Citi Note Puts Bitcoin’s Quantum Risk Under the Spotlight
A CoinDesk opinion piece argues that recent quantum-computing research and a Citi note sharpen the contrast between Bitcoin’s slower governance process and Ethereum’s more flexible upgrade path. The issue centers on how each network may handle a future shift to post-quantum cryptography.
What happened?
A CoinDesk opinion piece argues that recent quantum-computing research and a Citi note sharpen the contrast between Bitcoin’s slower governance process and Ethereum’s more flexible upgrade path. The issue centers on how each network may handle a future shift to post-quantum cryptography.
Why it matters
The issue matters because institutional holders increasingly treat crypto assets as treasury and infrastructure exposure, not just speculative tokens. If quantum computers become powerful enough to derive private keys from public keys, networks would need credible migration paths to post-quantum signatures. The column frames that readiness as a material question for companies, funds and other large holders assessing long-term digital asset risk.
A recent CoinDesk opinion column by Samir Tabar said a May 18 Citi research note warned that advances in quantum computing have shortened the timeline for potential attacks on digital assets. The piece argues that Bitcoin faces greater quantum-related risk than Ethereum because of both its cryptographic exposure and its slower governance model.
The issue matters because institutional holders increasingly treat crypto assets as treasury and infrastructure exposure, not just speculative tokens. If quantum computers become powerful enough to derive private keys from public keys, networks would need credible migration paths to post-quantum signatures. The column frames that readiness as a material question for companies, funds and other large holders assessing long-term digital asset risk.
According to the article, a March paper from Google Quantum AI, Stanford University and the Ethereum Foundation estimated that the computing resources needed to break Bitcoin’s foundational cryptography may be about 20 times lower than previously thought. The article says such an attack would still require a quantum computer that does not exist today, but cites the research as narrowing the perceived timeline for action.
Bitcoin’s challenge, as described in the piece, is not only technical. Its security relies on elliptic curve digital signatures, and public keys can be exposed when bitcoin is spent. The article also notes that past Bitcoin upgrades such as SegWit and Taproot took years to move from conception to broad adoption, while current quantum-related proposals, BIP-360 and BIP-361, remain at draft or early testnet stages as of 2026.
Ethereum is presented as more adaptable because of its account model and upgrade roadmap. The article points to the May 2025 Pectra upgrade and EIP-7702 as steps toward account abstraction, which could let individual accounts adopt new signature verification methods rather than waiting for a single network-wide transition. It also says Ethereum’s roadmap targets core post-quantum infrastructure around 2029, with further protocol-level work planned through the Hegotá hard fork in the second half of 2026.
The article is an opinion piece, and its strongest claims reflect the author’s view that Ethereum is better positioned than Bitcoin for a post-quantum transition. Still, the underlying theme is broader: quantum risk is moving from theoretical debate into planning discussions for digital asset infrastructure, even if the hardware needed for practical attacks has not yet arrived.