So, Project 11 just kicked off a contest where you can score 1 BTC if you manage to break Bitcoin's Elliptic Curve cryptography and an ECC key using Shor's algorithm on a quantum computer. The goal? To crack the biggest ECC key out there.
They claim that around 6 million BTC spread across over 10 million wallets could be at risk from quantum computers due to exposed public keys. That’s a whopping $500 billion at stake. This whole thing is part of testing how much of a threat quantum computing really poses.
Project 11 is convinced that quantum computers will eventually crack Bitcoin’s 256-bit keys. But you don’t need to reach that far just yet. They say even breaking a 5-bit key would be a pretty big deal.
Here are the rules for the competition:
- Anyone can join, whether you’re flying solo or in a team. No need for any corporate backing.
- You’ll need to figure out how to run Shor’s algorithm on today’s quantum hardware and show that you can scale it up to 256-bit keys.
- Project 11 has put together sets of ECC keys ranging from 1 to 25 bits. Your job is to target these key sizes and prove that your methods can crack the given x-bit key.
- Make sure to submit your results. You can include your code, the steps you took with the quantum program, a rundown of your approach, the techniques used, and the specs of the quantum computer you worked with.
Make sure to get your submissions in by April 5, 2026. All entries will be made public. If you want to join in, sign up here: https://www.qdayprize.org/register
What do you guys think? What key length do you reckon these white hats will be aiming for?
I don't know, I read their T&C and they are mention the following "10. Prize and Related Terms. One Winner may receive a prize of one (1) Bitcoin or, " < I don't like that "may".
How many people have access to quantum computers? I would expect the budget involved for the ones who have to far exceed 1 BTC, which makes me think this small prize isn't worth their effort.
Exactly, the cost of owning a quantum computer is from $10M+. If you want to rent quality time using one from any cloud providers this is what it will cost you;
Provider|Cost per Hour (est.)|Keep in mind|IBM Quantum|$1,500$10,000/hr|Via IBM Premium Plan|Quantinuum|$5,000$20,000/hr|High fidelity, access to H1 system|IonQ|$3,000$15,000/hr|Available via Amazon Braket|AWS Braket|Pay-as-you-go|For multiple providers|
Since this is a team based effort contest, only individuals with the required technical requirement will join together to form a team.
What a paradox!
They are asking participants to break the Bitcoin cryptography then they want to pay them in bitcoin which would become worthless if they succeed
The "expiration date" of secp256k1 was 2040 (15 years from now) according to SEC. It already is not that long. Curious to see how much shorter they'll make it.
If there'll be any successful attempt in the near future, it would take a lot of time on that single attempt.
Given that, there'll be enough time for announcements and soft/hard-fork to issue a QC resistant update.
Lots of "satoshi" bitcoins will eventually be redistributed to the market that will drop Bitcoin's market value together with FUD,
But I doubt Bitcoin will be worthless if an update is successfully deployed in time.
They will surely ask you to demonstrate your method and it has to be reproducible and independently verifiable. They also talk about how they don't want compilation tricks that can't scale.
https://www.qdayprize.org/
Good question. I guess not that many. But those with enough money to spend can surely find access. IBM, Google, and AWS provide cloud quantum computing services to anyone willing to pay.
True. But they don't really expect anyone to succeed. They have said that if anyone can break a 5-bit key it would be an astonishing achievement. And that's wide of the 256-bit mark.
It hasn't even been a month since Fillippone shared this post, and the race to start the crack has already begun. We've been expecting this stage of attempts to happen sooner or later, but the proactive ones have chosen to make it sooner. At this point, it's becoming more clearer by day that people's interest in using QC to break ECC is getting stronger.
From all the videos i have watched on QC, i don't think i have seen any personal owned.
probably, not more than 90% of world population have come in contact with it.
This should be more of an institutional competition, but at the same time, they will have to weigh their options considering how expensive it is.
Does the 1BTC prize actually worth the time taken to run a QC till 2026?, i don't think so.
There are hundreds of dormant addresses, where the owners either lost their wallet password or died. The trick is to call the idiots to break these addresses using QC so that the same idiot can earn 1 BTC, while they get the biggest slice of the pie! Only brainless idiots get into this game.
Where I can find the exact keys? Because I think it may be a good exercise, to first break all of them classically, and just see, how they generated these small elliptic curves. Breaking ECDSA is one thing, but discovering the exact way of how secp160k1, secp192k1, secp224k1, and secp256k1 was made, is also a challenge in itself (specifically: how their generators were picked).
I assume you wanted to say that more than 90% of the people have never heard of or been in contact with quantum computers instead of what you wrote.
Anyone is allowed to rent quantum computing power and attempt to crack their ECC keys, be it an individual, a small or massive team. That's what they meant. It's not an exclusive challenge for institutions or businesses, although they are better suited for it because of the costs.
Of course not. You wouldn't have the QC doing the computational work constantly. The investments would be in the millions.
If you are interested in taking part, I suggest you read all rules of participation carefully. The first step would be to sign up. After that, there will surely be a way to contact the team and request a specific key range to attack. They are interested in having participants use quantum computers with Shors algorithm for the cracking process. You might not be eligible for rewards if you don't follow the rules.
I struggle to understand this prize.
If I had the power to break cryptography with a quantum computer, the prize would be much higher than 1 BTC.
Why focus on the 1 BTC prize when you can attack a Satoshi Coinbase?
Or why attack Bitcoin, in the first place, when you can attack much higher stakes?
The technology to break Bitcoin's cryptography hasn't been developed to the point of it being worrying. I am sure Planet 11 has no doubt that anyone will be successful with breaking a 256-bit key. What they are interested in discovering is what key length today's technology can crack and how much effort does it take.
There are already many puzzles that are monitoring the progress toward the availability of a powerful enough machine.
This for example seems a good one, it took 2 years to break a puzzle with 2^66 bytes
Again, my best guess is that a quantum computer will not be used to break bitcoin, as there are more valuable, not so closely monitored prizes out there.
I may have found a way to crack the ECC with simple pattern recognition and math and am working on implementing it into an open source multi-chain multi-tool.
lol, It started as a tool to win those puzzles, anyways, here's the git link. the first release should be fully functional, do I need to read the info and follow the links to win the 1 btc? do I not win if I did it with a regular pc?
https://github.com/mrwhalebones/MasterKeyProgram/tree/main
if you believe in what im doing, im doing this because i busted me foot and am trying to win something to pay rent XD :_)
I'm curious if they would manage even a single bit ECDLP with Shor's algorithm. As mentioned on the website 3-bit would be a breakthrough.
99.9% fidelity might be enough for lg2(1000)=10 bit RSA via Shor's, maybe, sometimes.
For a 25 bit one would need 99.999997% fidelity, not only in qubits, but Toffoli (or whatever) gates as well.
I'm not sure what these 99.9% mean though. In what time frame is the error so low? After all, more time equals more noise. If I got it correctly, let it be 99.9% for 1 nanosecond, it would get down to 99% in just 10 nanoseconds, then 90% in 100 ns, and then is kinda gone with 1% in 1 microsecond.
Meanwhile there's a few million dollar prize on finding any real world use of quantum computers - by google & xprize
The quantum computer scam continues.
That cannot be stated enough!
The main focus of possible applications of QC are those where Big Money is to be made: Petrochemical engineering, catalyst research, protein folding, etc. Those areas are the ones being heavily tested and are what is driving/funding research into QC. Even with literally 100's of millions of dollars a year being poured into finding workable QC solutions for those applications there is to-date ZERO progress because the technology is just-not-there yet.
Aside from interest by 3-letter government agencies, cracking strong cryptography does not even make the list and yet the only thing that seems to draw interest of the general public and social media is the obsession with cracking crypto coins like BTC. Go fig.
Don't get me wrong - once QC systems are able to address the above applications and become commercially available outside of research facilities I have no doubt that various rouge nations/groups will turn their interest to cracking legacy sha256-based BTC and other crypto coins but that is still many many years away. By then, post-QC encryption should be in wide use making the fear mongering a moot point.
People like movies.
I will start the script of the new BTC crypto movie right now.:
Luckiest being in the universe
"Crypto Phil"
Phil always knew he had unique ability of luck. He had exhibited it multiple to the amazement of many but he always said oh thats just a trick.
So to show bitcointalk what he mean by unreal luck he wrote this post. I am going to go to
https://getcoinplate.com/bip39-seed-phrase-mnemonics-generator-offline-online-tool/?
I will generate a working collision seed that places into a Trezor and hits a wallet.
... anyone can write the rest of this if they want
01)hand
02)knock
03)dad
04)exist
05)neglect
06)fly
07)stereo
08)way
9)diesel
10)dumb
11)federal
12)verb
13) .
14).
15).
16).
17).
18).
19).
20).
21).
22).
23).
24).
Now in real life I won't even bother to put in the full 24 seed
or use the first 12 or use to second 12
but in the book all 3 sets of words would open large wallets because
Crypto Phil is the luckiest person on the universe
Traditional banking is the more lucrative target because its infrastructure uses RSA and ECC cryptography for security. But, it's harder to make traditional fiat disappear. Transactions are reversible. That's not the case with bitcoin. On top of that, you can swap the coins to monero, mix them, coinjoin them, move them between layers, etc., to better hide your traces. Another point worth considering is that bitcoin would be pretty much worthless at that time, so why go through all that trouble to steal something that won't have much value? One answer is to simply destroy it.
Still, this isn't an immediate treat but it could become one in one or two decades.
Still curious about of the outcome.
4 bits would be a breakthrough.
I know there are simulators for quantum computers that can get to 10 bits.
It is a good check of state of the art of quantum computers.