An independent researcher, Giancarlo Lelli, has successfully derived a 15-bit elliptic curve key utilizing a publicly accessible quantum computer. Project Eleven, a post-quantum security startup, has acknowledged this achievement as the most significant quantum attack on elliptic curve cryptography to date, despite its scale being considerably lower than that employed in current real-world cryptographic systems. The project has awarded Lelli a 1 Bitcoin bounty, valued at over $78,000, as part of its “Q-Day Prize.” This initiative, launched last year, aimed to incentivize the breaking of elliptic-curve keys ranging from 1 to 25 bits before April 5 of this year.
Key Takeaways
- Giancarlo Lelli successfully derived a 15-bit elliptic curve key using a quantum computer.
- Project Eleven awarded a 1 BTC bounty for this achievement, labeling it the “largest quantum attack” on elliptic curve cryptography to date.
- The demonstrated attack is significantly smaller than cryptographic standards used in real-world applications like Bitcoin.
- This event underscores the ongoing discussion and development in post-quantum cryptography for blockchain security.
Prior to Lelli’s success, Steve Tippeconnic, an engineer, broke a 6-bit elliptic curve key in September 2025 using IBM’s 133-qubit quantum computer. Project Eleven highlighted this as the first public demonstration of such a break on quantum hardware. Lelli’s 15-bit result represents a 512-fold increase in complexity over Tippeconnic’s achievement.
Project Eleven stated that Lelli employed a variation of Shor’s algorithm to derive a private key from its public counterpart, operating across a search space of 32,767 possibilities. Shor’s algorithm targets the Elliptic Curve Discrete Logarithm Problem (ECDLP), the mathematical foundation for digital signature schemes that secure major cryptocurrencies like Bitcoin and Ethereum, as well as most other blockchain networks.
It is important to note that Bitcoin’s security relies on 256-bit elliptic curve cryptography, a significantly larger key size than the 15-bit key successfully broken in this demonstration. While the gap between 15 bits and 256 bits is substantial, there is a growing perspective that this difference is primarily an engineering challenge rather than a fundamental physics limitation. However, consensus among experts regarding the timeline for quantum systems to reach real-world cryptographic relevance remains divided.
Potential Regulatory Precedent and Quantum Risks
The implications of quantum computing for the cryptocurrency sector have intensified in recent months. A Google Research paper estimated that breaking 256-bit elliptic curve cryptography might necessitate fewer than 500,000 physical qubits. Concurrently, a study from the California Institute of Technology and quantum startup Oratomic proposed a potentially lower requirement of around 10,000 qubits. Current quantum computing systems are still far from these theoretical thresholds.
Alex Pruden, CEO of Project Eleven, commented that “the resource requirements for this type of attack keep dropping, and the barrier to running it in practice is dropping with them.” He emphasized that Lelli’s demonstration highlights the imperative for an accelerated migration to post-quantum cryptography.
Project Eleven estimates that approximately 6.9 million Bitcoin are currently held in wallets where public keys are visible on the blockchain, potentially exposing them to quantum attacks should sufficiently powerful quantum systems become available. In response to these emerging threats, various blockchain projects have begun to implement safeguards. Developers of Bitcoin have proposed migration strategies, and other networks and companies, including Ethereum, Tron, StarkWare, and Ripple, have articulated plans concerning post-quantum cryptography.
Conversely, some industry analysts advise a measured approach. Research firm Bernstein recently suggested that quantum computing should be viewed as a medium to long-term technological upgrade rather than an immediate existential risk to the industry. Project Eleven, backed by prominent investors such as Castle Island Ventures, Coinbase Ventures, and Variant, secured $20 million in a Series A funding round earlier this year, achieving a post-money valuation of $120 million to advance its post-quantum security initiatives.
Original article : www.theblock.co