In case you missed it, Epoch released a behemoth of a report today (#1416746), and while I haven't read the whole thing yet, I thought he did a nice job addressing quantum computing. Also: have I said lately how much I hate pdfs?
Towards the end of 2025, a focus on quantum computing risks to bitcoin's underlying cryptography potentially drove an institutional investor sell -off. We believe that this part of the investment community is driven by several behavioral biases, namely loss aversion, herd mentality, and availability.
Here, we provide a summary of the arguments and our perspective. The concern is Neven’s law, which states that the computational power of quantum computers increases at a doubly -exponential rate relative to that of classical computers. If true, the timeline to break Bitcoin's cryptography could be as short as 5 years.
Moore’s law for classical computers is akin to Nevin’s law for quantum computers. However, Moore’s law was an observation. Neven’s law is not an observation because logical qubits are not increasing at such a rate. Neven’s law is an expectation of experts. Based on our understanding of expert opinion in the fields we are knowledgeable about, we are highly skeptical of expert projections.
Today, quantum computers have not observably factored a number greater than 15. If quantum computers begin to factor larger numbers, then we would see evidence of growth, but whether that growth is exponential is a separate question.
All we have seen is that progress in physical (not logical) qubits has increased, and error rates are declining. The problem is that these factors have not mapped to the real world. Said differently, rising physical qubits and lower error rates are not inc reasing logical qubits and factorization.
Further, a potentially existential issue for quantum computing is that error rates scale exponentially with the number of qubits. If this relationship holds, even if logical qubits grow exponentially, it may still not translate into factorization. At its c urrent rate, it may even be more likely that classical computers, through Moore’s law and algorithm improvements, break the cryptography used by Bitcoin before quantum computers do.
So, we need to see quantum computers factor greater numbers to really point to any meaningful progress. Until then, the sky is not falling, and this risk is not even a priority for consideration. Assuming that it was a real risk, the question would then be come: what is the Bitcoin community going to do?
Quantum -resistant signature algorithms exist – implementing one of them is not the issue. The issue is that they’re all too large for Bitcoin and would consume block space, thereby lowering transaction throughput on the network. New signatures emerging tod ay are being tested and are increasingly data -efficient. This is one of the primary risks of implementing a quantum -resistant signature scheme prematurely – we may end up with a much less efficient scheme than we could have had if we had waited.
Chaincode Labs conducted an in -depth research paper on the problem, recommending the community consider a 2 -year contingency plan and a 7 -year comprehensive plan. For the short-term contingency plan, we know that taproot address types can make commitments to spend before the public key is revealed – thus hiding the public key from a quantum computer and protecting quantum -vulnerable public keys. Basically, modern address types have a hidden form of quantum resistance that can be unlocked, and this could be used if quantum factorization suddenly grows exponentially.
The significant risk is that achieving bitcoin consensus for improvement proposals is very challenging. Historically, the community has adopted consensus soft forks. If there is an existential risk, we anticipate that far more stakeholders would align on a soft fork solution than the majority. If a solution were ultimately adopted, there is a risk that these signature types would materially decrease the efficiency of the blockchain. The BIP360 team is working through the research on these proposals today.
In summary, the progress being made in the quantum computing field is not translating to practical outcomes, and the community itself has an incentive to make the public believe it is (to raise funding/awareness/etc). However, it is undoubtedly a topic wor th considering and understanding for the community to begin long -term planning of the various trade -offs associated with solutions that already exist today. The worst - case scenario we see for quantum risk is that a solution is implemented prematurely, with an exponentially lower efficiency trade -off had we waited longer before implementing.
As an investor, your job is to identify the most material risks to an asset and focus on understanding those. There are numerous risks to consider for Bitcoin as it competes in a geopolitical environment with monetary commodities and fiat currencies. We do not view quantum computing as a primary risk for the reasons above, and your intelligence is best spent elsewhere while the technical community develops solutions. If you’re reducing your allocation because of quantum risk, you’re being driven by behavior al bias and failing to see the benefits of a bitcoin allocation on net.
We recommend the following sources for further reading:
• Chaincode Labs: Bitcoin and Quantum computing
• Rearden Code: Gwart Show Quantum Computing Podcast
• Nic Carter: Bitcoin and the Quantum Problem
First, this reads like AI slop.
Second, I had never heard of Yakes until I saw a screenshot of his tweet about the Saylor and Danny interview, which he had the most midcurve opinion...
Even though I agree with the (AI's) conclusion on quantum, my credibility meter on Yakes was already low.
Yakes wrote a book called The Seventh Property back when they launched his VC fund: Epoch.
I never read it, but I have some positive feeling towards him from reading what I think were excerpts. My memory is that he had good takes.
Congrats ! Now you are in my memes :)
It is an achievement of a lifetime.
The report is super long, but I'm hoping to read the rest of it today and post some highlights.
I just bought pdf2website.com. One of these weekends I’m going to vibe a paid product that allows these suitcels to convert their word processor docs to something internet native and mobile friendly.
Look: we bitcoiners aren't much better. How many html copies of the whitepaper exist?
Also: why hasn't anybody turned the whitepaper into a nice SN post? We have great math support so it could probably be done without any pictures (like I ended up doing on my website when I html'd it).
Those suits probably aren't cels if you take my meaning
And, horrifically, website2pdf may actually have more demand if my university's inability to handle my web native course syllabus is any indication
Sell to arxiv when done, their html renderer has issues.
The truth is that most of the noise around quantum computing as an imminent threat to Bitcoin is driven by narrative rather than by verifiable capability. The comparison to Moore’s law is misplaced because Neven’s law is not grounded in recorded empirical observation. Without observable breakthroughs in factoring numbers meaningfully larger than 15 these projections remain speculative at best.
The distinction between physical and logical qubits is central here. Marketing materials and funding pitches lean heavily on rising physical qubit counts because it is an easy metric to showcase. The logical qubits that actually matter for applications like breaking elliptic curve cryptography are nowhere near the required scale. Worse yet the exponential scaling of error rates could prove catastrophic for large scale factoring rendering much of the current optimism irrelevant.