about *post-2030* before achieving that level of fault tolerance. So: > If you want a rough numeric intuition: * Satoshi alive: 1 in 10 to 1 in 50 * Quantum crack this year: 1 in a billion (or lower)

TheGreatMuffin

SHA256 is considered quantum safe, it's about ECDSA being vulnerable to a (potential) quantum attack. The larger targets that you mentioned are centralized and can update their systems much faster than bitcoin, or simply roll back changes (banks). > why would they target Satoshi’s Bitcoin first and announce they have the capability? Good point, perhaps the random coins have been exhausted or they just want to be greedy, or want to make some point of "being able to", who knows.

warblade7

If someone had the ability to break cryptography with quantum computing why would they target Satoshi’s Bitcoin first and announce they have the capability? More likely they would target random Bitcoin if even Bitcoin at all. Breaking SHA256 means there are far larger targets to be had (govt systems, banking systems, military systems etc).

kitkatmentat

Granted it's poorly worded, but his "supercomputer" worry is still a valid concern, no? I'm assuming he was referring to the fear that SHA-256 could eventually get cracked

Numerous_Wonders81

You’re mixing two different questions: attack cost and who can control the rules. Both PoW and PoS can be attacked and censored if a majority colludes—the mechanisms and costs are just different. 1) “PoW can’t be censored” → not true. A miner (or cartel/pool) with majority hash can absolutely censor by simply refusing to include certain txs and by reorging blocks that do. That’s textbook 51% behavior. PoW’s defense is miner diversity and the cost to sustain that majority—not an impossibility of censorship. 2) Cost model (why the incentives differ): PoW = OPEX/rentable. Majority can be rented or redirected (hash from other SHA-assets, NiceHash, etc.). It’s pay-as-you-go; you can attack, leave, and there’s no in-protocol penalty for the attacker. Defense is social fork / user-activated rules. PoS = CAPEX/illiquid. To sustain censorship you must own or control the stake over time. In slashing systems you get burned; in no-slashing systems (Algorand/Cardano) your stake value is directly tied to the chain you’re attacking (you nuke your own bag) and the community can socially fork you out. Either way, it’s expensive to hold the attack. 3) “Even tiny PoS chains haven’t been taken over” vs “many PoW 51%’s.” We’ve seen multiple PoW 51% reorgs on mid-caps. For larger PoS networks, the attack vector is not “attacking yourself for fun,” it’s acquiring enough stake and holding it—which is hard, public, and illiquid. That’s why you don’t see easy smash-and-grab reorgs on serious PoS either. 4) Control vs rules: Neither PoW nor PoS lets an attacker unilaterally rewrite monetary rules without the social layer (nodes, exchanges, users) following. A PoW cartel changing block limits or supply fails if users reject their chain. Same for PoS. Ultimate governance is social consensus in both models. 5) Concrete trade-offs (useful framing): PoW: strong history, simple model; attacks are rentable, censorship possible with pool/cartel; no slashing, relies on fee/issuance “security budget.” PoS (Algorand/Cardano): attacks require stake control over time; censorship needs ongoing majority participation; Algorand adds private VRF committees + deterministic finality; Cardano uses probabilistic finality with a big, diverse SPO set. So the real question isn’t “PoW can’t be censored and PoS can.” It’s: Do you prefer a security budget paid in external energy (rentable) or in internal capital (stake that’s costly to hold and visible)? Both depend on decentralization of their respective power centers (pools/ASICs vs stake custody/pools), and both ultimately answer to users.

Kindly-Inspector1131

Jesus Christ man what is wrong with you? I’m sorry do you not do any research at all? Seriously!! I don’t understand how stupid this world has become!! Just bloody research it man!!! For Gods sake! Sha256 is a NSA project from the fucking 90’s!! This is decades old shit! Ecash is decades old! You think bitcoin is the first one and only? No!!! It’s been done before. America was always going to fail eventually. Most empires last around 250 years or so. You can’t keep printing money to no end. We’ve seen that play out before. So China and Russia and Indian are joining forces which makes it very bad financially for America. Saudi Arabia had a contract with America for the last 75 years. It was the petrodollar contract. That’s what kept America so powerful. The contract ended last year. Trump wanted to renew it. The Saudi said no. Do you understand the level of impact that had?? A 75 year contract ended. Now all trades will be done in local currency. This is all public knowledge, there’s no weird hidden secret here. The dollar has lost significantly over the past few decades and now it’s spiralling out of control. America can not keep printing money. We are at 38 trillion. If China decides to stop dealing with America, then it’s done. USA will crash completely. There will be riots and civil unrest. America needs the world to use their money to stay alive and rich. America does not provide the majority of the world with anything. Asians and Arabs can deal with everything they need from their side of the world. America is a useless country to the rest of the world. That’s a fact. China India Russia can provide all of their neighbours with everything. We have all the oil on our side. We have everything we need here. The only reason America is in Middle East was the petrodollar contract. That’s done. That’s why trump is flip flopping with tariffs! He knows that they can afford to lose him now. They don’t need America. China is 1000x better than America in every single way. They’ve just made the fast car on Earth. And it’s electric. China will provide Asia will all the new tech. Cars. Computers. Ai. Medical. You name it. America is done. You guys will have to lick each others asses now and eat hamburgers all day. By the way why do you think he’s attacking South America. America needs it to survive. This is ALL PUBLIC KNOWLEDGE. Ecash was the first peer to peer exchange. It didn’t work out. Bitcoin is the second version. SHA256. This runs on the NSA NETWORK. They created it. It’s public fucking knowledge! Who created SHA256??? If you don’t know what that is then you are far from home. And I can’t help you. Grow up. Also while you’re doing for research…find out what satoshi nakamoto actually translates to from Japan to English. If that doesn’t wake you up well then goodluck in your bubble. THIS IS ALL PUBLIC KNOWLEDGE.

RetiredAvocado

Network hashrate is not a value that can just be read. It is estimated. So when estimate says 1.2 ZH/s, is it counting sha256 hashes, or is it counting the entire operation SHA256(SHA256(Block_Header))? The latter would imply there are actually twice as many sha256 hashes done to equate to reported network hashrate of 1.103 ZH/s.

platinumarks

The only thing he understands about SHA-256 is that the number is 250 above the age of people he likes to "hang around with."

riscten

Exactly. They're already thinking of making fusion cheaper by generating gold as part of the process. Gold would basically be waste that they'd dump on the market to help offset the costs of running a fusion plant. Not only is there's a much clearer path to this process being viable than there is to breaking SHA-256 with QC, but Bitcoin can adapt to QC, while gold can't fight against excess supply. https://www.marathonfusion.com/

jgupdogg

If quantum can crack SHA256 encryption we are all fucked. Not just bitcoin

mordeng

Gotcha. Mixed up SHA-xxx with RSA and asymetrical procedures (which SHA is not)

CatatonicMan

Uh... no. I don't think you understand just how much more difficult 512 is than 256 (or 1024 than 512). Grover's Algorithm has the advantage of finding a SHA collision in the square-root of the input length - so it will only take, on average, 2^(128) operations to crack SHA-256, a massive speed up. But it will still take 2^(256) operations to crack SHA-512. That's not *twice* as hard as SHA-256; that's *3.4 \* 10**^(38)* times as hard.

CatatonicMan

The difference between "secure" and "insecure" is, fundamentally, the time it takes to crack something. For SHA specifically, a quantum computer will halve the bit length for the purposes of similar security. So a QC could crack SHA-256 in the time it would take an equivalent conventional computer to crack SHA-128 (and SHA-512 like SHA-256, etc.). So the takeaway is that if you throw enough bit-length at SHA, it'll be secure even against quantum computers.

mordeng

I call bullshit. How's any SHA quantum-safe? Just adding multiple layers on top just makes it a little bit harder