Reddit Posts
Introducing Galleoncoin / GALE : PoW privacy coin with masternodes.
Comparing Supercomputer networks to Bitcoin - How to convert exaflop to exahash?
Comparing Supercomputer networks to BTC - How to convert exaflop to exahash?
Bitcoin computes this SHA-256 hash function 550,000,000,000,000,000,000x times EVERY second
Entropy: only 121 bits (vs 128) on Blockstream Jade using dice rolls?
Do you think that Quantum Computing poses a threat to BTC encryption, algorithm, and/or security?
Is it possible for the energy input to break the difficulty adjustment?
Are P2WSH addresses the most quantum-secure addresses?
Can anyone here explain how / why it is not possible to get AI involved in the bitcoin mining industry / process?
Decrypt the Shadows: Unearth a New Order of Decentralization [SERIOUS]
Bitcoin is such a large idea its hard to wrap my mind around it
Unexpected Record: Balance of 50k Bitcoins Found in Calculation - Seeking Advice
Potential Security Loophole for all cryptocurrency.
Funny story about WIRED magazine and how they threw away (and lost forever) 13.35 BTC in 2013
Funny story about WIRED magazine and how they threw away (and lost forever) 13.35 BTC in 2013
SHA3D (our algorithm) isn't prone to 51% attack.
Celebrating 12 Years of our Digital silver - Litecoin
ELI5: If Bitcoin Mining is really just guessing inputs to SHA256 until an output matching the difficulty comes up, how does a miner know what guesses to avoid (previous failed guesses) in order to mine most efficiently ?
Is The National Security Agency (NSA) Behind The Invention of Bitcoin?
This Engineer Is Creating a Bitcoin Game Changer
[1998] Hal Finney: A zero-knowledge proof of possession of a pre-image of a SHA-1 hash
[1998] Hal Finney: A zero-knowledge proof of possession of a pre-image of a SHA-1 hash
Bitcoin mining on the blockchain, what exactly does a miner do? What is an ASIC? How the mining difficulty is adjusted? What if two miners find the answers at the same time? This post aims for the complete beginners as it is explained in very simple terms.
A really well done & informative description of LTC by NDAX - A Canadian Exchange. Bravo!
Satoshi, NSA and the SHA CRYPTOGRAPHY Algorithms
Ken Shirriff showing how to mine bitcoin with pen and paper
ELIF - Why aren't ML and GNNs used to solve hashing in a Traveling Salesman Problem context?
One about UTXO's, new outputs, inputs and previous outputs.
One about UTXO's, new outputs, inputs and previous outputs.
Bitcoin can survive brute force attack it's infeasible or impossible?
One about HD-wallets, master keypair, child individual keys.
One about HD-wallets, master keypair, child individual keys.
One about master key pair, child individual keys, addresses and signatures.
One about master keypair, child individual keys, addresses and signatures.
One about HD-wallets, master keypair, child individual keys.
19 years ago today, Hal Finney officially released Reusable Proof of Work (RPoW)
What is a blockchain? - A noob explanation
Open Source Initative | Documenting Bitcoin in a new way
Writing a summary on HD wallets, first part done, correct so far ?
[ANN] AsicCoin (ASC) | SHA256 - The coin for ASIC Mining!
How to (instruction) quickly make wallet with right balance of safety and usability
[Serious] Is Bitcoin secure? A reaction to “BTC whales are waking up, were their wallets hacked?"
Countering all the major anti-crypto arguments in one post.
A quick explanation the CZ Interpol Red Notice Rumour
Can ChatGPT4 have the computational power to break the SHA-256 encryption? Or does that have nothing to do with it?
Quantum computing and crypto developments
SHA 256 is a cryptographic hash function that is used to secure and validate transactions on the Bitcoin network. This algorithm was originally developed by the National Security Agency (NSA) in the United States as part of a series of secure hash algorithms.
Who would've thought that the algorithm used by the world's most popular cryptocurrency was originally designed for space exploration? That's right, NASA's SHA-256 algorithm is the backbone of Bitcoin's security and immutability.
What do you guys think will happen to bitcoin if quantum computers break SHA256 and solve the discrete logarithm problem (ECDLP)?
SHA256 vs Scrypt: How Comparing Hash Rates is Misleading | NKMAG
Litecoin vs Ripple: Differences, and Everything You Need to Know
MoneyShow announces the Peercoin blockchain will be used as an important part of its new newswire service.
How do I generate master key from the root seed
Storing seed phrase on encrypted USB drives
Do this to verify your BTC holdings in Binance new Merkle Tree Proof of Reserves And Liabilities
Mentions
Bitcoin keys use ECDSA. All articles about "seized" bitcoin should be read as "surrendered" bitcoin. No they did not use some imaginary SHA256 backdoor to crack ECC based bitcoin keys. Those are not the same things. Pull up a grokipedia page on both and read them.
"The origins of SHA-256 can be traced back to ***intelligence services in the US***, namely the National Security Agency, or the NSA for short." quick google search can prove it
"SHA-256 was developed by the U.S. National Security Agency (NSA) in 2001"
Because the government has a backdoor to all crypto, bitcoin uses SHA-k algorithm, which was created by the NSA funnily enough, decentralized my ass..
Yes and no. Any new cryptocurrency using PoW in the way Bitcoin uses it has a decision to make: 1. Use SHA-256 like bitcoin, and get access to huge amounts of hashrate from existing bitcoin miners 2. Use another hash algorithm and go through the process of building hashrate in the same way bitcoin did (CPU mining > GPU mining > FPGA mining > ASIC mining) In any case, it doesn't mean bitcoin is unique. Bitcoin was just first.
You aren't going to make any money mining bitcoin unless you have access to very cheap electricity and you are willing to buy some efficient SHA-256 hashing application specific integrated circuits. If you just want to buy a cheap bitcoin miner to tinker with and do some mining for fun, then you can buy a small cheap lottery miner like a Bitaxe.
I think this would be true for an altcoin that uses SHA256 as a hash to mine by itself. However, you can use an alternative hash incompatible with the ASIC mining rigs used for bitcoin. Also, some coins (e.g. Rootstock) use merged mining that piggybacks on bitcoins hashrate but doesn't harm it. When done, it actually makes the crypto more secure and provides miners with extra revenue. https://www.binance.com/en/academy/glossary/merged-mining
Don’t store raw crypto private keys (seed phrases / raw private keys controlling funds) in SafeNotes or any general-purpose note app on a phone if you value those funds. You can store lower-value secrets there with strong mitigations, but private keys/seed phrases deserve hardware-backed storage (hardware wallet / secure element) or a dedicated wallet with audited key management.  Why — quick threat rundown • Mobile note apps (even “encrypted” ones) rely on symmetric encryption derived from a passphrase. If the KDF, AES mode, IV/tag handling, or backup format are implemented incorrectly, ciphertext can be weakened or integrity lost. I could not verify the exact KDF & AES-mode from the repo page alone. That’s a critical implementation detail.  • Even correctly-implemented local encryption can be defeated if the device is rooted, infected with malware, or if backups are stored unencrypted in cloud storage. SafeNotes explicitly warns features can’t be guaranteed on rooted devices and there are open issues suggesting backup encryption concerns. That increases risk for keys.  • Phone memory, clipboard, screenshots, Android/iOS backups, ADB access, or poorly-protected export files are all common leakage vectors for secrets stored in apps. An attacker with device access or a malicious app can often escalate to extract key material unless the app uses hardware-backed key stores and zeroes memory properly. Specific things I found (relevant to key storage) • Project claims AES-256, local storage only, and automated encrypted backup. Those are good signals, but claims ≠ proof — the security depends on how keys are derived, which cipher mode is used (AEAD like AES-GCM vs. CBC+HMAC), and whether backups are actually end-to-end encrypted.  • There are issues on the repo regarding backups and decryption (e.g., “Backup Date Not Encrypted”, “Decryption of json-backup”). That suggests backup handling and encryption of exported files is an active pain point. I’d treat backups as suspect until confirmed otherwise.  If you must store keys in SafeNotes (how to reduce risk) If you absolutely must keep a private key on the phone in SafeNotes, apply all of the following — missing any one substantially raises risk: 1. Use a very long, high-entropy passphrase (passphrase ≫ password). No dictionary words. Treat it like a seed. (If an attacker brute-forces your passphrase, the app encryption collapses.)  2. Confirm the app uses a strong KDF (Argon2 or PBKDF2 with ≥100k iterations for PBKDF2-SHA256) and per-note salt. If not, don’t store keys. (I couldn’t confirm the KDF/iterations from the public repo pages — you should check the code.)  3. Ensure the app uses AEAD (AES-GCM or ChaCha20-Poly1305) for encryption so ciphertext integrity is enforced (no silent tampering). If it uses AES-CBC, verify an HMAC is applied correctly. (Again: confirm in code.)  4. Disable cloud backups of the app data and do not allow automatic cloud sync of backups (unless the backup file itself is E2EE with the same passphrase). Exported JSON/backup files must be encrypted with the passphrase-derived key and authenticated. If the app exports plaintext JSON or a backup that’s not protected by the passphrase, treat it as plaintext. (Repo issues suggest this area needs checking.)  5. Enable biometric/OS-protected keystore wrapping if the app supports it: keep derived keys wrapped by Android Keystore / iOS Keychain (hardware-backed) rather than writing them to plaintext secure storage. Verify the code uses flutter_secure_storage or platform keystore correctly.  6. Don’t copy seed phrases to clipboard or screenshots. Use the app’s secure display only. Revoke clipboard content immediately. 7. If you remove the key later, overwrite the note and backups and rotate passphrases. On many phones, secure deletion is not guaranteed — assume recovery is possible unless device encrypts at disk level and key is destroyed. 8. Keep device firmware and OS patched. No amount of good app crypto helps a rooted/compromised device. Better alternatives (ranked) 1. Hardware wallet (Ledger, Trezor, or equivalent) — best for real funds. Keys never leave secure element. 2. Dedicated, audited mobile wallet that stores keys in the hardware-backed keystore and is designed for private key security (use audited apps with reproducible builds). 3. If you must use a note app: use it only for low-value secrets and apply all mitigations listed above.
Blockchain isn’t secured by CPU power alone it’s secured by complex mathematics, specifically cryptographic hash functions like SHA-256. CPU or ASIC power just performs the math at massive scale but actual security comes from the cryptographic difficulty of reversing or faking those hashes. Without that math all the computing power in the world wouldn’t matter. and even that math isn’t invincible because quantum computing will eventually break the cryptography it relies on. Once quantum machines can efficiently reverse SHA-256 or derive private keys from public ones BTC entire security model collapses. It’s not a question of if, but when. The only defense will be migrating to quantum-resistant algorithms, and that’s not a trivial upgrade for a global decentralized networks. Now about that “the traditional banking system would fail before BTC,” I'm sorry but man that's just wishful thinking. Banks depend on regulation, liquidity, and policy, not hash power. Bitcoin’s network is technically resilient, but its value still relies on human trust and speculative belief. Don't get me wrong, Bitcoin can survive a bank run, but not a collapse in confidence and DEFINITELY not the inevitable quantum breakthrough.
Bitcoin solved a very specific technical problem: the double-spend problem in a decentralized setting. Before Bitcoin, you couldn't have digital money without a central authority keeping the ledger clean. Bitcoin's consensus mechanism and proof-of-work made it possible for a global network of strangers to agree on one transaction history without trusting each other. Things like manipulation, institutional hoarding, or general "means of exchange" are secondary effects or use cases, not the core breakthrough. Is Bitcoin natural or artificial? It’s an artificial system built by humans, but it relies on natural economic and mathematical principles: scarcity, game theory, thermodynamics, and cryptographic hardness. Utility: \- censorship-resistant value transfer \- predictable monetary policy \- global access without permission \- strong settlement guarantees \- store-of-value potential, especially where local currencies fail As for the algorithm: Bitcoin uses SHA-256, which was designed by the NSA and standardized by NIST in 2001. Satoshi(whoever it is) simply adopted it for Bitcoin.
Post is by: YokubariMP and the url/text [ ](https://goo.gl/GP6ppk)is: /r/CryptoMarkets/comments/1oqf8jt/bitcoin_ii_bc2_a_second_chance_to_join_the/ **Bitcoin II (BC2)** is a proof-of-work cryptocurrency using the **SHA-256 algorithm**, just like Bitcoin, with a **maximum supply of 21 million coins**. But unlike simple forks, BC2 launched with its **own genesis block**, giving everyone a **fresh start** : no pre-mine, no baggage, and a level playing field. 👉 **Project Philosophy:** BC2 isn’t trying to replace Bitcoin. It aims to be its **“sister chain”**, built on proven technology but designed for wider adoption and real-world use. The core idea: *“What if you had a second chance?”* That’s the essence of Bitcoin II : a fair opportunity to join a PoW blockchain from the ground up, without the massive entry barriers of BTC today. 🪙 **Key Features:** * **Algorithm:** SHA-256 (same as Bitcoin) * **Max Supply:** 21,000,000 BC2 * **Not a fork:** brand-new chain * **Fresh genesis block:** fully independent from BTC * **Low initial difficulty:** accessible mining for everyone * **Halving schedule:** every 210,000 blocks * **Goal:** simple, decentralized, and fair PoW crypto for daily use * **Current price :** around $0.70 ⚡ **Why It’s Exciting:** BC2 is one of the few chances today to join a **proof-of-work network early**, built on Bitcoin’s fundamentals — scarcity, security, and transparency. It’s a modern “reboot” of the Bitcoin concept, bringing back fair mining, community growth, and true decentralization. 🌐 **Official Links:** Website: [https://bitcoin-ii.org](https://bitcoin-ii.org) The explorer, whitepaper, and technical details are available right there. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/CryptoMarkets) if you have any questions or concerns.*
We can all get together and do SHA over and over and over again by hand! Mining the old school way
Q. What problem did bitcoin solve exactly? Manipulation? Institutional hoarding? A meams of trading and exchange? Is it even natural or artificial? What utility does it hold? Who wrote the algorithm for bitcoins SHA-256? Love to know ppls thoughts apart from hyperbole
LOL thanks for the comics. I do not have ANY problem finding my addresses now that I know in detail what does it means P2WPKH, P2SH, P2PKH, Purpose Coin type Account Receiving or change Index BIIP32/44/49/84/86/141, Entropy, BIP39, Checksum, Seed, Bech32, PBKDF2-HMAC-SHA512 (Password; Salt; Iterations; dkLen), HMAC(Password;m) =SHA-512((K′⊕opad) ∣∣ SHA-512((K′⊕ipad) ∣∣ m)), IL, IR, xprv, xpub, zpub, RIPEMD160, base58, digest, Witness program, etc etc. It is just that I find very strange that I had to build my own tool for calculating and printing all this, i want just to keep a simple paper wallet, no hardware wallets BS. I made the following tentatives : 1) Excel -> no way (it does not have built-in crypto hash functions, too complicated with VBA/Python outer call) But it was useful as a learning experiment. 2) Python -> do you really want me to learn another programming language? Even with chatGPT help it is too complicated to get there. 3) Html by Ian Coleman : even for the version offline I do not trust code with fetch() - network requests , document.cookie, Long Base64-like strings, XMLHttpRequest - classic XHR snippet, sorry. 4) [learnmeabitcoin.com](http://learnmeabitcoin.com) same as above, call me paranoic At the end i just resigned myself to copy and paste by hand all the values to a txt file and print it offline for each wallet - password, mnemonic, script, path, seed, xpriv, address, key of the address, etc. For the wallet apps there is less and less options : Exchange -> not your keys not you coins Exodus -> closed source so no (BTW it creates one BIP44, one BIP84 and one BIP86 address and then decides by itself which one use as receiving/change). So pratically only Electrum, but if you want all your address (BIP44, BIP84, BIP49) you need different wallets (only one script type per wallet? WTF). Even if there is no official organisation, still complicated standards have been negociated and approved, so why not a simple wallet derivation tool? I mean how "normal" people who does not want to engage with all this complicated mess can trust this system?
Maybe someone found a way to crack SHA-256 algorithm and he only targets dromant lost wallets. Just saying
"Quantum ready" is just marketing fluff. Since Bitcoin hasn't yet updated to be quantum ready, we don't know current wallets would support it. It uses conventional ECC and SHA-256 like any other wallet.
Never heard of it but I own several old *scrypt* ASICs in that same form factor. Zeus Blizzard / GawMiners Fury You can unscrew it and slide it out and read the chips. Google the chips to see if they are SHA256 or Scrypt.
Not all lost BTC is in P2PK outputs (though, yes, most of it). Any lost Bitcoin sitting as P2PKH, P2WPKH, P2SH or P2WSH UTXOs will actually be lost forever, since the RIPEMD160(SHA256(x)) hash is irreversible, even in a post-quantum era.
the LunaBit modular Bitcoin miner, pitched as "LEGO for Bitcoin mining," is a highly appealing concept that successfully targets the niche market of Computer Science and Blockchain students with free dorm electricity. The device’s core value proposition lies in its educational utility providing hands-on experience with SHA-256 hashing and network protocols in a silent, desk-friendly format, which is a significant advantage over loud, industrial equipment. However, the projected €3.50 monthly earning is highly vulnerable to the Bitcoin network's ever-increasing difficulty (especially post-Halving), which means the product must be marketed almost exclusively on its learning features and modularity, not its profitability. To maximize appeal, you should position it as a "Blockchain Compute Unit," open-source the controller software to engage the DIY community, and address the high cost of expansion boxes to fully realize the promise of "grow as you want" customization.
Incorrect. Bitcoin mining requires specialized hardware (ASICs) to perform billions of SHA-256 hash calculations per second. AI models (like LLMs) run on GPUs/TPUs optimized for matrix math, not hashing — they’re orders of magnitude too slow for profitable mining. Even if you used AI to control mining rigs (e.g., optimize pool selection or difficulty prediction), the actual hashing must still be done by ASICs.
The threat of quantum computers breaking Bitcoin’s ECDSA and SHA-256 cryptography isn’t imminent — it’s probably 8 to 12 years away at best. Even if you’re all in, it’s a good idea to re-evaluate every 2–3 years based on the current environment. We should all keep an eye on upcoming BIPs and to push for community consensus on migrating to quantum-secure cryptography by around 2030. If the network drags its feet or remains too rigid about forking, I will start to worry in 5 years. I think we’ll figure it out, but there will inevitably be some hard-headed holdouts who overestimate the safety of the current protocol and resist change. Anyone all-in on BTC should advocate early and often for a move to quantum-secure signatures to help ensure the network stays strong for the long term.
I get it… but quantum computers won’t actually “break” SHA-256. The real vulnerability lies with **ECDSA (Elliptic Curve Digital Signature Algorithm)** ...jd that’s what secoures Bitcoin’s private-public key pairs. So, technically, **only addresses that have already revaeled their public keys** (like old walets, early miner addreses, and even Satoshi’s coins) are exposed if quantum supremacy ever becomes real. SHA-256 itself remains solid… it’s ECDSA that could be craked to derive private keys from public ones. In that sense, whoever achieves true quantum supremaycy could, in theory, **claim or steal** those old, untouched coins. But once that happens, the rest of the network will just migrate to **quantum resistant cryptography**, leaving those few early addresses as the only real casualties. So yeah… the first one to reach quantum supremacy might get “rewarded”(ethically wrong in my opinion but thats how the world works I guess)… but the rest of Bitcoin will evolve and survive...so nothing to worry,, and this assumes that we truly achieved quantum supremacy which is exciting as it will be aweesome,, more cool inventions...
The article doesn't specifically mention bitcoin and talks about encryption security where messages are made unreadable without a decryption key. If you want to see the current state of the future quantum computing concern run some searches on your favorite AI: What is the difference between encryption and cryptography? Follow ups: What cryptographic method does Bitcoin use? Will Bitcoin's use of ECDSA and SHA-256 for authentication and blockchain security have vulnerabilities to attacks using quantum computing in the future?
do you think it takes 2^2 bits to solve SHA-2? mining is just brute-forcing operations until you find one with a sufficient number of 0 bits. it's not like you are factoring a number. you're just generating sha sums as fast as possible. 2^256 is the number of possible outputs. there are an infinite number of inputs. is a quantum computer really going to find inputs that generate all possible 2^256 outputs?
That's above my paygrade, tbh. From what I understand, the current consensus seems to be that there is no sufficiently strong algorithm to reverse SHA256 functions, that's why it's considered quantum safe. There's Grover's algorithm, but it's not considered to be powerful enough. For ECDSA there's Shor algorithm, which can be used with quantum computing. Can't claim to understand much about it though, so if you have more knowledge, I'm happy to learn :)
# 🧑💻 Satoshi Nakamoto still being alive **Odds:** Plausible but uncertain — maybe a **few percent** chance. * If Satoshi was middle-aged when active (2008–2011), they’d likely be in their 40s–60s today, so survival is not inherently improbable. * The disappearance could’ve been voluntary — a desire for privacy, legal caution, or ideological consistency — not death. * There’s also no direct evidence of their death; no known PGP keys revoked, no coins moved, etc. So while unlikely we’ll ever *hear* from them again, it’s very reasonable to think they could still be alive and silent. # ⚛️ Quantum computing “cracking” crypto this year **Odds:** Essentially **zero** for 2025. * Breaking Bitcoin (e.g., cracking SHA-256 or ECDSA) would require a *fault-tolerant* quantum computer with **millions** of stable qubits. * As of late 2025, the largest demonstrated quantum systems are still in the **hundreds to low thousands of qubits**, and none are close to the required error correction scale. * Even the most optimistic public roadmaps (Google, IBM, IonQ, etc.) talk about *post-2030* before achieving that level of fault tolerance. So: > If you want a rough numeric intuition: * Satoshi alive: 1 in 10 to 1 in 50 * Quantum crack this year: 1 in a billion (or lower)
SHA256 is considered quantum safe, it's about ECDSA being vulnerable to a (potential) quantum attack. The larger targets that you mentioned are centralized and can update their systems much faster than bitcoin, or simply roll back changes (banks). > why would they target Satoshi’s Bitcoin first and announce they have the capability? Good point, perhaps the random coins have been exhausted or they just want to be greedy, or want to make some point of "being able to", who knows.
If someone had the ability to break cryptography with quantum computing why would they target Satoshi’s Bitcoin first and announce they have the capability? More likely they would target random Bitcoin if even Bitcoin at all. Breaking SHA256 means there are far larger targets to be had (govt systems, banking systems, military systems etc).
Granted it's poorly worded, but his "supercomputer" worry is still a valid concern, no? I'm assuming he was referring to the fear that SHA-256 could eventually get cracked
You’re mixing two different questions: attack cost and who can control the rules. Both PoW and PoS can be attacked and censored if a majority colludes—the mechanisms and costs are just different. 1) “PoW can’t be censored” → not true. A miner (or cartel/pool) with majority hash can absolutely censor by simply refusing to include certain txs and by reorging blocks that do. That’s textbook 51% behavior. PoW’s defense is miner diversity and the cost to sustain that majority—not an impossibility of censorship. 2) Cost model (why the incentives differ): PoW = OPEX/rentable. Majority can be rented or redirected (hash from other SHA-assets, NiceHash, etc.). It’s pay-as-you-go; you can attack, leave, and there’s no in-protocol penalty for the attacker. Defense is social fork / user-activated rules. PoS = CAPEX/illiquid. To sustain censorship you must own or control the stake over time. In slashing systems you get burned; in no-slashing systems (Algorand/Cardano) your stake value is directly tied to the chain you’re attacking (you nuke your own bag) and the community can socially fork you out. Either way, it’s expensive to hold the attack. 3) “Even tiny PoS chains haven’t been taken over” vs “many PoW 51%’s.” We’ve seen multiple PoW 51% reorgs on mid-caps. For larger PoS networks, the attack vector is not “attacking yourself for fun,” it’s acquiring enough stake and holding it—which is hard, public, and illiquid. That’s why you don’t see easy smash-and-grab reorgs on serious PoS either. 4) Control vs rules: Neither PoW nor PoS lets an attacker unilaterally rewrite monetary rules without the social layer (nodes, exchanges, users) following. A PoW cartel changing block limits or supply fails if users reject their chain. Same for PoS. Ultimate governance is social consensus in both models. 5) Concrete trade-offs (useful framing): PoW: strong history, simple model; attacks are rentable, censorship possible with pool/cartel; no slashing, relies on fee/issuance “security budget.” PoS (Algorand/Cardano): attacks require stake control over time; censorship needs ongoing majority participation; Algorand adds private VRF committees + deterministic finality; Cardano uses probabilistic finality with a big, diverse SPO set. So the real question isn’t “PoW can’t be censored and PoS can.” It’s: Do you prefer a security budget paid in external energy (rentable) or in internal capital (stake that’s costly to hold and visible)? Both depend on decentralization of their respective power centers (pools/ASICs vs stake custody/pools), and both ultimately answer to users.
Jesus Christ man what is wrong with you? I’m sorry do you not do any research at all? Seriously!! I don’t understand how stupid this world has become!! Just bloody research it man!!! For Gods sake! Sha256 is a NSA project from the fucking 90’s!! This is decades old shit! Ecash is decades old! You think bitcoin is the first one and only? No!!! It’s been done before. America was always going to fail eventually. Most empires last around 250 years or so. You can’t keep printing money to no end. We’ve seen that play out before. So China and Russia and Indian are joining forces which makes it very bad financially for America. Saudi Arabia had a contract with America for the last 75 years. It was the petrodollar contract. That’s what kept America so powerful. The contract ended last year. Trump wanted to renew it. The Saudi said no. Do you understand the level of impact that had?? A 75 year contract ended. Now all trades will be done in local currency. This is all public knowledge, there’s no weird hidden secret here. The dollar has lost significantly over the past few decades and now it’s spiralling out of control. America can not keep printing money. We are at 38 trillion. If China decides to stop dealing with America, then it’s done. USA will crash completely. There will be riots and civil unrest. America needs the world to use their money to stay alive and rich. America does not provide the majority of the world with anything. Asians and Arabs can deal with everything they need from their side of the world. America is a useless country to the rest of the world. That’s a fact. China India Russia can provide all of their neighbours with everything. We have all the oil on our side. We have everything we need here. The only reason America is in Middle East was the petrodollar contract. That’s done. That’s why trump is flip flopping with tariffs! He knows that they can afford to lose him now. They don’t need America. China is 1000x better than America in every single way. They’ve just made the fast car on Earth. And it’s electric. China will provide Asia will all the new tech. Cars. Computers. Ai. Medical. You name it. America is done. You guys will have to lick each others asses now and eat hamburgers all day. By the way why do you think he’s attacking South America. America needs it to survive. This is ALL PUBLIC KNOWLEDGE. Ecash was the first peer to peer exchange. It didn’t work out. Bitcoin is the second version. SHA256. This runs on the NSA NETWORK. They created it. It’s public fucking knowledge! Who created SHA256??? If you don’t know what that is then you are far from home. And I can’t help you. Grow up. Also while you’re doing for research…find out what satoshi nakamoto actually translates to from Japan to English. If that doesn’t wake you up well then goodluck in your bubble. THIS IS ALL PUBLIC KNOWLEDGE.
Network hashrate is not a value that can just be read. It is estimated. So when estimate says 1.2 ZH/s, is it counting sha256 hashes, or is it counting the entire operation SHA256(SHA256(Block_Header))? The latter would imply there are actually twice as many sha256 hashes done to equate to reported network hashrate of 1.103 ZH/s.
The only thing he understands about SHA-256 is that the number is 250 above the age of people he likes to "hang around with."
Exactly. They're already thinking of making fusion cheaper by generating gold as part of the process. Gold would basically be waste that they'd dump on the market to help offset the costs of running a fusion plant. Not only is there's a much clearer path to this process being viable than there is to breaking SHA-256 with QC, but Bitcoin can adapt to QC, while gold can't fight against excess supply. https://www.marathonfusion.com/
If quantum can crack SHA256 encryption we are all fucked. Not just bitcoin
Gotcha. Mixed up SHA-xxx with RSA and asymetrical procedures (which SHA is not)
Uh... no. I don't think you understand just how much more difficult 512 is than 256 (or 1024 than 512). Grover's Algorithm has the advantage of finding a SHA collision in the square-root of the input length - so it will only take, on average, 2^(128) operations to crack SHA-256, a massive speed up. But it will still take 2^(256) operations to crack SHA-512. That's not *twice* as hard as SHA-256; that's *3.4 \* 10**^(38)* times as hard.
The difference between "secure" and "insecure" is, fundamentally, the time it takes to crack something. For SHA specifically, a quantum computer will halve the bit length for the purposes of similar security. So a QC could crack SHA-256 in the time it would take an equivalent conventional computer to crack SHA-128 (and SHA-512 like SHA-256, etc.). So the takeaway is that if you throw enough bit-length at SHA, it'll be secure even against quantum computers.
I call bullshit. How's any SHA quantum-safe? Just adding multiple layers on top just makes it a little bit harder
[Here's their claim for dice](https://duel.com/fairness?returnTo=/dice): >Before each round begins, our house games generate a: Server seed - a random string provided by us Client seed - a random string provided by you Nonce - a number that increases with each bet We then send you the hex-encoded SHA-256 hash of our server seed before you place your bets, to prove we won’t change our minds. Then we combine all of these values to generate a random result for each round: Fair result = Server seed + Client seed + Nonce By allowing you to include your own client seed, players can have a direct impact on the outcome of the game. I couldn't find example values to test these, but off the top of my head I wonder: 1. Are we sure the client seed is really from the client? 2. Can we run the "fair result" calculation ourselves (without using their site)? 3. Do they always use the same calculation (not just 95% of the time or some nonsense like that)? 4. Are they pig butchering? Or making money from data collection and ads? On the [verify page](https://duel.com/fairness/verify?returnTo=/dice) they have a snippet of JS that looks ok at a glance (just math, no API calls or libraries), and might be used to satisfy #2. Note: I'm a skeptic and not a gambler, so I naturally look for scams at sites like this.
The advantage is that quantum resistant algorithms are not nearly as battle tested as SHA256. The longer we wait, the more reasonable it is to believe the quantum resistant algorithms are secure, because more time will have passed without them being broken.
# Missed Bitcoin at $1? Here’s Something Different # Most of us have heard the stories about Bitcoin back when it was under a dollar — a time when almost nobody believed it would matter. That era is long gone, and no one expects it to come back. But there’s a new project that’s taking a similar path from the very beginning: **BC2 (Bitcoin II).** It’s built from the same base code as Bitcoin, using **SHA-256 Proof-of-Work**, the same **21 million limit**, and the same **halving schedule.** No meme branding, no shortcuts — just a clean restart of the original idea. Right now it’s trading around $0.95, roughly the price of a coffee. What’s interesting is that BC2 isn’t trying to replace Bitcoin or reach its price. It’s not about competing — it’s about revisiting what made the first network special in the first place: fairness, simplicity, and transparency. The community is small but active, with miners, developers and early holders helping shape the network from the ground up. Everything’s transparent; you can check the explorer and live dashboard at bitcoin-ii.org. It’s already listed on **CoinEx**, so it’s more than just a whitepaper idea. No one here is pretending this will become the next Bitcoin — that’s not the goal. The point is to rebuild the same foundations, start fresh, and see what can grow when things are still open enough for individuals to make a real impact. bitcoin-ii.org
Missed Bitcoin at $1? Here’s Something Different Most of us have heard the stories about Bitcoin back when it was under a dollar — a time when almost nobody believed it would matter. That era is long gone, and no one expects it to come back. But there’s a new project that’s taking a similar path from the very beginning: **BC2 (Bitcoin II).** It’s built from the same base code as Bitcoin, using **SHA-256 Proof-of-Work**, the same **21 million limit**, and the same **halving schedule.** No meme branding, no shortcuts — just a clean restart of the original idea. Right now it’s trading around $0.95, roughly the price of a coffee. What’s interesting is that BC2 isn’t trying to replace Bitcoin or reach its price. It’s not about competing — it’s about revisiting what made the first network special in the first place: fairness, simplicity, and transparency. The community is small but active, with miners, developers and early holders helping shape the network from the ground up. Everything’s transparent; you can check the explorer and live dashboard at bitcoin-ii.org. It’s already listed on **CoinEx**, so it’s more than just a whitepaper idea. No one here is pretending this will become the next Bitcoin — that’s not the goal. The point is to rebuild the same foundations, start fresh, and see what can grow when things are still open enough for individuals to make a real impact. bitcoin-ii.org
Missed Bitcoin at $1? Here’s Something Different Most of us have heard the stories about Bitcoin back when it was under a dollar — a time when almost nobody believed it would matter. That era is long gone, and no one expects it to come back. But there’s a new project that’s taking a similar path from the very beginning: **BC2 (Bitcoin II).** It’s built from the same base code as Bitcoin, using **SHA-256 Proof-of-Work**, the same **21 million limit**, and the same **halving schedule.** No meme branding, no shortcuts — just a clean restart of the original idea. Right now it’s trading around $0.95, roughly the price of a coffee. What’s interesting is that BC2 isn’t trying to replace Bitcoin or reach its price. It’s not about competing — it’s about revisiting what made the first network special in the first place: fairness, simplicity, and transparency. The community is small but active, with miners, developers and early holders helping shape the network from the ground up. Everything’s transparent; you can check the explorer and live dashboard at bitcoin-ii.org. It’s already listed on **CoinEx**, so it’s more than just a whitepaper idea. No one here is pretending this will become the next Bitcoin — that’s not the goal. The point is to rebuild the same foundations, start fresh, and see what can grow when things are still open enough for individuals to make a real impact. bitcoin-ii.org
Well but at the same time if you’re talking about quantum computing breaking SHA256 encryption, BTC is the last thing you’ll worry about. That level of quantum will collapse world economies, and also everything related to military and space (which will be a war scenario) and also to mention NO single bank or encryption service has any defense against quantum yet, so yeah.
Quantum computing cracking SHA-256 will mean the entire world is in trouble. Bear cases that are similar to the zombie apocalypse or aliens invading will be troublesome because that risk applies to everyone... APPLE, GOOGLE, AMAZON, GOVERMENTS, etc. So that risk isn't valid to counterargue BTC, as all tech is under fire. And we live in a tech world I personally think quantum computing is not a worry, we are very far away from that finishing development which is what I gather from what I have researched into it
Bitcoin keys use ECDSA. SHA is used primarily for mining. It has nothing to do with "seizing" or "cracking" bitcoin keys.
All of those are centralized and can roll out updates very quickly, compared to the bitcoin ecosystem. Or even reverse changes. So not a great comparison. However, OP being concerned about SHA256 is not relevant either, since SHA256 is considered to be quantum resistant. The more interesting issue is the ECDSA algorithm, which is *not*.
Yup. That’s the issue. In Satoshi’s time SHA-256 PoW itself seemed amazing. He assumed as everyone did that Moore’s law would stay in effect allowing decentralization of mining to happen naturally. Basically he thought that in 2020 the computers would be to 2000 as 2000 was to 1980. Oh boy was he wrong.
Lmao the people worried about quantum have to either be too young to understand that if SHA-256 gets cracked, the entire internet would break. Not just crypto, but banks, governments, wall street, hedge funds, literally almost everyone would be at risk because most of the internet cryptography is SHA-256. Or they have to be too old and are just parroting anything they hear that sounds smart and edgy. Quantum resistant cryptos might be necessary someday, but investing in them now is like investing in a future where the entire infrastructure of the internet must be changed to continue operating securely. It's a doomer bet. The reality is that even if quantum computers could Crack SHA-256, literal governments would have interest in stopping it until they figure out a quantum resistant solution based on data and evidence and not just their cryptography algo they *think* will be robust enough to be quantum resistant.
I wouldn’t say that. Depends on what encryption is in use. ECDSA will be cracked first. SHA-256 will be broken but it will happen later. When it comes to most cryptocurrencies, the lowest hanging fruit for quantum computers is ECDSA. For example, around 25% of all Bitcoin would be in immediate danger, including Satoshi’s coins. The concern is that those wallets could be compromised and the coins dumped on the market. El Salvador recently moved its holdings to new wallets that are better protected, though not quantum resistant in the long term. It’s worth noting that quantum resistant cryptocurrencies already exist. For instance, QRL, which was mentioned in the article, is designed to be secure from the first block, built entirely around quantum safe cryptography. All future crypto must be or become quantum resistant in one way or another.
I've not tried running your code, but what's your implementation giving you? In what way is it failing? Every time I've played around with block hashing, it's been byte ordering & big-endian versus little-endian representation which has most often tripped me up, so that's something to double check. Also, mempool.space has a useful API for getting block data, e.g.: https://mempool.space/api/block/000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f/header ...returns the block header for the genesis block: 0100000000000000000000000000000000000000000000000000000000000000000000003ba3edfd7a7b12b27ac72c3e67768f617fc81bc3888a51323a9fb8aa4b1e5e4a29ab5f49ffff001d1dac2b7c ...which gives the original block hash of (reverse byte order): 6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000 ...after applying SHA(SHA()).
No, GPUs are completely worthless for bitcoin mining, as it cannot compete with ASICs (very "dumb" chips which are optimized for one and only one purpose: to find "correct" SHA256 hashes)
tldr; The Monero GUI 0.18.4.3 'Fluorine Fermi' has been released, offering enhanced protection against spy nodes when using a local node. Key updates include support for Ledger Flex, Qt 5.15.17, and P2Pool v4.11, along with minor bug fixes. The release involved contributions from four developers and includes 18 commits. Binaries are available for Windows, macOS, and Linux, with verification guides provided. Users are encouraged to verify downloads using SHA256 hashes and GPG signatures to ensure authenticity. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
Probably yes! Chinese are actively working on Quantum Computing to break SHA256 codes, there is a reason for massive green limitless energy
IONQ reached 64 qbits earlier than expected and their roadmap is aggressive they expect to read 2,000,000 qbits in 2030s. The companies they bought out are really interesting from satellite quantum internet to diamond lenses used for stabilizing the ions. QRL has been quantum resistant since 2018 and the whitepaper was established in 2016. Since genesis of QRL its quantum resistant. Oddly the price movement of quantum stocks and QRL price have been comparable. It’s not the SHA-256 people need to worry about it’s the ECDSSA that’s used in majority of all blockchains.
Bitcoin is not backed by a government, a physical asset like gold, or a central bank. Instead, its value is maintained by a combination of a decentralized network, a fixed supply, and its technological security. Decentralized network No central authority: The Bitcoin network operates on a global, peer-to-peer network of computers called nodes. This distribution means no single person or entity, such as a government or corporation, has control over it. This decentralization makes the network resistant to censorship and shutdowns. Rules and incentives: Participants in the network—both miners who secure it and users who run nodes—are incentivized to follow the network's rules. Adhering to the protocol is profitable, while attempting to cheat or alter the rules is not, as a majority of the network would reject the changes. Fixed and scarce supply Hard cap of 21 million: The Bitcoin protocol has a hard-coded limit of 21 million bitcoins that can ever be created. Predetermined issuance schedule: New bitcoins are issued on a predictable, fixed schedule. The rate of new supply is cut in half approximately every four years in an event known as "the halving," which is enforced by the code and publicly verifiable. Scarcity and demand: This predictable and finite supply, combined with adoption and demand, is a key driver of its value. Some compare this feature to the scarcity of physical gold. Cryptographic security and energy consumption Secure transactions: Bitcoin uses cryptographic algorithms, such as SHA-256, to protect ownership and validate every transaction on the network. This makes it virtually impossible for someone to forge a transaction. Energy-backed security (Proof-of-Work): "Miners" compete to validate new blocks of transactions by expending vast amounts of computing power and electricity in a process called "Proof-of-Work". This energy expenditure secures the network and makes it extremely difficult and expensive to attack. Immutable ledger: All transactions are recorded on a public, distributed ledger called a blockchain. Because each new block of transactions is linked to the previous one with a cryptographic hash, altering any past transaction would require re-mining every subsequent block, which is computationally infeasible.
So funny people constantly bring this up… we can migrate to quantum safe encryption long long LONG before we are able to crack SHA256. The way encryption schemes work is that it is always trivially easy to increase complexity, while going backwards is always magnitudes of complexity larger. The downside is that it generally slows down whatever process you are running encryption on. By the time we have computers that can break SHA256, we will have more than enough compute to perform well on quantum safe encryption. The methods already exsist, they are just cumbersome in our current age.
Yes, we have about 20-30 years left for SHA256 until the best quantum computers have a chance to crack it. They need to increase their qubits from currently 100 to about a million times more than that. If public keys are exposed, this may happen earlier. But yeah, Bitcoin works with currently available, good encryption mechanisms. If mechanisms come along that are orders of magnitudes better, they need to be incorporated.
Bitcoin is great, but a sufficient number of qubits on a quantum processor is theorized to reduce the complexity of cracking SHA256 to the point that it can be done in a reasonable timeframe. We are many orders of magnitude of qubits away from doing that, but the fact that algorithmic complexity is a solvable problem fundamentally makes Bitcoin an incomplete solution.
SHA256 isn’t what you need to worry about, it’s already considered relatively quantum secure (ie: a quantum computer wouldn’t be able efficiently compete with classical ASICs at finding valid nonces). What you need to worry about is the elliptic curve cryptography used in signing transactions.
It's as secure as SHA-256 gets brother
That's not how Bitcoin works. 51% of the hashrate cannot agree to increase the maximum supply of BTC or change any of the other consensus rules. The maximum supply of BTC would not change even if 99% of the hashrate wanted to increase the maximum supply of BTC. Increasing the maximum supply of BTC would require a hard fork and that would create a new altcoin with its own separate blockchain, but only as long as some cryptocurrency miners are willing to mine this separate altcoin. Bitcoin would still exist with its own separate blockchain and nothing about Bitcoin would have been changed. In fact, this has already happened many times. There have already been more than a hundred altcoins that have been created by forking off from Bitcoin. You've heard of a 51% attack before and you came up with this incorrect idea in your head that it only takes 51% of the hashrate to agree to change the consensus rules or increase the maximum supply of BTC. That's just not how Bitcoin works. A single miner and node can change the consensus rules, it doesn't take 51% of the hashrate, but that wouldn't change Bitcoin. It would create an altcoin that has forked off from Bitcoin. And this has already happened many times. A 51% attack does not enable the attacker to change the consensus rules. A 51% attack would be pointless because a successful 51% attack would only enable them to reverse their own transactions and double spend their own coins. This would be temporary and it would cause them to waste a fortune on electricity because they wouldn't even receive the block reward or transaction fees. And an attacker would need an incredible amount of SHA-256 hashing ASICs to control at least 51% of Bitcoin's hashrate. They would need far more SHA-256 hashing ASICs than are available to purchase.
Because mining blocks is memory-less. You apply SHA-256 to strings until one works, but previous attempts don't help you for future attempts. That's why it's called memory-less. And memory-less phenomena follow exponential laws
Unfortunately, that's not the way that bitcoin is vulnerable to quantum computing. You could only do this if you'd cracked SHA-256, which isn't known to be vulnerable to quantum computing. The actual way quantum threatens bitcoin is by calculating private keys from public keys. So insta-mining is a no-go, but stealing from Satoshi's wallet is entirely feasible.
Wouldn’t we just fork? With … 4 ROUNDS OF SHA-256 THIS TIME !! HA HA!!
SHA-256 is already dubbed quantum safe. A bunch of coins already use it. HBAR is one of them.
The 25th words are calculated with the SHA256 of 3 random bits + the 253 bits represented by the first 23 words. We convert the first 2 exadecimal characters of the hash into decimal and that gives the order on BIP39 Since the 253 bits of the first 23 words are frozen, only the 2^3 possibility of 3 random bits remains to try, so 8 possibilities A python script can give these 8 possibilities if we give it the first 23 words.
Billion dollar bounty and you think no one gonna try and break it. SHA256 cracking is only a matter of time. Let’s see what happens in the future.
Brute forcing is the SHA256 encryption break; specifically used with a quantum computer.
Lots of old wallets coming to life after being dead for quite some time. If SHA256 encryption was broken this is what it would look like.
there are two components: 1. the mining procedure to find blocks relies on hashing (compiling a block, incrementing a nonce until enough leading zeros)... currently this is relying on SHA256... this is inherently not in danger in terms of quantum computing... and it can also be updated easily.. 2. signing transactions, verifying ownership... this relies on elliptic curve digital signature algorithm (ECDSA) and is not quantum safe... it could be updated to new ECDSA algorithms that are post quantum ... so new addresses would actually be safe... for everyone who is capable of moving funds to a PQ-ECDSA address this would be a good solution... the problem: what about addresses that do not transfer to PQ-ECDSA addresses, they would be looted by quantum computers at some point...
there are two components: 1) the mining procedure to find blocks relies on hashing (compiling a block, incrementing a nonce until enough leading zeros)... currently this is relying on SHA256... this is inherently not in danger in terms of quantum computing... and it can also be updated easily.. 2) signing transactions, verifying ownership... this relies on elliptic curve digital signature algorithm (ECDSA) and is not quantum safe... it could be updated to new ECDSA algorithms that are post quantum ... so new addresses would actually be safe... for everyone who is capable of moving funds to a PQ-ECDSA this would be a good solution... the problem: what about addresses that do not transfer to PQ-ECDSA, they would be looted by quantum computers at some point...
Heard about the estimated 3-4 million lost $BTC that people already say exist? That's what happens when keys are lost or forgotten. Those satoshis are basically lost forever, barring a QC cracking SHA-256. But it also means greater scarcity and thus greater valuation for the $BTC that are not lost.
It is now seen as a store of value to many and it might still be seen this way long into the future. In the near future, quantum attacks could force alot of global databases to run on a DLT, there are other cryptos that could faciitate this. The other cryptos would need to be really secure and would also need to be exceptionally efficient. Only one crypto is both the most secure (aBFT, SHA384) and at the same time it is the most effiicient, 1 billion transactions uses only 3000kwh. As the digital world evolves there could be a few cryptos that succeed for a long time.
Have you ever heard that satoshi might be the NSA, who invented the SHA256 8 years before Bitcoin was born by a mysterious creator never known.
> when sha encryption is finally breached SHA is not encryption. It's a hash function.
With modern pay-to-public-key-hash (as opposed to the old pay-to-public-key) addresses, it is indeed the case that the act of receiving funds does not expose the public key on chain, only its SHA256 hash which is the address - and SHA256 hashes are not thought to be reversible by quantum computers. So yeah theoretically if you only receive funds you'd be safe - but you will want to spend eventually. Despite hodl culture, Bitcoin is only worth something if you're able to eventually use it. When you do use it, the public key does get exposed on chain. Now it is common wallet behavior to move any unspent funds to a new address, which is mostly meant to help with privacy but actually can help a bit with quantum security as the new address is again an address which only ever received funds and doesn't have its public key exposed. The issue though is the in-between period between sending the transaction out with the public key, until it is finalized - which is at least 10 minutes but can be more. In that time period a quick enough quantum computer could crack the key and try to get a different transaction accepted, say transferring all funds to a wallet owned by the QC's owner. It would be a while until quantum computers that are powerful enough exist, but we'll probably get there eventually and if Bitcoin doesn't change its signature scheme by then, no one will be able to transfer funds safely.
Yep one exploded and SHA259 is now unencrypted.
Did the bombs print more Bitcoin? Did they crack SHA256? Did they change Bitcoin in any fundamental way?
There’s actually 0 evidence it was any of them. They were all involved but 0 evidence it was them. And they’ve all denied it lol. Not sure why CIA or government involvement gets people so worked up. In my opinion that is most logical considering NSA connections with SHA256.
Quantum computers might crack Bitcoin’s ECDSA signatures someday, but a real threat is 10+ years away. Bitcoin can upgrade to quantum-resistant algorithms via soft forks, and hashing (SHA-256) is tougher to break. The network adapts - it won’t go to zero!
you should probably be more concerned about the nuclear control systems that are also using SHA-256... i don't think it's going to be a problem.. encryption will evolve w/ it it goes both ways... But yeah if that hypothetical scenario were true, then all the nuclear missle control systems that are using it might be a bigger concern, the fact no one is worried about that tells me it's not actually realistic FUD it's just noise...
You're getting down votes, but I [think.you](http://think.you) are exactly correct. You make a SHA cracking computer or whatever and immediately go rob a bank? FBI knocks on your door and you go to jail. If you don't tell anyone else, though and pick off a few wallets here and there, you become a trillionaire, but will need to convert to gold quickly before the news gets out.
Quantum computing is definitely a valid concern, but it’s not a “BTC goes to zero” scenario. A few key points: 1. Quantum breaks a lot more than Bitcoin. If quantum computers could easily break current cryptography, it wouldn’t just be BTC—it’d be the entire internet: banking, military comms, SSL/TLS, credit cards, government secrets, everything. That’s a much bigger incentive for society to move fast on quantum-resistant cryptography long before it threatens Bitcoin specifically. 2. Bitcoin is adaptable. The cryptography used today (ECDSA, SHA256) could be upgraded via soft or hard forks to quantum-resistant algorithms (lattice-based, hash-based, etc.). Bitcoin has already upgraded critical parts of its protocol before (SegWit, Taproot). Changing signature schemes is technically challenging but very possible—especially if the alternative is obsolescence. 3. Quantum isn’t “right around the corner.” Practical, large-scale quantum computers that could break Bitcoin’s cryptography aren’t expected anytime soon. Estimates vary from decades away to potentially never. And cryptographers are already preparing post-quantum standards (NIST has finalists ready to deploy). 4. Economic game theory matters. Even if quantum computers existed, miners, devs, and users have every incentive to coordinate a rapid migration to post-quantum crypto. Bitcoin’s decentralization and network effects make that possible. So Bitcoin doesn’t just instantly go to zero in that world—it evolves. The real risk would be for anyone who reuses addresses or leaves coins in exposed public keys, but even that can be mitigated if upgrades are rolled out before quantum breaks become practical. TL;DR: Quantum is a threat to all modern cryptography, not just Bitcoin. Bitcoin has the adaptability, incentives, and lead time to transition to quantum-safe algorithms if/when needed.
I already had this debate so here are some facts that I’ve kept for these purposes: What quantum actually threatens: * **Elliptic Curve Digital Signature Algorithm (ECDSA)** Bitcoin uses ECDSA (over secp256k1) for wallet signatures. * **Quantum threat:** Shor's algorithm could, in theory, recover a private key from a public key in polynomial time. * This matters *only after* a public key has been revealed (e.g. when you spend coins). Funds at addresses that have never been spent from (hashes of pubkeys) are safer, since SHA-256 and RIPEMD-160 aren't easily broken by quantum at practical scale. ### 2. What Bitcoin can do * **Upgrade to quantum-resistant signatures** The main defense is to migrate from ECDSA to a post-quantum signature scheme (e.g. lattice-based like Dilithium, hash-based like XMSS, or multivariate/ quaternionic systems). * Bitcoin has a precedent: Taproot introduced Schnorr signatures via a soft fork. Similar governance and consensus could transition to PQ signatures. * Migration could be done gradually: wallets update, miners enforce, and eventually the network accepts only PQ signatures. * Current quantum hardware is nowhere close to breaking Bitcoin. Estimates suggest you'd need millions of stable qubits to run Shor's algorithm against secp256k1 in the necessary time window - far beyond 2025 capabilities. * Cryptographers assume at least a 10-20 year window before "large-scale" quantum exists, if ever. Bitcoin governance tends to move slowly, but it's widely acknowledged that a PQ upgrade will eventually be necessary. Yes, Bitcoin can defend itself. The primary move would be transitioning from ECDSA to a post-quantum signature scheme through a soft fork or similar upgrade. Until then, the best practice is to avoid reusing addresses. Quantum isn't an imminent threat, but the ecosystem is already preparing for post-quantum cryptography.
Why create the anti-dollar cryptocurrency as the government? Just because they were able to come up with the SHA-256 algorithm to upgrade the previous cryptography algorithms, doesn’t mean they have a monopoly on ideas to apply it or that they would do so in a way that Trojan horses the dollar.
I was researching SHA256 algorithm which was developed by the NSA. Why not go a step further if you’re the government?
Not yet. The algorithm isn't there yet. Shor's is only for finding factors. There's no algorithm for reversing the irreversible SHA because SHA is hashing (not encryption). Double SHA makes the impossible even harder.
Pretty sure it’s impossible to avoid typing your passphrase into any electronic device, unless you’re running SHA256 by hand for every transaction. If you mean internet connected device, then yeah I kind of agree.
Quantum computing cracking the SHA-256
Thanks for the response, but ignoring well-documented historical context around Bitcoin’s origins is, in itself, a form of selective propaganda. Bitcoin didn’t emerge in a vacuum. As early as 1996, the NSA published a paper titled “How to Make a Mint: The Cryptography of Anonymous Electronic Cash”, outlining most of the core principles Bitcoin would later use — anonymous transactions, proof-of-work, public key cryptography, and decentralized clearing mechanisms. Even SHA-256, Bitcoin’s foundational hash function, was developed by the NSA. That’s not a coincidence — it’s a familiar pattern: first military-grade innovation, then "public release" and civilian adoption. It happened with GPS, the internet, Tor — and now Bitcoin. Bitcoin’s whitepaper didn’t invent these ideas from scratch. It’s built on technologies like Hashcash (Back), b-money (Wei Dai), and Bit Gold (Szabo) — all either directly linked to government-funded cryptographic research or operating within adjacent academic-military spaces. Add to that the fact that “Satoshi” never revealed their identity, disappeared immediately after launch, and left their coins untouched to this day — this has all the hallmarks of a well-structured op, not a rogue genius coder. Bitcoin wasn’t a spontaneous revolution. It was a carefully deployed protocol. Not to destroy the system — but to back it up.
Not sure what you mean by password. Was it a wallet using a private key obtained by hashing a password through SHA256? Was it a wallet using a website or service?
You are confusing hashing and cryptography. SHA-256 is a hashing function, not a cryptographic one. Also SHA-256 is quantum resistant, quantum computers provide only a small speed boost if you are searching for collisions. Quantum computers break ECSDA which is the cryptographic algorithm used to sign transactions in Bitcoin. Anyway, raw public keys are not used anymore as Bitcoin addresses, now they used a different protocol to produce those addresses which involves ECDSA and hashing functions. Even if someone was able to break ECDSA, your bitcoin would still be safe because no one knows how to invert SHA-256 and quantum computers won't help you to do that, only very old wallets which used raw public keys addresses are in danger
Physical qubit counts have been roughly doubling every year or two, and are on track to “break cryptography”, specifically SHA-256, by about 2030. Except breaking SHA-256 requires *logical* qubits, too, which are growing or progressing or scaling whatever in the opposite direction; the pace is slowing. The development of *logical* qubits is such that it will never break SHA-256.
> In a deliberate effort not to pick blockchain favorites, the department put out Thursday's data via Bitcoin, Ethereum, Solana, TRON, Stellar, Avalanche, Arbitrum One. Polygon PoS and Optimism, identifying the transaction hashes for each in its announcement But Coindesk has some policy about not linking to the announcement. Here is the announcement, complete with txID hashes for each blockchain https://www.commerce.gov/news/press-releases/2025/08/department-commerce-posts-2nd-quarter-gross-domestic-product-blockchain For example, Bitcoin ... https://blockstream.info/tx/fcf172401ca9d89013f13f5bbf0fc7577cb8a3588bf5cbc3b458ff36635fec00?expand They didn't publish the PDF on blockchains. The published the SHA256 hash of the PDF. Immutable? Sure. But that won't stop El Presidente from firing any official who posts honest numbers
In case it helps, I recovered an old Bitcoin Core wallet by guessing the password. A friend hadn't been able to access it for years because he forgot it. He gave me the SHA256 hash of the password, which can be obtained from the same file. The password is the one that can be generated by that hash, and that's what you have to guess. I spent a weekend with Hashcat and my RTX3070, several dictionaries and rule files, and a special dictionary completed by my friend with words that could be at least part of the password. First thing Monday morning, Hashcat found it :)
"Сатоши Накамото" это те же люди что создали протокол шифрования SHA, загугли и сразу станет все понятно кто всем рулит
I actually agree with you to an extent. It will take many decades before we have a quantum computer with enough stable qubits to be able to crack anything, including SHA256. But yeah - you should definitely refrain from being rude when someone disagrees with you. It makes more sense to just provide an explanation why they are wrong, and a source or a few sources to back it up. It doesn't need to be a verbose explanation, just enough to bolster your points.
Bitcoin uses cryptography, SHA256? That algorithm is what does the hashing of the network so we can all verify our transactions on blocks.