A StarkWare researcher has published what he claims is the first method to make bitcoin transactions quantum secure on the live network today, without any changes to the Bitcoin protocol. The plan, however, costs up to $200 per transaction and is designed as an emergency measure rather than a permanent solution.
In a paper published this week, StarkWare researcher Avihu Levy presented Quantum Safe Bitcoin, or QSB, a scheme that aims to enable quantum-resistant transactions without requiring changes to the Bitcoin protocol, replacing within its design signature-based security assumptions with hash-based proofs.
The hash-based design survives the type of quantum attack that would break current cryptography, but it shifts the burden from consensus to computing, requiring intense off-chain GPU work for each transaction.
Think of traditional digital signatures as a handwritten signature on a check, showing that you authorized a transaction using a secret key that others can match against a public key.
In Bitcoin, these digital signatures are called ECDSA signatures. They are secure against current computers, but a future sufficiently powerful quantum computer could, in theory, derive the secret key from a public key and potentially compromise funds.
QSB addresses that flaw by redesigning the system around a different type of cryptography, involving hash-based proofs, which are more like a tamper-proof fingerprint, where instead of relying solely on the signature, a unique mathematical summary of data is created. This is said to be extremely difficult to fake or reverse, even for powerful computers.
QSB works entirely within Bitcoin’s existing consensus rules for legacy transactions. It requires no soft fork (software upgrade), no miner signaling, and no activation schedule. This is a stark contrast to BIP-360, the quantum resistance proposal that merged with the official Bitcoin improvement proposal repository in February, but which does not have a Bitcoin Core implementation and faces years of delays in its governance.
The proposal builds on an earlier idea known as Binohash, which added an extra layer of computational work to secure bitcoin transactions. The problem is that it depends on a type of cryptography that quantum computers are expected to break. In practice, that means that protection disappears in a quantum scenario. An attacker could completely bypass the system’s central security control, rendering it ineffective.
Additional cost
However, the hash-based solution involves extremely expensive transactions.
Generating a valid transaction requires searching through billions of potential candidates, a process Levy estimates would cost between $75 and $200 using cloud GPUs. Currently, the cost of sending a bitcoin transaction over the blockchain is around 33 cents.
The system also includes practical obstacles. QSB transactions would not move through the normal Bitcoin blockchain like typical payments. Instead, users will likely need to send them directly to miners willing to process them.
They also don’t work with faster, cheaper layers like the Lightning Network, and are much more complicated to create. Generating a transaction would require outsourcing a lot of calculations to external hardware, rather than simply signing and sending from a wallet.
Levy describes the plan as a “measure of last resort,” not a replacement for protocol-level updates. Proposals like BIP-360, which aim to introduce quantum-resistant signature schemes through a soft fork, remain the most scalable long-term solution, but could take years to activate.
The BIP-360 activation schedule is uncertain. Polymarket bettors consider the odds of this happening this year low, and the history of Bitcoin governance offers little cause for urgency: Taproot took roughly seven and a half years from concept to implementation. On the other hand, mature quantum computers capable of breaking the encryption that secures the network will not arrive tomorrow either.
Instead, QSB offers something different: a way to survive a quantum breakdown using current rules, if users are willing to pay for it.
