Taurus: Quantum breach would crash Bitcoin before theft

Swiss custody firm Taurus released a report arguing a quantum computer capable of breaking Bitcoin’s elliptic curve signatures would likely trigger a rapid market sell-off that collapses prices before forged transactions can be confirmed on-chain. The report focuses on the elliptic curve digital signature algorithm (ECDSA) and Shor’s algorithm, which can in theory recover private keys from public keys.

Taurus notes the economics work against an attacker. Bitcoin trades near $66,781, with a market value above $1.3 trillion, and the firm models that public knowledge of a machine able to break ECDSA would prompt immediate and large-scale selling, erasing the value an attacker could capture before a forged transaction clears.

The report says a nation-state with the capability would have more valuable options than trying to extract value from a collapsing asset. It highlights encrypted archives, long-term contracts and confidential messages as targets that retain value once decrypted. Adversaries can record such data now and decrypt it later, a tactic described as “harvest now, decrypt later.” Public Bitcoin transactions are not well suited to that approach because their economic value would evaporate quickly if the attack capability became public.

Two technical papers published in late March 2026, including an estimate from Google Quantum AI, reduced the projected quantum hardware resources needed to break elliptic curve cryptography. Taurus says those results narrow the hardware gap and increase urgency for organizations handling sensitive encrypted data.

The report references guidance from the U.S. National Institute of Standards and Technology that deprecates current public-key encryption after 2030 and disallows it after 2035. Replacement algorithms are already being implemented in major software packages.

To manage risk, Taurus recommends custodians and service providers pursue crypto-agility — the ability to switch algorithms quickly at layers they control — update key management practices and prepare migration plans. The report adds that no single custodian can promise full quantum protection because the blockchain operates outside any one firm’s control.

“A computer that could break Bitcoin would almost certainly not be used to steal it. If such a machine became known, prices would collapse before any theft occurred,” the report reads.