Avihu Mordechai Levy, a developer at StarkWare, proposed an idea in his recent paper called “Quantum Safe Bitcoin” (QSB). He explained that there are ways to make Bitcoin safe from possible threats caused by quantum computers.
According to Levy’s paper, QSB can operate within current scripting limitations; it does not require a soft-fork, nor will it ever require a network-wide update. This way it can safely protect itself from threats created by Shor’s algorithm, as well as all other types of threats, including breaking the Elliptical Curve Cryptography being used today on Bitcoin.
Rather than rely solely upon the use of traditional digital signatures, the proposed system combines hash-based cryptographic methods with an earlier method called Lamport Signatures, which is widely recognized for its resistance to both classical and quantum-based cyber-attacks.
This structure provides the assurance that any attempted alteration to a transaction will necessitate producing a new valid digital signature, an action that is not feasible even against the most sophisticated cyber-adversaries operating quantum computing systems.
Related: Strategy Signals Another Major Bitcoin Purchase
A critical element to the operation of the proposed system is the requirement for each user to solve a computational puzzle prior to broadcasting their transactions.
As stated by the authors, they estimate it would take approximately 70 trillion attempts to resolve these puzzles. In contrast to mining processes that occur within a network of distributed computers, the computation required to solve these puzzles is performed independently by the user prior to submission of a transaction that includes evidence of successful resolution.
As stated by the authors, the computational puzzles can be resolved by utilizing standard GPU hardware at costs ranging from $200-$500 per transaction. All elements of the proposed scheme were carefully designed to meet all requirements established by Bitcoin’s scripting language limitations, including a maximum of 201 opcodes and a maximum of 10,000 bytes for scripts.
To satisfy the described requirements, the proposed model utilizes a multi-layered architecture that combines hash-challenges (which are based on puzzles) with Lamport Signatures; additionally, “pinning” mechanisms have been incorporated into the design so that if any party is going to modify a transaction, they will be forced to recalculate the underlying puzzle.
Read Also: What Is Bitcoin Mining and How Does It Work in 2026?
While the author’s method can be considered innovative, Levy describes this method as a contingency plan and, therefore, an impractical long-term solution due to high processing costs associated with both computing puzzles and large transaction sizes, thus limiting potential use in high-capacity applications.
In addition, possible complexities created by the creation of such transactions could present possible issues in how relay policies currently operate, possibly causing relay submissions to be made directly to the mining pool.
The proposal recognizes some areas in which vulnerability may exist. It is able to reduce the risk from Shor’s algorithm, but does not remove potential performance advantages for an attacker using Grover’s algorithm.
Levy notes that if quantum threats do become tangible, then Bitcoin would most likely need to have much more effective and user-friendly upgrades at the protocol level. His work is part of the larger body of research concerning how to transition to a post-quantum environment with proposals like BIP-360 (new address formats designed with post-quantum security in mind).
