SilkForgeAi

11

₿it⚡️Dov@bitdov·2d

@SilkForgeAi Probably because the other guy is their cousin or something

English

Project Eleven@projecteleven

0

2

32

Conor Deegan@conordeegan·4d

We awarded the Q-Day Prize today to Giancarlo Lelli for breaking a 15-bit elliptic curve key on a publicly accessible quantum computer. They derived a private key from its public key using a variant of Shors across 32,767 candidates on cloud-accessible hardware. This is the largest public demonstration of this attack class to date. The reason we created this prize a year ago was that there has never been an objective public measurement of where quantum attacks on ECC actually stand. The state of the art has been inferred from whitepapers, conference slides, and whatever could be triangulated from rumour or private disclosures. What we know publicly is now grounded in a reproducible result on real hardware. Whatever comes next has to exceed 15 bits under those same conditions, and anyone can verify it. The most common response to a result at this scale is that 15 bits is nowhere near 256 bits and therefore is fine. That reasoning is wrong (unfortunately not FUD/alarmist just physics). The distance from 15 to 256 bits is not a linear slog. Shors algorithm is polynomial in the number of bits being attacked. The logical qubit requirement grows roughly linearly with key size, and once you have fault-tolerant logical qubits the limiting factor is manufacturing and error-correction overhead rather than any new physics. Progress is gated by thresholds and not by brute-forcing the search space one bit at a time. The intuition people borrow from classical key search does not apply here and it is the single biggest source of confusion we encounter. Looking at the research, Googles recent paper put breaking 256 bit keys at under 500,000 physical qubits. The subsequent Caltech and Oratomic paper dropped that down to roughly 10,000 in a neutral-atom architecture. The remaining gap is increasingly an engineering problem rather than a fundamental physics problem. I am not claiming anyone is about to break Bitcoin next week and the uncertainty on the timeline is genuine but the trajectory is objectively clear. Around 6.9 million Bitcoin sit in wallets with exposed public keys. Google and Cloudflare have committed to being quantum-secure by 2029. The rational response to an objective measurement like this one is to stop arguing about whether the threat is real and start moving keys

Project Eleven Awards 1 BTC Q-Day Prize for Largest Quantum Attack on Elliptic Curve Cryptography to Date Researcher breaks 15-bit ECC key on publicly accessible quantum hardware in a 512x jump from the previous public demonstration. Project Eleven today awarded the Q-Day Prize, a one Bitcoin bounty, to Giancarlo Lelli for breaking a 15-bit elliptic curve key on a publicly accessible quantum computer. The result is the largest public demonstration to date of the attack class that threatens Bitcoin, Ethereum, and over $2.5 trillion in ECC-secured digital assets. "The resource requirements for this type of attack keep dropping, and the barrier to running it in practice is dropping with them," said @apruden08, CEO of Project Eleven. "The winning submission came from an independent researcher working on cloud-accessible hardware. No national lab, no private chip. It shows that tangible progress is possible and highlights the urgency to migrate to post-quantum cryptography sooner rather than later. Google just committed to being quantum-secure by 2029. The window to get ahead of this is closing.” Lelli derived a private key from its public key across a search space of 32,767 using a variant of Shor’s algorithm. Shor's targets the Elliptic Curve Discrete Logarithm Problem (ECDLP), the math underlying the digital signature schemes securing Bitcoin, Ethereum, and most blockchains. Quantum attacks on ECC have moved from theory to practice over the last seven months. Steve Tippeconnic's 6-bit demonstration in September 2025 was the first public break on quantum hardware. Lelli's 15-bit result extends it by a factor of 512. Theoretical resource estimates for a full 256-bit attack, the scale Bitcoin operates at, have fallen sharply over the same period. Google's April 2026 whitepaper put the requirement at under 500,000 physical qubits. A subsequent paper from Caltech and Oratomic brought that figure as low as 10,000 qubits in a neutral-atom architecture. Lelli's result is the practical counterpart to those optimizations. The distance from 15 bits to 256 bits is large, but the gap is increasingly viewed as an engineering problem and not a fundamental physics problem. Roughly 6.9 million Bitcoin sit in wallets whose public keys are visible on-chain, exposing them to quantum attack. All blockchains using ECC share similar risks with vulnerable assets. Project Eleven is developing its next challenge, focused on the intersection of frontier AI models and quantum cryptanalysis.

English

25

15

70

56.2K

SilkForgeAi@SilkForgeAi·2d

@Dragonique91 @stevetipp This is exactly right. real quantum patterns ARE visible at small bit sizes. The histograms show genuine period structure. The problem with the awarded submission is specifically at 16-17 bit where circuit fidelity is 10^(-214) — the signal is completely destroyed by noise at that scale. /dev/urandom produces identical results. Real signal exists. Just not at the scale that won the prize.

English

3

178

DRAGONIQUE Aimen@Dragonique91·2d

@stevetipp @SilkForgeAi Yes The Patterns Are 100% Realistic i Tryed Both Algos Shor & RegeV They Both Shows Clear Pattrens for Small Sized Bits Mybe Until 18-bit But The Post-Processing of Finding Period == Continued Fractions Hard to Detect it Due To Noize Quantum Machines .

English

3

2

3

178

SilkForgeAi@SilkForgeAi·2d

@CraigGidney Thank you for this. You called it exactly right a year ago. I submitted a 16-bit result before the deadline using CDKM ripple-carry adders — the approach you cite as cheaper and better. Real IBM job IDs, independently verifiable, documented signal decay model the So-Called Winner even Stole directly from my Repo Word for word. My architecture predates the winner’s identical implementation by 107 days in the git history. The competition failed — but the scientific work is real. ArXiv paper coming. Job ID: d78mud3c6das739i2rlg .l github.com/SilkForgeAi/QD…

English

5

1

27

2.8K

Craig Gidney@CraigGidney·3d

Blog post: "The predictable failure of the QDay Prize" algassert.com/post/2601

English

15

53

274

171.2K

SilkForgeAi@SilkForgeAi·3d

@aas_ker Stoning

English

Bitcoin News@BitcoinNewsCom

27

`@aas_ker·4d

without telling me your age… what was the very FIRST video game you ever played????

English

3.5K

32

1.7K

294.8K

SilkForgeAi retweetledi

Bitcoin News@BitcoinNewsCom·3d

CORRECTION: LARGEST “QUANTUM” ATTACK ON BITCOIN CRYPTOGRAPHY WAS JUST BRUTE FORCE WITH A CLASSICAL COMPUTER Project Eleven just paid out 1 BTC for what they call the biggest quantum break of elliptic curve cryptography to date. However, the quantum computer didn’t actually break anything. The key they “cracked” was tiny, so small a normal laptop can solve it in microseconds. This contradicts the claim that a quantum machine did it using advanced math. In fact, the quantum output is basically random noise. Instead of the quantum computer finding the answer, a classical computer just keeps guessing and checking until it gets lucky. @_jonasschnelli_ replicated the entire process in ~20 lines of Python with no quantum computer required. What’s really happening is that the system spits out random guesses, a normal computer checks each guess, and when it finds the right one, it calls it a “quantum success.” A breakthrough in quantum cryptography did not happen. They brute-forced a tiny key, infinitely smaller than what protects Bitcoin.

LARGEST QUANTUM ATTACK ON ELLIPTIC CURVE CRYPTOGRAPHY TO DATE Project Eleven awarded its 1 BTC “Q-Day Prize” to Giancarlo Lelli for breaking a 15-bit elliptic curve key on a public quantum computer, the largest real-world demonstration yet of an attack class that could threaten ECC-based systems. The attack used a variant of Shor’s algorithm to solve the elliptic curve discrete logarithm problem, the cryptographic foundation behind Bitcoin. This builds on a 6-bit quantum break in 2025 and represents a 512x increase in complexity. While still far from Bitcoin’s 256-bit security, researchers say the gap is increasingly an engineering challenge, not a theoretical one. Estimates for breaking full-scale keys have dropped sharply, with recent studies suggesting it could require as few as 10,000 to 500,000 qubits. Roughly 6.9M BTC sit in wallets with exposed public keys, making them theoretically vulnerable if quantum capabilities scale. Experts stress this does not pose an immediate threat to Bitcoin today, but underscores growing urgency around post-quantum cryptography.

English

47

68

318

55.2K

SilkForgeAi@SilkForgeAi·3d

An ArXiv paper is coming. Shor’s algorithm for ECDLP on real IBM Quantum hardware — the most complete public documentation of this attack class to date. Competition submission (before April 5 deadline): 9-bit through 16-bit — all IBM job IDs publicly verifiable. Post-deadline, out of curiosity: 17-bit — 100,000 shots — 4,866 seconds on ibm_fez 18-bit — 500,000 shots — 4,866 seconds on ibm_fez Every result EC-verified. d×G = Q confirmed. Full signal decay model. Complete scaling progression. I am a self-taught independent researcher. No institution. No lab. No funding. github.com/SilkForgeAi/QD… The work speaks for itself.

English

5

202

SilkForgeAi@SilkForgeAi·3d

@JeremyRubin @nvk @yuvadm They blocked me when I asked them to review the submissions. Myself and others ran his code. No quantum at all. This was obviously staged. No response whatsoever

English

22

248

my@JeremyRubin·4d

@SilkForgeAi @nvk @yuvadm weird why didn't they award you?

English

0

8

332

nvk 🌞@nvk·4d

You are being mislead by Project Eleven on Bitcoin Quantum and their new claim. Part 4: Every "Quantum ECDLP" Demo Is Theater. Here's the Proof. bitcoinquantum.space/part4/ I read the code behind the latest Shor's algorithm "breakthrough." Three fatal problems: 1. The private key is classically solved before the quantum circuit even runs. enumerate_group(G) brute-forces the discrete log, then bakes d*2^i as compile-time constants into the adders. The quantum computer isn't finding anything — it's being told the answer. 2. The "recovery" is a classical verify filter. Every shot is checked against d*G == Q. The candidates dict has at most one entry. The "mode across all shots" language is rhetorical — there's nothing to take a mode over. 3. The 17-bit "success" has a 27% chance from pure random noise. Author concedes fidelity ≈ 10^-244. All 20,000 shots produce unique bitstrings. Under uniform noise with a classical verify filter: P(hit) ≈ 1 - e^(-20000/65173) ≈ 27%. That's a coin flip weighted slightly worse than heads. A real Shor-for-ECDLP needs coordinate-encoded reversible arithmetic (no classical lookup of d) and continued-fraction recovery (no per-shot verify filter). Nobody has demonstrated this beyond p=13. Current qubit requirements for secp256k1: 1,193-1,450 logical qubits (CFS, Google QAI 2026). Current hardware: 48 logical. The gap is 25x. The quantum threat to Bitcoin is real but distant. The demos making headlines today are classical computations wearing quantum costumes.

English

19

65

331

39.3K

SilkForgeAi retweetledi

ASTEROID RADIO 🍎@A5T3R0lD·3d

PROJECT 11 FAKE CONTEST?

SilkForgeAi@SilkForgeAi

@nvk Your technical breakdown is correct. But there’s a deeper problem nobody has covered yet. Lelli stole my code word for word. MY load() — committed December 20, 2025: def load(c_val, ctrl_q): for i in range(m1): if (c_val >> i) & 1: qc.cx(ctrl_q, a_reg[i]) HIS load() — committed April 5, 2026 at 9:23 AM: def load(val, ctrl_q): for i in range(m1): if (val >> i) & 1: qc.cx(ctrl_q, anc[i]) MY README: ‘incurs 26-33x CX overhead after routing on IBM heavy-hex topology’ HIS README: ‘vs 26-33x for QFT-based adders on IBM heavy-hex topology’ MY formula: correction_val = (1 << m1) - n HIS formula: correction = (1 << m1) - n This figure appears in no published paper. I derived it empirically. He copied it verbatim. His CDKM code didn’t exist until 9:23 AM deadline morning. My repo has been public since December 2025. I submitted 16-bit before the deadline with real IBM job IDs. His don’t exist on the instance he claims. @projecteleven blocked me when I raised this. github.com/SilkForgeAi/QD…

English

1

4

918

SilkForgeAi retweetledi

Alex B 👾@bergealex4·4d

found the actual picture of Giancarlo Lelli

SilkForgeAi@SilkForgeAi

@nvk Your technical breakdown is correct. But there’s a deeper problem nobody has covered yet. Lelli stole my code word for word. MY load() — committed December 20, 2025: def load(c_val, ctrl_q): for i in range(m1): if (c_val >> i) & 1: qc.cx(ctrl_q, a_reg[i]) HIS load() — committed April 5, 2026 at 9:23 AM: def load(val, ctrl_q): for i in range(m1): if (val >> i) & 1: qc.cx(ctrl_q, anc[i]) MY README: ‘incurs 26-33x CX overhead after routing on IBM heavy-hex topology’ HIS README: ‘vs 26-33x for QFT-based adders on IBM heavy-hex topology’ MY formula: correction_val = (1 << m1) - n HIS formula: correction = (1 << m1) - n This figure appears in no published paper. I derived it empirically. He copied it verbatim. His CDKM code didn’t exist until 9:23 AM deadline morning. My repo has been public since December 2025. I submitted 16-bit before the deadline with real IBM job IDs. His don’t exist on the instance he claims. @projecteleven blocked me when I raised this. github.com/SilkForgeAi/QD…

English

3

1

20

1.7K

SilkForgeAi retweetledi

Brian D Nibley@BDNcontent·4d

I just published a video about the latest quantum Bitcoin Fud: youtube.com/watch?v=EAKXUR… #bitcoin #quantum #quantumfud

YouTube

English

1

5

292

SilkForgeAi@SilkForgeAi·4d

The simple version of this story is: A VC-backed company — Project Eleven — raised $20 million scaring people about quantum computers breaking Bitcoin. They ran a competition to prove quantum computers are getting closer to doing it. They awarded $78,000 to someone whose results a basic laptop can replicate in seconds. An independent researcher — me, no university, no lab, no funding — actually ran real quantum hardware and submitted a bigger result before the deadline. They blocked me when I raised the evidence. For your beginner video the three points that land without any technical knowledge: 1. The winning result works identically with a random number generator. @yuvadm proved this publicly. No quantum computer needed. 2. A $20M company awarded their own prize and blocked the person who actually did the work. 3. Their entire business depends on people being afraid of quantum computers breaking Bitcoin. A fraudulent prize serves that fear. A legitimate result from an unknown independent researcher does not. For your advanced follow-up I can give you everything: — Side by side code comparison proving word for word copying — Git timestamps proving my code predates his by 3.5 months — IBM job IDs proving real hardware vs fabricated results — The mathematical proof that his results are classical noise — NVK's full technical breakdown — Yuval's /dev/urandom proof — P11's own rubric showing my submission scores 20/20 The beginner message is simple: they lied, they got caught, and they blocked the person who told the truth. DM me anytime. I'll give you everything you need for both videos.

English

24

Brian D Nibley@BDNcontent·4d

lol what a joke this whole thing is. Most of my content is beginner-friendly, so this first video will mostly avoid the deep tech details. I'll dedicate the follow up to providing a more advanced analysis, more proof, and more research. For now I'm just getting the message across that this entire thing amounts to disinformation, and also going through the topic I already had developed which is about the impracticalities of conducting a large scale QC attack, even if the tech was 100% ready and capable.

English

0

12

SilkForgeAi@SilkForgeAi·4d

Exactly right — and that's precisely why what happened here matters. secp256k1 is Bitcoin's curve: y² = x³ + 7 over a prime field. 256-bit key space. Roughly 2²⁵⁶ possible private keys. Classically unbreakable. Here's what people need to understand: ALL of P11's competition curves use the EXACT same equation — y² = x³ + 7. Same family as secp256k1. Just smaller prime fields for testing. My 16-bit result: y² = x³ + 7 over GF(32,803) Bitcoin's key: y² = x³ + 7 over GF(2²⁵⁶) Same curve. Astronomically different scale. Nobody claimed to break Bitcoin. The competition explicitly asked for TOY versions of secp256k1 — starting at 1-bit and going up to 25-bit. What WAS being tested: can Shor's algorithm actually execute on real quantum hardware against this curve family at all? The answer from my submission: YES — with verifiable IBM job IDs proving real quantum hardware execution. The answer from the awarded submission: NO — @yuvadm proved /dev/urandom replicates the results without any quantum computer. The gap between 16-bit and 256-bit is enormous. But the architectural insight — CDKM carry-ripple matching IBM's heavy-hex topology — is the first real step toward understanding how that gap closes. That insight was mine. Published December 2025. Copied by the winner deadline morning. Job ID: d78mud3c6das739i2rlg — real hardware, real curve, real result.

English

1

18

SilkForgeAi@SilkForgeAi·4d

Today, we're thrilled to announce that Project Eleven has raised $20M in Series A funding, led by Castle Island Ventures with participation from Coinbase Ventures, Fin Capital, Variant, Quantonation, Nebular, Formation, Lattice Fund, Satstreet Ventures, Nascent Ventures, Balaji Srinivasan; and continued investment from Variant, Quantonation, Nebular, and Formation. heres the link blog.projecteleven.com/posts/announci…

English

1

9

1.2K

Brian D Nibley@BDNcontent·4d

@SilkForgeAi @grok can you find a source for the claim "Project Eleven took $20M from Coinbase Ventures, Castle Island, and Balaji" ?

English

0

3

1.4K

SilkForgeAi@SilkForgeAi·4d

Let me make this simple for everyone. A $78,000 prize was just awarded to someone who: ❌ Copied my code word for word ❌ Has job IDs that don’t exist ❌ Produced results a laptop can replicate in seconds ❌ Has no timestamps in any execution log ❌ Committed the winning code at 9:23 AM on deadline morning — from MY public repo ❌ The awarded 15-bit result doesn’t even exist in his repo I submitted a BIGGER result the day before the deadline: ✅ 16-bit ECC key recovered ✅ Real IBM Quantum hardware — ibm_fez ✅ Job ID: d78mud3c6das739i2rlg — anyone can verify this right now ✅ Submitted April 4 — one day before deadline ✅ Their exact curve. Their exact key. EC-verified. @yuvadm just proved the winner’s “quantum” result works identically with a random number generator. No quantum computer needed. I used REAL quantum hardware. I submitted FIRST. I broke a BIGGER key. Project Eleven took $20M from Coinbase Ventures, Castle Island, and Balaji — then awarded their own prize to stolen code and fake results. They blocked me on X when I asked why. This isn’t about quantum. This is about fraud. github.com/SilkForgeAi/QD… Job ID verifiable: quantum.ibm.com @BitcoinNews @DecryptMedia @CoinDesk @coinbase @Balajis @NicCarter

English

13

41

227

32.2K

SilkForgeAi@SilkForgeAi·4d

@BDNcontent Of course. I’ll dm you!

English

0

13

1K

Brian D Nibley@BDNcontent·4d

@SilkForgeAi Thanks for posting this. I'm making a video about quantum FUD so need all the info on this I can get. It's a stroke of fate that this story broke on this day when I was already planning on making a video on the subject.

English

1

28

1.2K

SilkForgeAi@SilkForgeAi·4d

@HeadlessRadio The simulator file uses d for testing — that’s standard practice to verify circuit correctness. The hardware submission uses powers of G and Q as public constants. Lelli’s group enumeration classically solves ECDLP before the quantum circuit runs — point_to_index[Q] returns d. That’s the definition of a classical solve. Also — his job IDs don’t exist and his code was committed from my public repo on deadline morning

English

1

79

Justin Hughes@HeadlessRadio·4d

@SilkForgeAi @projecteleven As a runner-up(14 bit submission) your code in that repo builds the circuit from the private key. It's recovery from a planted answer and not a solve via math. Lelli's uses a lookup table so it has limits, but it does actually generate the key in output without being input.

English

Jimmy Song (송재준)@jimmysong

0

1

96

Project Eleven@projecteleven·4d

Project Eleven Awards 1 BTC Q-Day Prize for Largest Quantum Attack on Elliptic Curve Cryptography to Date Researcher breaks 15-bit ECC key on publicly accessible quantum hardware in a 512x jump from the previous public demonstration. Project Eleven today awarded the Q-Day Prize, a one Bitcoin bounty, to Giancarlo Lelli for breaking a 15-bit elliptic curve key on a publicly accessible quantum computer. The result is the largest public demonstration to date of the attack class that threatens Bitcoin, Ethereum, and over $2.5 trillion in ECC-secured digital assets. "The resource requirements for this type of attack keep dropping, and the barrier to running it in practice is dropping with them," said @apruden08, CEO of Project Eleven. "The winning submission came from an independent researcher working on cloud-accessible hardware. No national lab, no private chip. It shows that tangible progress is possible and highlights the urgency to migrate to post-quantum cryptography sooner rather than later. Google just committed to being quantum-secure by 2029. The window to get ahead of this is closing.” Lelli derived a private key from its public key across a search space of 32,767 using a variant of Shor’s algorithm. Shor's targets the Elliptic Curve Discrete Logarithm Problem (ECDLP), the math underlying the digital signature schemes securing Bitcoin, Ethereum, and most blockchains. Quantum attacks on ECC have moved from theory to practice over the last seven months. Steve Tippeconnic's 6-bit demonstration in September 2025 was the first public break on quantum hardware. Lelli's 15-bit result extends it by a factor of 512. Theoretical resource estimates for a full 256-bit attack, the scale Bitcoin operates at, have fallen sharply over the same period. Google's April 2026 whitepaper put the requirement at under 500,000 physical qubits. A subsequent paper from Caltech and Oratomic brought that figure as low as 10,000 qubits in a neutral-atom architecture. Lelli's result is the practical counterpart to those optimizations. The distance from 15 bits to 256 bits is large, but the gap is increasingly viewed as an engineering problem and not a fundamental physics problem. Roughly 6.9 million Bitcoin sit in wallets whose public keys are visible on-chain, exposing them to quantum attack. All blockchains using ECC share similar risks with vulnerable assets. Project Eleven is developing its next challenge, focused on the intersection of frontier AI models and quantum cryptanalysis.

English

127

91

328

592.7K

SilkForgeAi@SilkForgeAi·4d

@projecteleven blocked me when I raised this. @nvk just published a full technical breakdown confirming the theater.

Reference Tweet: x.com/SilkForgeAi/st…

English

1

17

SilkForgeAi retweetledi

Jimmy Song (송재준)@jimmysong·4d

Reference Tweet: x.com/SilkForgeAi/st…

SilkForgeAi@SilkForgeAi

Let me make this simple for everyone. A $78,000 prize was just awarded to someone who: ❌ Copied my code word for word ❌ Has job IDs that don’t exist ❌ Produced results a laptop can replicate in seconds ❌ Has no timestamps in any execution log ❌ Committed the winning code at 9:23 AM on deadline morning — from MY public repo ❌ The awarded 15-bit result doesn’t even exist in his repo I submitted a BIGGER result the day before the deadline: ✅ 16-bit ECC key recovered ✅ Real IBM Quantum hardware — ibm_fez ✅ Job ID: d78mud3c6das739i2rlg — anyone can verify this right now ✅ Submitted April 4 — one day before deadline ✅ Their exact curve. Their exact key. EC-verified. @yuvadm just proved the winner’s “quantum” result works identically with a random number generator. No quantum computer needed. I used REAL quantum hardware. I submitted FIRST. I broke a BIGGER key. Project Eleven took $20M from Coinbase Ventures, Castle Island, and Balaji — then awarded their own prize to stolen code and fake results. They blocked me on X when I asked why. This isn’t about quantum. This is about fraud. github.com/SilkForgeAi/QD… Job ID verifiable: quantum.ibm.com @BitcoinNews @DecryptMedia @CoinDesk @coinbase @Balajis @NicCarter

English