Reddit Posts
Introducing Galleoncoin / GALE : PoW privacy coin with masternodes.
Comparing Supercomputer networks to Bitcoin - How to convert exaflop to exahash?
Comparing Supercomputer networks to BTC - How to convert exaflop to exahash?
Bitcoin computes this SHA-256 hash function 550,000,000,000,000,000,000x times EVERY second
Entropy: only 121 bits (vs 128) on Blockstream Jade using dice rolls?
Do you think that Quantum Computing poses a threat to BTC encryption, algorithm, and/or security?
Is it possible for the energy input to break the difficulty adjustment?
Are P2WSH addresses the most quantum-secure addresses?
Can anyone here explain how / why it is not possible to get AI involved in the bitcoin mining industry / process?
Decrypt the Shadows: Unearth a New Order of Decentralization [SERIOUS]
Bitcoin is such a large idea its hard to wrap my mind around it
Unexpected Record: Balance of 50k Bitcoins Found in Calculation - Seeking Advice
Potential Security Loophole for all cryptocurrency.
Funny story about WIRED magazine and how they threw away (and lost forever) 13.35 BTC in 2013
Funny story about WIRED magazine and how they threw away (and lost forever) 13.35 BTC in 2013
SHA3D (our algorithm) isn't prone to 51% attack.
Celebrating 12 Years of our Digital silver - Litecoin
ELI5: If Bitcoin Mining is really just guessing inputs to SHA256 until an output matching the difficulty comes up, how does a miner know what guesses to avoid (previous failed guesses) in order to mine most efficiently ?
Is The National Security Agency (NSA) Behind The Invention of Bitcoin?
This Engineer Is Creating a Bitcoin Game Changer
[1998] Hal Finney: A zero-knowledge proof of possession of a pre-image of a SHA-1 hash
[1998] Hal Finney: A zero-knowledge proof of possession of a pre-image of a SHA-1 hash
Bitcoin mining on the blockchain, what exactly does a miner do? What is an ASIC? How the mining difficulty is adjusted? What if two miners find the answers at the same time? This post aims for the complete beginners as it is explained in very simple terms.
A really well done & informative description of LTC by NDAX - A Canadian Exchange. Bravo!
Satoshi, NSA and the SHA CRYPTOGRAPHY Algorithms
Ken Shirriff showing how to mine bitcoin with pen and paper
ELIF - Why aren't ML and GNNs used to solve hashing in a Traveling Salesman Problem context?
One about UTXO's, new outputs, inputs and previous outputs.
One about UTXO's, new outputs, inputs and previous outputs.
Bitcoin can survive brute force attack it's infeasible or impossible?
One about HD-wallets, master keypair, child individual keys.
One about HD-wallets, master keypair, child individual keys.
One about master key pair, child individual keys, addresses and signatures.
One about master keypair, child individual keys, addresses and signatures.
One about HD-wallets, master keypair, child individual keys.
19 years ago today, Hal Finney officially released Reusable Proof of Work (RPoW)
What is a blockchain? - A noob explanation
Open Source Initative | Documenting Bitcoin in a new way
Writing a summary on HD wallets, first part done, correct so far ?
[ANN] AsicCoin (ASC) | SHA256 - The coin for ASIC Mining!
How to (instruction) quickly make wallet with right balance of safety and usability
[Serious] Is Bitcoin secure? A reaction to “BTC whales are waking up, were their wallets hacked?"
Countering all the major anti-crypto arguments in one post.
A quick explanation the CZ Interpol Red Notice Rumour
Can ChatGPT4 have the computational power to break the SHA-256 encryption? Or does that have nothing to do with it?
Quantum computing and crypto developments
SHA 256 is a cryptographic hash function that is used to secure and validate transactions on the Bitcoin network. This algorithm was originally developed by the National Security Agency (NSA) in the United States as part of a series of secure hash algorithms.
Who would've thought that the algorithm used by the world's most popular cryptocurrency was originally designed for space exploration? That's right, NASA's SHA-256 algorithm is the backbone of Bitcoin's security and immutability.
What do you guys think will happen to bitcoin if quantum computers break SHA256 and solve the discrete logarithm problem (ECDLP)?
SHA256 vs Scrypt: How Comparing Hash Rates is Misleading | NKMAG
Litecoin vs Ripple: Differences, and Everything You Need to Know
MoneyShow announces the Peercoin blockchain will be used as an important part of its new newswire service.
How do I generate master key from the root seed
Storing seed phrase on encrypted USB drives
Do this to verify your BTC holdings in Binance new Merkle Tree Proof of Reserves And Liabilities
Mentions
I’m no expert so someone tell me what part of my hypothetical bullshit is correct if any. Before quantum computing has the power to completely destroy the encryption of SHA-256/be able to figure out wallet seed phrases there would be adoption in other fields of tech. Meaning that quantum computing at its first public use won’t have the power to destroy the BTC blockchain and once various parties gain access to the base tech, it will allow the BTC blockchain encryption to be reinforced and upgraded in a similar level of effort to it being broken. The case where quantum computing is developed in private to the level of breaking the blockchain wouldn’t actually happen because it could be used/monetized in so many applications in more primitive levels of development.
SHA256 is not an encryption, it's a hash function. Where a hash function is needed banking systems are likely to use it. Where assymetric encryption or signature systems are needed, banking systems are likely to use RSA or DSA which aren't quantum resistant - like bitcoin which uses a variant of DSA for transaction signing. However adoption of quantum-resistant cyphers and signatures is progressing slowly but surely on the traditional web, with >30% of websites using it. For bitcoin with its decentralized nature it might be a bit tougher to upgrade. Users will have to create new quantum-resistant wallets and actively move their funds into there - but there are a lot of old abandoned wallets and you can't exactly contact all those users, many of whom don't have their private keys. It's likely many of those users won't move their funds and then they can be stolen by a QC. One option is to freeze those funds when a QC threat is tangible, but of course that is a solution with its own issues.
SHA256 is the hash algorithm, Bitcoin's encryption is 256 Bit ECC afaik. Why are you rambling about things you don't understand?
Because their systems that use weaker encryptions are less resilient than SHA256
Thanks for the comment. Yes, agreed, if you take "protcol" in a narrow, but please ,elet me clarify: As of NOW, quantum computing has not broken Bitcoin—this seems undisputed, right? If, hypothetically, in the FUTURE, quantum computing were to break Bitcoin’s cryptographic foundations (ECDSA signatures, SHA-256), then the Bitcoin community would adopt post-quantum alternatives. These cryptographic schemes already exist—Kyber, Dilithium, Falcon, etc.—and are being standardised by NIST right now. So yes, digital signatures are not encryption if you inisist3 on semanitca, but post-quantum signatures and key exchange mechanisms both exist today. The technical challenge is mostly solved. The remaining challenge is coordination—getting everyone to upgrade before someone’s quantum laptop eats private keys for breakfast. Bitcoin has weathered forks, bans, bugs and Elon’s tweets. Swapping in new cryptographic primitives is not science fiction—it is contingency planning. In short, BTC will survive. (IMHO)
lmfao do you even know how bitcoin cryptography works? A quantum computer would be able to reverse engineer your private key from your public wallet address because the wallet address is the private key put into the SHA 256 hashing function. Again probably didn;t pay attention in school.
>BitcoinTalk Subject: Re: Dealing with SHA-256 Collisions Date: June 14, 2010 at 24:00:00 UTC If SHA-256 became completely broken, I think we could come to some agreement about what the honest block chain was before the trouble started, lock that in and continue from there with a new hash function. \- Satoshi Nakamoto
The danger of quantum computing is it breaking the encryption, not hashrate. You can‘t use a quantum computer to „defend“ bitcoin. It‘s not some tug of war shit. The solution is quantum resistant encryption. Leaving SHA256 behind and deploying a new algorithm.
Bitcoin doesn't need to hard-fork to add new asymmetric digital signature algorithms. Schnorr was added as a soft fork There's a recent obsession with making existing QC vulnerable unspent coins unspendable. That would be a hard fork. But that's not a discussion about quantum computing. It's a choice between mandatory coin burning and allowing spending by QC The elephant in the room is a technical one (conveniently ignored by the QRL fan's comment). A scheme like XMSS (his example) has a signature which is 38 times larger than Bitcoin's current signatures More important, it takes 50x more compute time to verify each signature. For each new block, every Bitcoin node verifies every signature in every transaction input - roughly 5000 txinputs per block. Currently, it takes a node about 9 seconds to verify a block (including the thousands of signatures), and the node network's topology is 3 or 4 layers deep. Full propagation of a new block takes in the order of 43 seconds. In the context of Bitcoin's 10-minute average block interval, the current propagation time is optimal This issue is completely absent from the OP's linked paper. The paper appears to have been written by "Doctors" with a weak understanding of the decentralization aspect of Bitcoin Also, the paper contradicts itself in the discussion about SHA256 hashing - stating that QC hashing isn't a risk to Bitcoin mining, and then claiming that it is. This type of contradiction is a common feature of research papers written partially by LLM engines The paper's justification for predicting a short QC timeframe is very shallow, not based on the reality of the incredibly slow progress of QC research
The post raises valid concerns, but frames them with a bit of hyperbole. While a theoretical quantum computing breakthrough *could* pose a risk to Bitcoin's cryptographic security, the timeline and feasibility remain highly uncertain. Current quantum computers are nowhere near the scale needed to crack Bitcoin's SHA-256 hashing algorithm. The assertion that no nation-state will ever allow Bitcoin to replace its fiat currency is also overly simplistic. El Salvador's adoption demonstrates that nation-states *can* and *do* explore integrating cryptocurrencies into their economies, even if on a limited scale. The key isn't complete replacement, but rather navigating the potential benefits and risks of coexistence. The real question isn't whether Bitcoin will replace fiat, but how these two systems will interact and evolve in the future. This interaction will be driven by factors like regulatory frameworks, technological advancements, and overall market adoption, not just ideological resistance.
# ⚛️ Bitcoin vs. Quantum Computing – A Detailed Look ## 🚨 The Concern The question being asked is valid: *Can quantum computers one day break Bitcoin?* As quantum computing advances, many worry it could: - Derive private keys from public keys (breaking signatures) - Weaken Bitcoin’s cryptographic foundations - Undermine trust in the entire network But let’s break this down with facts and context. --- ## 🔐 Bitcoin's Current Cryptography Stack Bitcoin relies mainly on two cryptographic primitives: ### 1. **ECDSA (Elliptic Curve Digital Signature Algorithm)** - Used to sign transactions, proving ownership of BTC. - Private keys sign messages, and public keys verify them. - Based on the difficulty of solving the **elliptic curve discrete logarithm problem**. 🧠 **Quantum Threat**: Shor’s algorithm could break ECDSA by deriving the private key from the public key. However: - Public keys are only exposed once coins are spent. - Addresses (the hash of public keys) offer another layer of protection. ### 2. **SHA-256 (Secure Hash Algorithm)** - Used in mining (proof-of-work) and to generate Bitcoin addresses. - Collision-resistant and preimage-resistant. 🧠 **Quantum Threat**: Grover’s algorithm could reduce its strength from 2^256 to 2^128. Still highly secure, but technically "weakened." --- ## 🛡 What Protects Bitcoin Now? ### ✅ Public Key Hashing - Addresses are `RIPEMD160(SHA256(pubkey))` - Until a transaction is signed and broadcast, only this hash is public. - So even a quantum computer can’t attack what it can’t see. ### ✅ Best Practice: Address Hygiene - Reuse of addresses exposes public keys. - Use new addresses every time. - Use wallets that support BIP32/BIP44 HD address derivation. ### ✅ Upgrade Path: Post-Quantum Cryptography - Bitcoin can adopt new cryptographic schemes. - This would likely happen via a soft or hard fork. - Research already underway into lattice-based cryptography, hash-based signatures (XMSS, SPHINCS+), etc. --- ## 🧠 Strategic Viewpoint ### ❗ If a quantum computer could break Bitcoin: - It could also break **TLS, SSL, banking systems, military encryption, and more.** - Bitcoin would not be the *first* casualty—it would be part of a broader global crisis. - Governments and institutions would *immediately* begin migrating to post-quantum cryptography. ### 🧬 Current State of Quantum Tech - Most powerful quantum computers today (as of 2025) have 100–1,000 qubits. - Breaking Bitcoin requires **millions of stable, error-corrected qubits**. - We are likely **10–20 years away**, based on optimistic projections. --- ## ✅ TL;DR - Quantum computing is a **potential but distant threat** to Bitcoin. - Bitcoin’s design (address hashing, delayed public key exposure) offers **inherent protection**. - The Bitcoin network can and likely will **upgrade cryptographic primitives** if needed. - Practicing **good wallet hygiene** (never reuse addresses) protects you even further. - You don’t need to panic—but staying informed is wise. --- ## 🛠 Want to Prepare? - Use HD wallets like Sparrow, Specter, or BlueWallet with fresh addresses. - Don’t store large amounts in addresses that have been used before. - Follow quantum cryptography research (NIST post-quantum standardization, etc.). - Consider keeping a portion of your BTC offline or in multisig setups. --- ## 📚 Further Reading - [Quantum Threat to Bitcoin – Bitcoin Wiki](https://en.bitcoin.it/wiki/Quantum_computing_and_Bitcoin) - [NIST Post-Quantum Cryptography Project](https://csrc.nist.gov/projects/post-quantum-cryptography) - [Bitcoin Optech – Quantum Resistance Discussion](https://bitcoinops.org/en/topics/quantum-resistance/)
It's a serious concern. But as others mentioned, it wouldnt just be bitcoin that would be unsafe, it would be government nuclear codes etc. There is also the quantum update which would have to be forked and agreed upon and would be a big talking point and it would be interesting to see how a consensus fork panned out now that institution and governments are coming to the table. It's worth mentioning though that these are just narratives I have heard from bitcoiners. You should look into googles new chips though. So far (off the top of my head) they are 128 qubit and to crack SHA256 they need to be 1mil qubit. Quantum computers need to be run at crazy low temperatures and not anyone would have access to them even if they were completed from an engineering standpoint. Again, this is just what I've heard. I have also heard people say that talking about quantum computing with a physicist in the room is not talking about quantum computing, it's speculation. Quantum theory is incredibly deep and technical and the public do a lot of filling in the gaps with things they dont understand about it. Quantum mysticism for example. Be wary of this. It's worth doing your own research into these points and not just taking peoples words for it. I hope it can dispel some fears and help you form an appropriate viewpoint on the matter.
>A lost wallet password would be encrypted with SHA256, SHA256 isn't an encryption scheme. It's a hash function. There's no decrypting it, an you can do is throw arbitrary data at the hashing algorithm and hope that it produces the same output as the key.
My understanding would be… kind of? A lost wallet password would be encrypted with SHA256, and if future technology does indeed crack it, then we might have some much bigger problems on our hands. But I guess that’s more probable than guessing a random private key.
Input: Help my follow these steps to verify the signature on windows: Optional: Verify the release signatures If you know how to use PGP, you should also click the Verify Release Signatures link on the download page to download a signed list of SHA256 file hashes. The 0.11 and later releases are signed by Wladimir J. van der Laan’s releases key with the fingerprint: 01EA 5486 DE18 A882 D4C2 6845 90C8 019E 36C2 E964 Earlier releases were signed by Wladimir J. van der Laan’s regular key. That key’s fingerprint is: 71A3 B167 3540 5025 D447 E8F2 7481 0B01 2346 C9A6 Even earlier releases were signed by Gavin Andresen’s key. His primary key’s fingerprint is: 2664 6D99 CBAE C9B8 1982 EF60 29D9 EE6B 1FC7 30C1 You should verify these keys belong to their owners using the web of trust or other trustworthy means. Then use PGP to verify the signature on the release signatures file. Finally, use PGP or another utility to compute the SHA256 hash of the archive you downloaded, and ensure the computed hash matches the hash listed in the verified release signatures file. ** The guide was extracted from here: https://bitcoin.org/en/full-node#windows-10
Here's a step-by-step guide to verify the signature on Windows using PGP (GnuPG) for Bitcoin Core releases. --- ✅ Step-by-Step: Verify Release Signatures on Windows Step 1: Install Gpg4win (GnuPG for Windows) 1. Go to: https://gpg4win.org/ 2. Click Download and run the installer. 3. During installation, select at least: GnuPG Kleopatra (graphical key manager) --- Step 2: Import the Release Signing Key Option A: Use Kleopatra GUI 1. Open Kleopatra. 2. Go to File > Lookup Certificates on Server. 3. Enter the key ID: 90C8019E36C2E964 4. Click Search → Select the key → Click Import. 5. You can then check the key fingerprint by right-clicking the key and choosing Details. Verify it matches: 01EA 5486 DE18 A882 D4C2 6845 90C8 019E 36C2 E964 Option B: Use Command Line Open Command Prompt and run: gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 90C8019E36C2E964 Then verify the fingerprint: gpg --fingerprint 90C8019E36C2E964 --- Step 3: Download the Necessary Files From https://bitcoincore.org/en/download/, download: The .zip or .exe archive of Bitcoin Core SHA256SUMS file SHA256SUMS.asc file Put all three files in the same folder (e.g., Downloads\BitcoinVerify). --- Step 4: Verify the Signature Option A: In Kleopatra 1. Right-click SHA256SUMS.asc 2. Choose Decrypt/Verify 3. It should say "Verified 'SHA256SUMS'" and show a good signature from Wladimir J. van der Laan. Option B: Using Command Prompt Navigate to the folder where you saved the files: cd %USERPROFILE%\Downloads\BitcoinVerify gpg --verify SHA256SUMS.asc Expected output (truncated): gpg: Good signature from "Wladimir J. van der Laan ..." If the key is untrusted, it will show a warning, but as long as it says "Good signature", it’s okay. --- Step 5: Verify the SHA256 Hash of the Downloaded File Option A: Using PowerShell Run: Get-FileHash .\bitcoin-*.zip -Algorithm SHA256 Compare the output hash to the corresponding one in the verified SHA256SUMS file. Option B: Use a SHA256 Tool Alternatively, use tools like: HashMyFiles CertUtil (built-in) Example with CertUtil: certutil -hashfile bitcoin-25.0-win64.zip SHA256 --- ✅ Done! If: The signature is verified The SHA256 hash matches the entry in the verified list Then your download is authentic and safe to use. --- Let me know if you want screenshots or if you’re verifying a specific version and file. ** I used chatgpt to generate this response
We're talking about ECDSA (vulnerable to Shor's Algorithm) for private keys, not SHA256 for mining. Fixing historical private keys is a hard fix requiring blacklisting. Either way, the whole Internet relies in ECC and ECDSA, so there will be plenty broken due to bring able to decrypting stored traffic from years ago.
If we break SHA256 encryption society would cease to function as we know it. Bitcoin will be the least of our problems.
The entire point of BTC is that it is decentralized. If quantum computing could break SHA256 in the future then banks can prepare for it and then implement quantum proof security. It's a bit more difficult to have everyone agree on how to change the source code of bitcoin.
There were no seed phrase on 2011 / 2012. Bip39 was not defined yet. Private keys were created by other means. Eg using SHA256 etc.
If a Bosnian schoolboy ever cracks SHA-256 in a browser, we’ve got bigger problems than lost crypto 😂
Hedera has even better encryption with SHA382 and its not a ghost chain. Bitcoin's weak SHA256 will get cracked by a quantum computer eventually.
already have been thinking about this for months, quantum machines solves tasks exponentially and is the most powerful and effective way to solve algorithms, hashes. already blockchain and BTC use these hashing algorithms (SHA1)
This isn’t true as not every blockchain uses SHA-256 And blockchains that implement changes will be able to be quantum proof with lamport signatures This is specifically a problem for ossified protocols
It is all about reaching consensus. Time to finality. Blockchain is a one way road, easily congested, bottlenecks. Hashgraph is like an interstate. Many lanes open for going very fast while being safe. The "its centralized" or its "closed source" are old talking points from 5 years ago. They are open source and incentivize people to develop on their network. They are also ISO20022 compliant so it can easy be integrated with the current infrastructure. [https://www.youtube.com/watch?v=IjQkag6VOo0&t=638s](https://www.youtube.com/watch?v=IjQkag6VOo0&t=638s) If you want to learn more, this is the video to watch. Its a talk at Harvard from the guy who created the Gossip2Gossip protocol and solved the trilema problem. Making it instantly scalable with Asynchronous Byzantine Fault Tolerance, which is the gold standard. Also hedera network is more quantum resistant because of the security because you would need 68% on the network to gain control. Instead of SHA 256 like most networks (BTC), Hedera has better encryption with SHA 384. What encryption does Kaspa use, I truly don't know?
Yeah why don’t they say that, you break SHA256 everything’s is fucked.
In theory, yes. In practice, not yet. The main risk is to Bitcoin’s digital signatures (ECDSA). A strong enough quantum computer could use Shor’s algorithm to extract private keys from public keys — meaning coins could be stolen from used addresses. But that would require millions of stable, error-corrected qubits. We're nowhere near that. Realistically, it's decades away — if it ever happens. SHA-256 (used for mining and address generation) is less vulnerable and would require an enormous quantum effort to break. Most Bitcoin addresses don’t expose their public keys until they send funds, which adds some protection. If quantum computing ever becomes a real threat, Bitcoin could transition to quantum-resistant cryptography. It wouldn’t be simple, but it’s technically possible. **TL;DR:** Quantum could break Bitcoin one day, but it’s not a risk today. The network has time to adapt — if it stays proactive.
Hack SHA? Can’t we just add 12 more words?
Btc alone isnt the future. Be realistic... Unless it goes up a SHA it a risk.
Sorry but you have no clue what you are talking about. 1. SHA256 isn’t the weak link, it’s ecdsa. 2. No one creates a banking transaction over http. And no you don’t need to be ISP to intercept http requests (Learn about man in the middle attack). That’s why we have https which uses asymmetric encryption algorithm to encrypt your data. The encryption algorithm we use for SSL is RSA and it is vulnerable to QC 3. Everything on the internet uses RSA to encrypt requests on the internet. If you don’t, your data will be out in the public for anyone to intercept. 4. No company that is worth a dime is storing password plaintext. And no you don’t need physical access to the db to hack in and get the passwords as proven by countless of hacking incidents in the past.
lol… the leave out the bit that IF SHA 256 is broken all the fucking planes will fall out the sky 😂 we will have much bigger problems than Bitcoin tbh
SHA256 is a hash function not an encryption scheme and is it considered to be post quantum secure. What isn’t post quantum secure is RSA and elliptic curve based cryptography, which is used to do key exchange when you connect to a website. Once key exchange is done the ensuing encryption used is also considered post quantum secure. So in general web2 settings it’s a very small step that needs to be updated and the tools to do so have already been invented. For blockchain it’s going to be much harder and much more cumbersome. bitcoin probably isn’t the worst because it’s mainly just elliptic curve based signatures that are vulnerable. But it’s still an entire decentralized system of nodes that need to update to a new scheme and it should be done in a way that’s backwards compatible with existing keys. This is not to say that it can’t be done but it’s very wrong to pretend that the situation is the same across web2 and web3. It’s a much bigger problem for blockchain, especially any blockchain that leverages zero-knowledge proofs.
Exactly, the issue isn't block signing with SHA256 but transaction signing with ECDSA. Breaking the ECDSA scheme is actually waaaaaay easier for a QC than breaking SHA256 (QC only has a quadratic advantage on reversing hash - i.e. it would take it about 2^128 steps instead of 2^256 - but an exponential advantage on ECDSA - i.e. n to some power instead of 2^n) so it's actually not unlikely it would break it in one block time, but as you said that's not even necessary - breaking a wallet to be able to sign transactions in its name and drain it has no time limit.
SHA256 isn't the problem, quantum computers only have a quadratic advantage on reversing hashes which essentially means instead of about 2^256 steps it would take them 2^128 steps - still a huge amount! The main thing that's an issue is factoring integers to their prime numbers which breaks RSA, which is the most common assymetric encryption. And that is indeed used almost everywhere where you need to communicate securely remotely (e.g. everytime you use a website with https) or everywhere you need to prove identity by some kind of digital signature (that is again used in https when the website proves its identity to you - and of course signing transactions in bitcoin). But we already have encryption schemes that can fill the role of RSA and are thought to be quantum resistant, and they are slowly being adopted in many places. Hopefully the bitcoin network will adopt it too before quantum advantage is reached!
>Banks, passwords, emails, you name it, it's secured by SHA256. Wishful thinking and also not correct. Encryption is only one part of a security model. SHA256 hashing is only used for everything. Encryption is only relevant if you have access to the network between the client and the server. If the client and the server are centralised 99% of people won't have access to this link. Eg if I create a banking portal over HTTP and bob is signing in Alice won't be able to intercept the password unless they are an ISP or on the same network (wireless) Furthermore centralised systems can just be frozen and rolled back arbitrarily without a fuss. Saying QC effects centralised systems like banks the same way as decentralized systems is wishful thinking
Consider this! BLUF - Quantum can pose a risk,to Bitcoin, optimistically 1-2 decades out, IF the network is not agile to adoption - however, solutions exist today. Why? First, when it comes to SHA-256, with Quantum we’d have machines that can solve blocks faster. Cool, so do something like migrate to SHA-512. Second, the real threat, is cracking ECDSA/digital signatures and getting private keys. Okay, we already have alternatives in place that are Quantum-resistant, such as CRYSTALS-Dilithium, so again, the network just needs to adopt these before Quantum machines come online. Echoing others, this Quantum problem breaks the internet of things, not just Bitcoin. However, there are plenty of opportunities to mitigate well before then. Don’t let people scare you out of your Bitcoin!!
Your whole premise is incorrect. They're not complex equations. They're SHA256 hashes. The point isn't to find a solution, it's to force real world resource expenditure to mine bitcoin.
Did you even read the article? SHA 256 isn't the nearest attack vector - it's the elliptic curve cryptography (ECC) underpinning the wallet. Grover's isn't even applicable in this regard; it's Shor's - an entirely different, and much more threatening, attack Centralized tech like banks, companies, etc... have a much easier time rolling out post quantum tooling and upgrades to combat against this because they are centralized. Bitcoin's greatest strength - decentralization - is it's greatest weakness here
That's the joke - Literally everything in the world will be affected before Bitcoin. Banks, passwords, emails, you name it, it's secured by SHA256. People treating quantum computing as a threat to Bitcoin don't know what other things encryption protects: Spoilers, it's everything. If there's a quantum computer out there solving SHA256 in the time it takes for a transaction to get on a bitcoin block, everything else is doomed anyways and all of society has to adopt a new standard.
They keep missing the point that cracking Bitcoin wallets is going to be the least of the world’s worries if quantum computing gets good enough to compromise SHA-256. THE ENTIRE BANKING SYSTEM RELIES ON IT, BOTH FRONT AND BACK END SYSTEMS.
It’s so misinformative. SHA256 is not rREALLY even so well attacked with Grover’s Algorithm AFAIK. So „normal“ quantum computing should have a hard time outclassing it like they can for factorization problems of primes (like RSA) Bad things are about to happen the next 2 years. I am very well pro blockchain. But also I fear they might be some technology coming which completely renders our current materialistic believe system questionable. At the heart of it is Bitcoin because if it’s a energy production capability that by FAAAAAR exceeds the current ones. - prices for energy will change drastically to the downside. Heavy ai and quantum computing energy costs will create a new equilibrium but until then we up for a rough downside correction.
Asked ChatGPT, here is the answer: Here is the analysis and evaluation of the Reddit post: > "As soon as quantum computers go into mass production, Bitcoin will die, so I think in the next 10–15 years it’s gone." --- 1. Technical Background The Concern: Bitcoin uses elliptic curve cryptography (ECDSA) and SHA-256 for signatures and hashing. In theory, a powerful enough quantum computer could: Break ECDSA by deriving private keys from public keys. Weaken SHA-256 using Grover’s algorithm. Current Reality (2025): Existing quantum computers (from Google, IBM, etc.) have too few logical qubits, high error rates, and no practical scalability for breaking cryptography. Studies estimate that millions of fault-tolerant qubits and weeks/months of stable operation would be needed to threaten Bitcoin addresses. --- 2. Bitcoin’s Resilience Bitcoin addresses don’t expose public keys until coins are spent; unspent outputs (UTXOs) are not attackable. Even if ECDSA were broken, Bitcoin can migrate to quantum-resistant cryptography (e.g., Schnorr variants, Lamport, XMSS). The Bitcoin community has already handled major protocol upgrades (SegWit, Taproot). Post-quantum cryptography is actively being standardized (e.g., by NIST). --- 3. Evaluation of the Claim False Assumptions: “Mass production” of quantum computers = threat: Wrong. Only very specific, high-scale quantum architectures with error correction could pose a threat. “Bitcoin will die”: Dramatic and uninformed. Bitcoin is adaptable, and changes can be implemented if necessary. “10–15 years”: Pure speculation. No evidence, no technical nuance. Oversights: Other systems (banks, governments, the internet) would be compromised before Bitcoin. Bitcoin has the time, incentive, and developer community to upgrade before an actual threat materializes. --- Conclusion This Reddit post is technically shallow, alarmist, and misleading. It ignores current quantum limitations, Bitcoin’s upgrade paths, and broader systemic implications. The probability of Bitcoin dying due to quantum computing in the next 10–15 years is low — assuming the community remains proactive, which it already is. Bitcoin won't die from quantum computing. It will evolve.
All you need is a random SHA 256 private address.
Indeed, I also try to get across as often as possible that you don't need any specialised hardware or crypto platform for holding Bitcoin (or almost any crypto) - you just need a clean laptop and the right programs. I must say, I didn't know you can generate endless addresses from the same public key - how does this work? I had always thought that the route from a public key to a particular type of address was unique, whether it be P2PKH, P2SH, P2WPKH or P2TR (such as base58Check("00" + RIPEMD160(SHA256(publicKey))) for legacy P2PKH addresses).
Indeed, I also try to get across as often as possible that you don't *need* any specialised hardware or crypto platform for holding Bitcoin (or almost any crypto) - you just need a clean laptop and the right programs. I must say, I didn't know you can generate endless addresses from the same public key - how does this work? I had always thought that the route from a public key to a particular type of address was unique, whether it be P2PKH, P2SH, P2WPKH or P2TR (such as base58Check("00" + RIPEMD160(SHA256(publicKey))) for legacy P2PKH addresses).
Sure, so here's a pretty straight-forward analogy: Have you ever seen or heard of a chihuahua taking down and killing a full-grown labrador? I haven't, but I have seen (with my own two eyes), a chihuahua freak out, start snarling and barking at, and generally scare the living daylights out of a labrador when that labrador tried eating from the same bowl as the chihuahua at the same time. Having studied 3 weeks for a cybersecurity certificate (a segment of which covers many encryption algorithms (including SHA-256) and asymmetric cryptography), and studying what quantum computing is, it's not a threat, but it can scare the living daylights out of people who nothing about it.
We already have a quantum proof crypto in the top 25 that uses SHA-384 instead of Bitcoin's SHA 256. You would need ore than 68% to attack the network instead of 51%. The network is incorporated into current AI software as a checks and balance system because it scales, unlike Bitcoin and any other network that has basic blockchain encryption. It sucks that so many people are working on fixing a network that doesn't scale in the first place. Good luck getting a true consensus within the Bitcoin community. Blockstream runs the (lightning) network anyways.
Quantum PCs won't be available to public for another 5ish years. Quantum & brute force code would struggle breaking even today's SHA-256 encryption. The math behind it is mind boggling. Js
A quantum computer would break the hashing algorithm that underpins the blockchain, SHA-256. At that point we’re well beyond needing to crack your wallet password, it could calculate any wallets private key and mine blocks near instantly. This is all in theory of course, but appears to be an inevitability at some point.
Not really an issue for crypto here. Nothing was cracked here, they "factored" in a 90 bit RSA integer. Which is impressive, but still a long way from cracking anything small, and an exponentially longer way from cracking anything beyond an RSA, like even the more basic SHA. Not to mention that quantum computing cracking would only work for old Bitcoin addresses. The new system of address makes it simpler to just not use the same public address twice, to make it exponentially more difficult to crack, even by a machine that would be able to crack an address. But even if quantum computing develops at an insanely faster pace than expected, you would still at best be talking about our unborn grand kids having to start worrying about their keys.
If SHA256 gets cracked the world is donezo, because everything uses SHA256. Literally everything. Email, the internet, nuclear launch codes, your bank details, you name it. Quantum being able to solve SHA256 in the time it takes to do a Bitcoin block would be the least of your concerns because the world will already be in nuclear war/societal breakdown by that point.
aight so im actually starting to get concerned about SHA256 getting cracked with quantum computers.
Second question. If you did read it, were you aware that it's a conceptual introduction to the concept of a digital currency, but that it does not accurately describe how Satoshi actually implemented Bitcoin? For example, when describing proof-of-work, the white paper says "The proof-of-work involves scanning for a value that when hashed, such as with SHA-256, the hash begins with a number of zero bits". But if that were true, you'd only ever be able to either double the difficulty or cut it in half. Finer tuned difficulty adjustments would be impossible, so Satoshi implemented a target value instead. Another example, the white paper says, "Nodes always consider the longest chain to be the correct one". However, that would open the blockchain up to attack by a huge number of very low difficulty blocks. Instead, Satoshi implemented the concept of largest total accumulated work.
VT is not fail proof, take it from someone who handled another LummaStealer today. Want to be safer, learn how to verify SHA hashes in your CLI or use a sandbox if you’re skeptical. There’s some free ones that allow 1 check per day, but can’t remember their names.
What you are trying is not possible by human or even by Quantum computers yet! breaking SHA-256 is like Imagine you are lost in the Milky Way and now you are trying to come back to earth without google map.
Since you asked for reasons why not to, here are my main ones: Scalability: bitcoin relies on a monolithic ledger system, which means that the maximum number of potential active users will always be limited. L2 solutions attempt to fix this, but it is little more than a stopgap solution. This fundamental challenge leads to a lot of downstream issues, such as inflated transaction costs. Centralization of hashrate: while it isn’t normally thought of in this way, the hashrate on bitcoin is inherently severely skewed towards ASICs and whoever can control their creation, ownership, and usage. When the majority of the hashrate resides within professional mining facilities that can be restricted by governments (or, in an anarchy situation, can be easily located and destroyed due to power/water use and noise), the hashrate is no longer a good indicator of the “average” Bitcoin user, or even the average person who wants to contribute to Bitcoin. As for some of the points that you listed, here are a couple counterpoints that you may not have considered: The purpose: Bitcoin has transitioned from mainly being a currency to mainly being a store of value. This has upsides and downsides. The upside is that there is a much larger investment pool for people who want to purchase into “stores of value” like gold, as opposed to actual currencies. Plus, increasing the value of a currency is probably the most difficult thing to do. On the downside, being a store of value had an inherent flaw: objects that are stores of value are inherently zero sum. In other words, if 1 million people buy bitcoin for 1 billion dollars, and no one else “buys in”, the most that the 1 million people can get is 1 billion. However, once you take into account transaction fees and taxes (pay your taxes), it becomes a negative sum game. Power consumption: Bitcoin’s hashrate is the purest form of unadulterated capitalism. Whatever the cheapest form of electricity is, they will go for it. In fact, they **must** go for it. Being charitable in mining is not a virtue; it is the seeds to your own inevitable destruction. This is not to say that bitcoin miners have to use the worst possible methods to mine. But if the worst possible method also happens to be the most efficient, and they can get away with it….they must. -govt: I agree with this. There isn’t any real reason for a government to create a CBDC, and there is even less of a reason for anyone to use it (unless they are coerced into it) - history: I don’t think that this is necessarily the case. In fact, bitcoin may be the most in trouble in this regard. From how you phrased it, I’m assuming you are referring to the chance that an adversary “races” a network’s entire blockchain history in order to defeat it. However, any network that is only a few months old and has a sizeable hashrate would make such an attack unviable. If you assume that the hashrate are “broken” in some way (be it quantum or otherwise), then things get interesting. SHA-256, while strong, is quite old, and is absolutely the first hashing algorithm on the menu of an attacker. And while racing any chain will still be incredibly difficult, I don’t think that Bitcoin’s history lead would matter (if someone has an academic paper on this, feel free to link it, because I am genuinely curious). Hope this helps
tldr; TAO Hash, a Bittensor Subnet 14 initiative, is revolutionizing Bitcoin mining by decentralizing and amplifying SHA-256 hashrate mining. It creates a liquid, tradable market for mining power, addressing Bitcoin's vulnerability of mining centralization. In its first week, TAO Hash achieved nearly 2 EH/s with 11 miners, potentially controlling 1% of Bitcoin's hashrate if growth continues. The system aligns incentives for validators and miners, optimizing resource allocation. TAO Hash aims to enhance Bitcoin security and decentralization while expanding to other PoW cryptocurrencies. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.
My fiancé got me a SHA-256 sweater from Braiins mining. Best part is, no one really understands what it means 🤣
It’s the opposite. Decentralized systems can’t respond to acute threats. Centralized entities like banks can reverse transactions and quantum proof overnight since there isn’t any migration required or consensus mechanism. Decentralized entities can’t do it until they see the problem. At that point, it’s too late since it would take more than two years to migrate addresses over to being quantum proof. It’s too late by the time the first quantum computer can crack SHA-256 to start migrating then. It will take all the coins before you can even migrate 1% of the addresses and permanently damage the network’s reputation.
Easily? I think you underestimate SHA-256. Quantum computers will need about a million quibits to break sha-256. Right now at best we can do about 1000
Are you trying to break SHA-256 or have a physiological conversation about what happened if it was possible.
Read Broken money, and the Bitcoin standard books at a bare minimum The Bitcoin white paper - read it. @aantonop - Andreas Antonopoulos YouTube channel - watch everything from beginning to end. Check out his books too. Fun stuff: How secure is SHA256 - https://youtu.be/S9JGmA5_unY?si=4IzMqpMS1FIDstQs How does Bitcoin work?: https://youtu.be/bBC-nXj3Ng4?si=_xXQAw-368Psdxb6 Learn about the Blockchain wars. Find documentaries on YouTube. Understand what you are investing in!
There are a lot of books now, but off the top of my head. Broken money, and the Bitcoin standard. The Bitcoin white paper - read it. @aantonop - Andreas Antonopoulos YouTube channel - watch everything from beginning to end. Check out his books too. Fun stuff: How secure is SHA256 - https://youtu.be/S9JGmA5_unY?si=4IzMqpMS1FIDstQs How does Bitcoin work?: https://youtu.be/bBC-nXj3Ng4?si=_xXQAw-368Psdxb6 Learn about the Blockchain wars. Find documentaries on YouTube. That should give you a good start.
If/when SHA-256 ever gets cracked
I’m an early adopter for most things, when I first read about it and knew very little it sounded like a great idea but it took me quite some time to buy in as I just didn’t get the whole exchange thing, I even had mining rigs that ran FAH because I thought it was great to give that compute to charity and head my house for free, it was some time later I discovered nice hash and by then GPU mining was not possible on SHA256.
Who is Satoshi? Who made SHA256 algorithm? NSA The US gov is Satoshi. Greatest checkmate chess move in history.
Quantum computing that breaks SHA-256 is the final boss of ALL monies
Well, there’s a difference between encryption and cryptography hashing. Encryption implies decryption, and yes, requires a key - even if it’s a simple substitution cypher (e.g. the secret decoder ring). Then you move up to methods like PGP which have a private key for encoding and public keys for decoding. The blockchain works with cryptographic hashing, which is a one-way, destructive operation that doesn’t take a cypher key. Rather, it takes input data, and something called a salt value, and produces an output that cannot recreate the input. That might sound like a crazy idea, but it’s awesome for privacy and security. As long as you have the same input and same salt, given an algorithm like SHA-256, you will always generate the same hash. A relatively simple example is a modern password system. The user inputs their password, you then combine it with a known salt, and a chosen algorithm produces a hash code. The system stores the hash code. There’s no way to retrieve the user’s original passcode, or even glean properties of the input from the hash. So when a user logs into a system, it’s asking for the password, using its salt value and runs that through the hashing algorithm. If the hash codes match, congratulations you provided the correct input and are now authenticated. The blockchain is a bit different because of network difficulty, which states that the resulting hash of a block must meet certain criteria. It’s called a proof-of-work system because most of the hashes we generate simply don’t meet the criteria and are discarded, so we change the salt and hash again. Over and over. Eventually (averaging about every 10 minutes) a computer manages to produce a hash that meets the criteria and a block is confirmed.
Samsung Toshiba - Nakamichi Motorola Also.. SHA is an algorithm developed by NSA So .. you never know what's going to happen
Eventually, when quantum computers will become powerful enough to break SHA-256 encryption, all lost Bitcoin private keys will be "recovered" if they haven't been upgraded to a quantum proof encryption algorithm (because the owners who lost the Bitcoin can't access it). So deflation due to lost private keys are unlikely to cause excessive deflation to the point that a Satoshi is too big a base unit. Also, on the Lightning Network you can make transactions of amounts way smaller than a Satoshi (1/100 or 1/1000 of a Satoshi I believe). Hope this answers your question
Breaking SHA 256 will cause bigger problems than just breaking Bitcoin. Not worried.
Can you actually say that with quantum computers able to break SHA 256 ?
When there is more computer power we can also encrypt harder. So by then will be stepping over to SHA1024 or something. Other are worried that quantum computing will help the people learn how to genetically manipulate iron into gold. There is always something to worry about. There is also always a solution or a substitute.
The danger to Bitcoin from quantum computers is exaggerated. First, because it is not even clear whether it is possible to scale them to the number of qubits required to make them a threat. Second, because they would break digital signatures but not the SHA256 hash, meaning funds in all non-reused addresses would remain secure. Third, because there will be ample time to implement post-quantum signatures, just as Schnorr was introduced. Bitcoin faces other real challenges, not quantum computing.
Quantum computers are a Silicon Valley scam running for decades. It's an investor cash-grab scam. Also, if SHA-256 is no longer useful at some point, there is nothing to prevent the Bitcoin developers from implementing a more complex and advanced encryption algorithm. Quantum computers are more of a sci-fi thing rather than something real. They are just an overhyped prototype technology meant to attract investors's money. Watch this video debunk: https://m.youtube.com/watch?v=xcbZJDJlptk&pp=ygUWUXVhbnR1bSBjb21wdXRlcnMgc2NhbQ%3D%3D
All the crypto fellating from bitcoin influencers has made me sick. I hope someone unleashes a high powered quantum computer on the SHA-256 and breaks this trash down now.
SHA256 encryption allows for generation of wallets that is more than the estimated atoms in the universe. It's the law of large numbers protecting you.
This problem is already being worked on. SHA256 isnt limited to bitcoin
Encrypted file? No way the broke the encryption, unless you used SHA1 or something broken like that.
Wildly irrelevant. Quantum computing risks apply to everything online. Breaking SHA256 also means every bank server is accessible.
If we are talking about using the network to send money, then yeah. I will buy my "shitcoin" named HBAR and near instant speed, a 3-5 seconds time to finality with predictable fees equating to roughly a fraction of a cent. I won't even touch on the smart contract capability, aka tokenisation, which is not a thing with PoW. I use Hedera because it's a unique hashgraph mechanism, not clunky old blockchain tech from a paper written 15 years ago. I also use it because it is a quantum proof network that is way more encrypted than Bitcoin's SHA-256. [https://hedera.com/blog/post-quantum-crypto](https://hedera.com/blog/post-quantum-crypto) If you can tell me why any Bitcoin network or fork is better, I am all ears.
It's not even a very complex "coin toss". The process is simply: 1. Pick a random 32 bit (4 byte) number. 2. Using a pretty simple computation, combine that 4-byte random number with the other 76 bytes of a valid block header. 3. The result of that computation will always be a 256 bit (32 byte) number. 4. Compare that 32 byte result to the current difficulty target number. 5. If the result of your computation is less than the target, you get to broadcast the block which pays you 3.125 BTC plus transaction fees of all transactions in the block. 6 if the result of your computation is NOT less than the target, go back to step 1 and try again. (The calculation in step 2 is called SHA256. There are videos and blogs that show how to do it by hand with pencil on paper. It isn't difficult, but it has a lot of steps and one mistake results an a completely invalid result. A computer, or ASIC, can do it VERY fast. The best ASICs at the moment can do about 235,000,000,000,000 of them every second. The average human can probably calculate one SHA256 result by hand in one to three weeks).
I'm not saying it's aliens... but it's aliens. They probably have quantum computers and managed to break the SHA-256, and then gained access to Satoshi's wallet.
You’re look for SHA-256. Look it up
Quantum computing doesn’t work against SHA256, don’t spew bullshit.
Well we know what quantum affords us (speed) so there are ways to design network interactions where speed alone doesn't allow you to hijack the system. I've seen a few models for cryptographic handshakes that are rate limited, so if you don't know, simply guessing faster isn't going to get you to the goal. Double SHA-256 has some of those qualities embedded into it but we can of course improve on it. We just won't be able to get the BTC network there, it will have to be an entirely new project which of course involves building community, raising capital, etc. Once the actual need arrives though, there will be options.
Double SHA 256 is reportedly more quantum resistant than people realize. There are already chains that were designed entirely to deal with quantum computation but they aren't in fashion at the moment. Nothing with utility is because everyone is chasing meme coins and presidential pump and dump schemes.
I absolutely believe Saylor will do this, and he has every incentive to. By stating this and burning his keys, it basically ensures that people will still try and crack SHA256 algo, but it also ensures that people will do everything they can to protect the network because they know their holdings of BTC will increase greatly afterwards. It’s essentially game theory at its finest, yet again.
Unless someone can break SHA- 256 (which is used buy things other than crypto) no one can crack bitcoin. Bitcoin is open source, so regardless if you created it, you’re on an equal footing with the rest of us.
Reading their FAQ [https://btcpuzzle.info/faq#what-should-i-pay-attention-to-when-transferring-the-reward](https://btcpuzzle.info/faq#what-should-i-pay-attention-to-when-transferring-the-reward), We're both partially right: \* The public and private keys referenced are SHA-256 / actual BTC pub/private keys. It would normally be infeasible to impute the private key from public key. \* HOWEVER, the nature of this game is that it defines a relatively narrow range of possible private keys. AND, certain public keys are released after some amount of proof of work is demonstrated (or so I can glean, it's honestly quite confusing). So, *if* someone solves a puzzle, and *if* that person begins the process of transferring the bitcoin to another wallet (broadcasting the publicly known, UTXO-laden address to the mempool), AND *if* that person with the private key had left RBF turned on.. THEN, someone could feasibly use the public key, *the known private key range*, AND one of the known methods of deriving (brute force guessing) the private key using a public key, to re-discover the private key, quickly. *If* they can re-discover that private key in a short period of time (i.e., while the transaction is still in the mempool), they could broadcast a new transaction with a higher fee (re: RBF) and send it to a wallet they control\*. \*I actually didn't know one could change destination addresses with RBF, but maybe someone else can elaborate on that part of it..
It was a soft fork so the ECDSCA wallets are backwards compatible if you move them over to an SHA address. I’ve heard experts talking about a possible soft fork into a Quantum resistant hash…if it’s a soft fork it’ll be no biggie just like the Taproot fork was…You’re definitely right about QCs being able to break SHA-256 at some point but we might be like 50 years away from that…
You are right, I was not aware that Schnorr uses SHA-256. seems kinda weird to set it all on one horse. If it breaks everything breaks. It is also not QC resistant. Anyway. Let's assume Taproot is safe for the moment. As far as every maxi claims BTC is backwards compatible. So I assume most addresses are still ECDSCA. Segwit addresses took a long ass time to gain ANY traction at all. I assume you have no such statistic? Anyway if ( in the unlikely case as we established) BTCs hash crypto functions are broken it is toast in many ways one of them being: Being unable to move coins to safe addresses in time.
It’s no longer done with EDSCA, it’s done with SHA-256 ever since the Taproot fork. Breaking SHA-256 would be a historic moment. We’d see the spoofing attacks like I was referring to before that as it would take less Q-Bits. We’d see other forms of cryptography protocols getting broken before SHA-256.
This FUD is ridiculous. If SHA-256 gets broken, the world will have much much larger issues than bitcoin. At least bitcoin can be upgraded to be QC resistant. Banks, military infrastructure etc ? would not be able to react as quickly. Also we don't even know if it will EVER be feasible in practice.
It's just you. You can't "capture the computing power" of bitcoin mining. Bitcoin miners are just solving SHA-256 hashes.
Dumb and lazy post. Could be anything computer related - or worse Doge coin which also uses SHA256 in mining. And since OP doesn't even know it's clearly in Austria/Vienna he probably lifted the image from somewhere.
From my understand & research that is correct. Even between quantum computing & Ai technologies. Technically It would be "illegal" to hack or steal them. From my understanding even the most advanced technology won't be able to hack due to the hashing sequence. 🤔 The mathamatics involved is unthinkable. The blockchain has I'm not sure how accurate Chat GPT is but ask it yourself. There's at least low-level information available to learn about it. Estimating when SHA-256 might be broken by AI and quantum computers depends on the progress of both fields, especially quantum computing. Here’s an analysis based on current knowledge: 1. Classical Computing and AI Threats AI, even with advanced machine learning models, cannot directly break SHA-256 because it’s based on complex mathematical properties like the avalanche effect (small input changes cause large hash changes). However, AI could help: Identify patterns in hash generation or network vulnerabilities. Optimize the mining process to make it more efficient (but not to break the hashing itself). Therefore, AI alone is unlikely to break SHA-256 anytime soon, if ever. --- 2. Quantum Computing Threats Quantum computers pose a more serious threat because of their ability to solve certain mathematical problems exponentially faster than classical computers: Shor’s Algorithm Shor’s algorithm can theoretically break RSA and ECC encryption by factoring large numbers and solving discrete logarithms efficiently. However, SHA-256 is based on a one-way hashing function (not factoring or discrete logs), so Shor's algorithm cannot directly break SHA-256. Grover’s Algorithm Grover’s algorithm allows quantum computers to search an unsorted database (or invert a hash) in √N time instead of N time. For SHA-256, Grover’s algorithm could reduce the effective security from 256 bits to 128 bits — which is still very strong (AES-128 is considered secure against classical attacks). --- 3. Timeline Estimate Current quantum computers (like those from Google and IBM) have only reached about 1,000 qubits — far below the estimated millions of error-corrected qubits needed to threaten SHA-256 using Grover’s algorithm. Estimates vary, but experts predict that: It could take 15 to 30 years to develop a quantum computer capable of running Grover’s algorithm at a scale that could weaken SHA-256. It may take even longer (if ever) to reduce security to a practically exploitable level, considering the need for fault-tolerant qubits. --- 4. Post-Quantum Cryptography To prepare for this, researchers are working on post-quantum cryptography (PQC), which includes hash-based cryptography that quantum computers are unlikely to break. SHA-256 itself is not currently under immediate threat, but blockchain systems could eventually upgrade to quantum-resistant hashing algorithms (like SHA-3 or lattice-based methods). --- 👉 Conclusion AI is unlikely to break SHA-256 directly. Quantum computers using Grover’s algorithm might weaken SHA-256 to 128-bit security, but this would require millions of qubits and may take 15–30 years (or longer) to become practical. Blockchain systems will likely adopt quantum-resistant algorithms before quantum computing reaches this level.
Not only SHA 256, but a W SHA 256, a W one.
> Then go read a book about bitcoin SHA-256 is a basic compsci thing, and not related to bitcoin exclusively at all lol. You're just being a big dummy.
I don't mind people in this thread not appreciating that it's an open standard that most of the underlying infrastructure of the whole Internet uses. But honestly find it odd the amount of people willing to argue that any mention of the SHA-256 protocol simply MUST mean bitcoin, and are offended that other applications use it, and have been using it way before Bitcoin.