In the face of the Quantum Threat, Bitcoin Core developers have chosen to ignore it

Original Title: Bitcoin developers are mostly not concerned about quantum risk
Original Author: NIC CARTER
Translation: Peggy, BlockBeats

Editor's Note: Will quantum computing be the "next existential test" for Bitcoin? Around this question, the community is not lacking in researchers and technical solutions, but what ultimately determines the protocol's direction is always that small group of influential core developers.

This article systematically reviews the public stance of Bitcoin's key developers on quantum risk and finds that: at the highest levels of decision-making, quantum threat is still generally seen as a distant, theoretical issue rather than an engineering challenge requiring immediate attention. The continued efforts of a few researchers have not yet translated into consensus or action, and it is difficult to overcome the inertia of the core governance structure.

Below is the original text:

Recently, some Bitcoin developers have begun to push back against a viewpoint I and others have raised, namely that Bitcoin developers are not concerned about the risk posed by quantum computing.

It should be obvious to anyone who has seriously followed the discussion that on the issue of quantum computing, the majority of Bitcoin developers, weighted by influence, have either provided a long timeline or outright dismissed this threat. However, let us specifically examine Matt's statement.

I already knew that this was roughly the case, as I have always been following these discussions, but even after actually conducting this review, I am still surprised by the level of indifference displayed by those most important developers.

First, a brief explanation of the methodology: if you are not aware, the "power levers" in Bitcoin development are deliberately kept opaque. When Craig Wright engaged in legal harassment of Bitcoin developers, some chose to "step back" or "retire" but continued to contribute code to evade his legal maneuvering. The list of "Core Maintainers," those who actually push updates into Bitcoin Core, is not a list of the "most important Bitcoin figures" but merely individuals trusted to perform a bureaucratic task. Since Gavin Andresen, these individuals have deliberately distanced themselves from responsibility and ownership of Bitcoin. They repeatedly emphasize that they do not "control" Bitcoin but that everything is decided by a vague stakeholder consensus. They often use a Rousseau-esque vague language, claiming to represent the "will of the people."

Of course, they don't actually go out and ask every Bitcoin user worldwide if they agree to a change. The reality is this: if you can convince about five or six of the most influential developers that a change is crucial, then and only then will the change potentially be pushed through. This process itself is extremely difficult and very rare, so the result is that changes almost never happen. In the past decade, Bitcoin has only undergone two updates. It is precisely because of this structure that any change almost requires agreement from all the "important" people. As you can imagine, this leads to deadlock and inaction. So far, this state of affairs has barely functioned; however, when Bitcoin starts to face an uncertain but rapidly approaching threat and needs to make fairly drastic adjustments, this governance structure is precisely the most inappropriate. In the modern sense, Bitcoin has never truly faced an existential crisis; the last time a substantial survival issue arose (in 2010 and 2013), the governance structure was still central enough to swiftly roll out fixes.

Therefore, despite being almost "heretical" in the Bitcoin context, and undoubtedly annoying to developers because I am essentially revealing the "unstructured" governance reality they deliberately maintain, I still intend to try to assess: which developers hold the greatest "perceived authority."

(By way of background: I have been professionally researching Bitcoin for a decade, my master's thesis was on Bitcoin governance; I have provided funding support to Bitcoin development organizations through Castle Island; I have presented at multiple Bitcoin conferences; I have also met and interacted with many of the developers mentioned here in person. No one can truly draw a complete power map of Bitcoin governance, but I am closer to this reality than most.)

I understand that ranking Bitcoin developers by "influence" will undoubtedly upset many people, but for the sake of this analysis, this step is unavoidable. We must know who the real gatekeepers are to assess whether the most critical Bitcoin developers are genuinely prioritizing quantum risk. You can certainly question my ranking or propose another set of standards, but the only thing that matters is whether I have accurately identified those key threshold individuals.

The reason this is so difficult is precisely because Bitcoin developers intentionally keep the power structure opaque to the public. I have long been focused on this issue and have a relatively clear judgment on "who really matters," but even so, this remains an extremely challenging task. And there is only one reason for this: developers want it to remain difficult to see through.

The highlighted names are Maintainers. The list is not exhaustive and may contain errors. The influence ranking is my personal subjective judgment.

In my view, the most important Bitcoin developers/founders include: Pieter Wuille (undoubtedly at the top), Greg Maxwell, Jonas Nick, Anthony Towns, Adam Back, Alex Morcos, Marco Falke, Andrew Poelstra, Mara van der Laan, and Peter Todd. Their affiliations are listed in the table below.

Pieter Wuille is a co-author of SegWit and the primary author of Taproot—Bitcoin's only two significant upgrades in the past decade. He created libsecp256k1, authored the Schnorr signature specification, and co-proposed BIP9. In terms of driving major technical changes, he is by far the most important Bitcoin developer to date, without question.

Mara van der Laan (formerly Wlad) served as the lead maintainer of Bitcoin Core from 2014–2021, officially "retiring" in 2023 but evidently re-engaged in some significant capacity.

Michael Ford is one of the longest-serving current Core maintainers. While not directly writing BIPs, his influence is considerable.

Andrew Poelstra is the most discreet among all "high-impact" developers, but his influence is profound—almost a "developer's developer," akin to the presence of Steely Dan. He is a co-author of Taproot and Schnorr implementations and has made significant contributions to the entire field of cryptography.

Morcos leads a significant developer organization, Chaincode. Michael Ford is currently one of the most productive Core maintainers. Greg Maxwell is a legendary and outspoken developer. Adam Back, referenced in the Bitcoin whitepaper, is a co-inventor of Hashcash and also the head of Blockstream.

Marco Falke was a highly active reviewer in Core, although he stepped down from the key maintainer role in 2023. Jonas Nick is one of the primary authors of Taproot. Peter Todd is a long-time active and widely-versed Bitcoin developer, credited with inventing important mechanisms like RBF, renowned for adversarial thinking, and preventing unsafe changes.

I would have included Luke Dashjr as well, but his recent influence has waned.

Each of the individuals mentioned here holds a significant amount of "soft power." Together, they determine whether an update will be taken seriously and eventually implemented. If you can't get nearly everyone on this list to agree that your update is "important," it's basically not going to happen. The so-called "High Priests of Bitcoin" that we often refer to are these people.¹

The other developers and thinkers in the latter part of the list are equally important—after all, it's just a few dozen people collectively safeguarding a trillion-dollar asset, and I have no intention of belittling their contributions—but in my view, they are not the gatekeepers. Nonetheless, their perspectives carry significant weight, so I'm listing them here as well.

How Key Bitcoin Developers View Quantum Risk

Let's start with the "High Priests."

Pieter Wuille, February 2025

I certainly agree there's currently no urgency; but if (and only if) the ability to break cryptography by a quantum computer becomes a reality, the entire ecosystem has no choice but to deactivate spending schemes that have been compromised, and this must be done before such a machine appears.

April 2025

I'm not convinced of the feasibility of Ethan Heilman's proposal, but I'm glad to see this line of thought and discussion.

July 2025

I think that, in at least the medium term, the main quantum-related threat to Bitcoin isn't the actual appearance of cryptographically relevant quantum computers (CRQCs) but whether people believe it might appear soon.

I'm not saying that such a machine will never appear; rather, the fear of its imminent appearance is likely to have an effect earlier and more significantly. It should be clear that I'm not advocating for any specific action—whether a BIP, a timeline, a technical path, or even whether action should be taken.

Pieter has been involved in the quantum risk discussion, but he doesn't see it as an urgent matter. He sees the issue more as people selling out of fear (which is indeed happening).

Mara van der Laan, June 2015

The most extreme scenario is: if secp256k1 or SHA256 were to exhibit a significant weakness, or if practical quantum computing has advanced to the point of being able to break that scale of discrete logs, I have no doubt everyone would unanimously agree to introduce new cryptographic algorithms.

Mara has long served as a Bitcoin Core maintainer, later retiring and returning. She has mentioned quantum concerns in earlier writings, but has not explicitly stated whether she sees a risk.

Peter Todd, July 2025

Despite much talk about the progress of quantum computing hardware, the fact remains: no one is anywhere close to demonstrating a quantum computer with cryptographic capabilities. The cryptographic capabilities of real-world hardware are almost comical.

Whether they are physically feasible remains unknown; apart from some in the physics world hoping to sell you a quantum computer or secure research funding, the mainstream view is that they are not consistent with physical reality.

Adam Back, November 2025

Maybe 20–40 years away, or may not happen at all. Quantum-safe signatures already exist, and NIST standardized SLH-DSA last year. Bitcoin can progress with evaluation to gradually introduce them long before cryptographically relevant quantum computers appear.

While the organization led by Adam Back is indeed conducting post-quantum research, his personal assessment of the risk is: at least several decades away, no need for concern at all. He even publicly dismissed my concerns as FUD.

In my view, this attitude undermines the credibility of his organization's research output—if the CEO is making such statements, I find it hard to understand how Blockstream's research can still be used to demonstrate that "developers are concerned about quantum risk."

Gloria Zhao, August 2024

I believe people sometimes worry about quantum computers, and this concern is indeed more interesting on a 30–50 year time scale than worrying about AI attacking Bitcoin.

Greg Maxwell, December 2025

In a few discussions, Greg has touched on post-quantum signatures, but has not indicated his risk assessment. (I even went through his entire Reddit history.) Considering his consistently strong opinions, this silence is quite unusual.

Jonas Nick, February 2025

Thank you for your work on BIP360. I think now is a good time to develop and discuss specific post-quantum schemes.

Fortunately, Jonas is one of the most active post-quantum researchers in the Bitcoin community and has published papers on hash-based post-quantum signatures.

Anthony Towns discussed quantum attacks in 2018 but did not make a clear assessment of the risk.

Andrew Poelstra, while not publicly commenting on the risk, stated in 2021 that Taproot would not introduce quantum vulnerabilities.

To my knowledge, Alex Morcos, Michael Ford, and Marco Falke have never publicly mentioned quantum risk, so I assume they are not concerned (corrections welcome if wrong).

Summary

Overall, most influential Bitcoin developers have not even squarely acknowledged quantum risk. The few who do acknowledge the risk (excluding Jonas Nick) generally consider it theoretical, distant, or infeasible. Peter Todd and Adam Back explicitly deny the risk. Pieter Wuille acknowledges the issue, participates in discussions, but explicitly states it is not a current risk or priority.

Without buy-in from these individuals, any Bitcoin upgrade will fail.

The current conclusion is very simple: the most influential Bitcoin developers are not concerned about quantum risk.

Views from Other Bitcoin Developers

Luke Dashjr, December 2025

Quantum is not a real threat. Bitcoin has bigger problems to solve.

Luke expressly states that he does not see quantum as a threat. He has historically been one of the more influential and active Bitcoin developers, although today he is in opposition to the Core system.

Matt Corallo, March 2025

(In response to Jameson's "Against Allowing Quantum Recovery of Bitcoin") I think this provides us a very strong motivation to do "simple post-quantum cryptography (PQC)" today—though we need not make any decisions about 'whether to take over non-PQC coins' today, we want to have the option to in the future. For that option to be practical, wallets need to start embedding PQC public keys in their outputs at least a decade before any "takeover", giving us significant security margin far beyond that required for any other reason. And so, now seems like a time to add the simplest form of PQC we can—add a basic P_HASHBASEDSIG (likely SPHINCS+ for now) to tapscript to allow wallets to hide PQC keys (including in multisig) in their taptrees.

Matt Corallo does care and does see risk. However, he explicitly denies my assertion that the "most important developers don't care" and dismisses my criticism as "FUD." Perhaps Matt is privy to some inside information that I am not: perhaps behind closed doors, developers are indeed anxious about the quantum issue. But in public, they act as if there is absolutely no risk.

Robin Linus, July 2025

Dogs are scarier than quantum computers.

Robin is the author of BitVM and a respected researcher in the field.

Mark Erhardt (Murch), November 2025

Of all the things that could keep me up at night, quantum computers are definitely not one of them.
Most who consider the quantum threat imminent often do so to secure more funding to "burn" their research.
If we really see CRQC within 20 years, feel free to mock me.

Antoine Poinsot, March 2025

(Responding to my assertion about "influential BTC developers downplaying the threat") I feel that such exaggeration actually undermines your previously reasonable point about "uncertainty."
It also exacerbates the real threat I believe exists over the next decade: the perception itself that key stakeholders believe the quantum threat is imminent.

Olaoluwa Osuntokun (roasbeef), July 2025

Laolu presented on hash-based post-quantum signatures at the Presidio Bitcoin Quantum Summit. He maintained a strictly technical approach throughout, without assessing the level of risk.

Tadge Dryja, July 2025

(Responding to Jameson's post-quantum proposal) Of course, CRQC could pose a risk. However, this proposal goes in the opposite direction: preemptively disabling critical features and even pre-burning coins for something that may never happen.

Tim Ruffing, July 2025

Tim has published a paper titled "Taproot as Quantum-secure Commitment Scheme." However, as far as I know, he did not directly address the risk itself. What is noteworthy is that he started this kind of research very early, even publishing a paper on post-quantum secure transactions in 2017.

Gregory Sanders (instagibbs), December 2025

(In response to Scott Aaronson's comment on quantum risk) Evidence will speak for itself; I will naturally change my tune by then. Until then, I remain skeptical.

Jeremy Rubin, July 2021

Fun fact: Satoshi Nakamoto removed Bitcoin's post-quantum security in a hard fork in 2010.

The good news is: By re-enabling OP_CAT or a similar mechanism, Bitcoin can become quantum-secure again.

Jeremy was worried about the quantum issue long before most.

Amiti Uttarwar, January 2026

I find the discussion about the quantum threat very interesting. Several people whom I consider smart and who have been involved in the discussion for a long time believe that quantum poses an existential threat to Bitcoin.

Augustin Cruz, February 2025

In 2025, Augustin released a quantum migration proposal called QRAMP, but it was later retracted.

Mikhail Kudinov, 2025

Mikhail co-authored "Hash-based Signatures for Bitcoin," with a research agenda primarily focusing on post-quantum cryptography, so it is reasonable to assume he is very attentive to this.

Ethan Heilman, February 2025

I firmly believe that Bitcoin must transition to post-quantum signatures in the near future.

Ethan has proposed multiple post-quantum schemes for Bitcoin and recently became one of the signatories of BIP360. He is one of the most vocal advocates driving the post-quantum transition.

Jameson Lopp, July 2025

We aim to preserve the value of the UTXO set and minimize the incentive for quantum attacks. Bitcoin has never before faced a survivability threat to its cryptographic primitives. Once a quantum attack succeeds, it would result in severe economic disruption and damage to the entire ecosystem. NIST approved three post-quantum signature schemes for production use in 2024, and some academic roadmaps even estimate that cryptography-relevant quantum computers could appear as early as 2027–2030.

Jameson has also been very active in sounding the alarm on quantum risk: both pushing for formal migration plans and driving public discussions around "What happens to Satoshi's coins." While not strictly a Core developer, he is undoubtedly one of the most fervent advocates for the transition.

Jonas Schnelli, December 2025

(In response to a tweet saying "Quantum computers won't be arriving tomorrow") "All doomsayers about quantum's arrival, read this article."

Jonas is an influential former Core maintainer who has since stepped back from Bitcoin development. He tends to downplay risks.

Anthony Milton

Anthony is a low-key but highly active Bitcoin post-quantum researcher. He co-authored the seminal report "Bitcoin and Quantum Computing" at Chaincode and runs PQ-Bitcoin.org, advocating for Bitcoin upgrades.

Clara Shikhelman

Clara is the Head of Research at Chaincode, co-authored the quantum report with Anthony Milton, and co-operates PQ-Bitcoin with him.

Hunter Beast, December 2025

The industry roadmap, led by companies such as IBM, Google, Microsoft, Amazon, Intel, etc., indicates that quantum computers may break the ECDSA encryption scheme used for Bitcoin public-private key cryptography in 2–5 years.

Hunter is the lead researcher for BIP360 — the only named BIP aimed explicitly at advancing quantum migration.

The following influential figures have not recently commented on quantum risk:

Satoshi Nakamoto (last discussed: 2010)

Gavin Andresen (last discussed: 2010)

Hal Finney

Mara Van Der Laan (last discussed: 2015)

Marco Falke

Michael Ford (fanquake)

Hennadii Stepanov (hebasto)

Ryan Yanofsky (ryanofsky)

TheCharlatan

Alex Morcos

Ava Chow (last discussed: 2019)

Suhas Daftuar

Neha Narula

Samuel Dobson (meshcollider)

Rusty Russell

Gleb Naumenko

Cory Fields (cfields)

Main Question: How do Bitcoin developers collectively view quantum risk?

Based on my initially influence-ranked list of developers and the above compilation of public statements, we can now finally answer this question: With influence-weighting, how concerned are Bitcoin developers overall about quantum risk?

This is the conclusion to be drawn next.

Unfortunately, those at the top, the key developers truly deciding whether Bitcoin will undergo an update, almost unanimously believe that there is no imminent threat, with Jonas Nick being the sole exception.

As a bona fide "number one" key developer, Pieter Wuille has participated in discussions on quantum issues multiple times, but he similarly believes that there is currently no real-world risk.

Among developers in the medium-impact category, a fairly diverse range of views can be seen. On one hand, there is a group of researchers focusing on quantum issues, such as Hunter Beast, Jameson Lopp, Clara Shikhelman, Anthony Milton, Ethan Heilman, Mikhail Kudinov, Augustin Cruz, Laolu, and Tim Ruffing.

On the other hand, there are also some Core maintainers holding actual power who remain silent on this threat, or some well-known developers—such as Luke Dashjr, Greg Sanders, Jonas Schnelli, or Tadge Dryja—who explicitly play down or even deny the quantum risk.

Although the work of researchers like Hunter Beast, Anthony Milton, Jonas Nick, and Jameson Lopp is crucial, these achievements have not gained any substantial traction among the top-tier, elite "gatekeeper" developers. Don't believe it? Just look at the reactions on the mailing list when Hunter announced a major update to BIP360—there was only one reply. The roadmap proposed by Hunter similarly only received polite responses, with no follow-up action. Nothing will happen until the most influential developers officially express support for a proposal.

Conclusion

If you have read this far, the conclusion should be very clear by now: in the developer community that truly decides whether the protocol changes, the quantum issue is seen as a theoretical, distant, and even speculative problem, rather than a real-world challenge that is happening and needs to be engineered.

Peter Todd, Adam Back, and Luke Dashjr explicitly deny its feasibility or real-world relevance; Pieter Wuille, Gloria Zhao, and Adam Back define the quantum issue as a concern that will not need to be addressed for at least 30-50 years; Van der Laan, Poelstra, Maxwell, Towns, Morcos, Falke, among others, either have not expressed a stance or refuse to engage in public discussions.

In the most critical group of individuals, only Jonas Nick has explicitly expressed concerns.

A truly serious focus lies below the power line. Researchers like Heilman, Shikhelman, and Milton are putting real effort into this work; Lopp is also actively and rationally driving the discussion — a point I wholeheartedly agree with. Hunter Beast and their team are the most practically involved, attempting to address a specific aspect of the problem through a named BIP (the quantum vulnerability of Taproot signatures). However, as of now, BIP360 has faced outright apathy from the "decision-makers."

Do not be misled by Adam Back or Matt Corallo's statements. There is indeed a pathological indifference among the most influential Bitcoin developers. Despite a few bright spots, overall, quantum migration is clearly not a priority for Bitcoin Core and its main development funding organizations.

[Original Article Link]