Hubert

you might be down bad but at least you're not in this photo

Respectfully Saylor is wrong here on quantum. Specifically, he is wrong on four claims (I'm only focusing on the technical ones). Let me walk through each one. Claim 1: The consensus of the cyber security community is that quantum is not a threat for the next 10 years and thus no immediate action is needed. There is no such consensus. The opposite is true: every major national security and standards body in the world is actively mandating post-quantum migration right now, because the migrations themselves take a decade or more. NSA CNSA 2.0 requires all new National Security Systems to be quantum-safe before 2035 with most of that work being done in the next 5. NIST published finalized PQC standards (ML-KEM, ML-DSA, SLH-DSA) in August 2024 and released IR 8547 setting a target to deprecate all quantum-vulnerable public-key algorithms after 2030 and disallow completely by 2035. The UK NCSC set migration milestones for 2028, 2031, and 2035. These are not responses to a distant hypothetical. These are programs with compliance deadlines because the organizations that set them have concluded that starting now is barely early enough. Historically, it has taken a long time from the moment that a new algorithm is standardized until it is fully integrated into information systems. Past cryptographic migrations confirm this. The SHA-1 deprecation took about 7 years. The AES migration took around 5 years. The TLS 1.3 rollout took 3-5 years despite offering clear performance benefits. NIST has already concluded that PQC migration is fundamentally more complex than any of these precedents. The timeline argument ignores harvest-now-decrypt-later entirely. Adversaries are collecting encrypted data today for future decryption. The U.S. Federal Reserve published an analysis of this in September 2025, using Bitcoin as a case study. The threat is already active. Claim 2: When quantum hits, everything upgrades; banks, the internet, defense, Bitcoin. The internet is already upgrading. 52% of human web traffic on Cloudflare used post-quantum key exchange by December 2025, nearly doubling from 29% at the start of the year. Chrome ships ML-KEM for TLS. Apple enabled PQ TLS in iOS 26. OpenSSH has defaulted to post-quantum key agreement since version 9.0. Signal has post-quantum encryption. AWS and Google Cloud support PQC in their KMS products. Apple added ML-DSA and ML-KEM to CryptoKit as production APIs. Banks and payment networks are centralized. Visa pushes a firmware update or SWIFT changes a protocol spec. TLS upgrades are invisible to end users (if you use Chrome you use a TLS version that supports post-quantum and you didn't even know). These systems can and will migrate without their customers doing anything. Bitcoin cannot do this. Bitcoin requires a fork with global decentralized consensus. A PQC signature migration is categorically harder than previous forks: ML-DSA-44 signatures are 2,420 bytes versus 64 bytes for Schnorr, a 38x increase that breaks Bitcoin's existing SegWit weight economics, Script stack limits (520-byte maximum), and transaction propagation assumptions. A single ML-DSA-44 signature plus public key is several times larger than an entire typical single-input P2WPKH spend today. BIP-360 and QBIP exist as (great) proposals. Sadly, neither has an activation timeline. Enterprise PQC migration is much easier. These are organizations with executive authority to mandate changes, dedicated security teams, and established procurement processes. Bitcoin has none of these. Blockchain governance is structurally slower than centralized governance. The "everything upgrades together" framing also ignores the permanently exposed key problem. When banks upgrade TLS, old sessions don't matter, they were ephemeral. When Bitcoin upgrades, the ~6.9 million BTC with already-exposed public keys on the immutable ledger are still sitting there. You cannot un-publish a public key from a blockchain. Those coins need to be actively moved by their owners to new quantum-safe addresses. Approximately 1.72 million BTC in P2PK addresses, including Satoshi's estimated 1.1 million BTC, are likely permanently exposed because the private keys are lost. There is no banking equivalent to this. Banks do not maintain a public, permanent, immutable record of every customer's authentication key going back 17 years. Claim 3: Digital assets have the most advanced cryptographic security; more than banking, credit cards, stocks, etc This conflates trustlessness with cryptographic strength. They are not the same property. Bitcoin uses ECDSA over secp256k1. Your bank's TLS connection uses ECDHE over P-256 or X25519. These are the same class of cryptographic primitive, elliptic curve schemes whose security rests on the hardness of the discrete logarithm problem. Shors algorithm breaks both identically. Neither is "more advanced" than the other. What differs is what we call the defense-in-depth architecture around that primitive. A credit card tap-to-pay transaction involves: TLS with ephemeral key exchange, an EMV chip with hardware-bound keys in a certified secure element, tokenization so the merchant never sees the real card number, session-based key rotation, fraud detection, transaction reversal capability, and regulatory insurance. A Bitcoin transaction involves: one ECDSA signature. That is the entire authorization layer. No fraud department, no chargeback, no identity verification layer that can distinguish a legitimate owner from a quantum attacker holding the same derived private key. Once a forged signature is accepted by consensus, the transfer is irreversible. The systems Saylor describes as less secure are, in fact, already deploying post-quantum protections that Bitcoin has not yet started. They can do this because they are centralized. Bitcoin's decentralization, its core value proposition, is precisely what makes its quantum migration harder, slower, and later than every system he compared it to. Claim 4: The crypto community will be the first to spot the threat and move. This assumes a CRQC will be publicly announced. Nation-state adversaries have zero incentive to disclose a quantum capability. The entire intelligence value of a CRQC is that no one knows you have it. You harvest quietly, you decrypt quietly, you exploit quietly. What would "spotting it" look like on Bitcoin? A quantum attacker does not exploit a bug, bypass a firewall, or compromise a server. They produce valid signatures indistinguishable from the legitimate owner's, because mathematically, they hold the same key. If an attacker begins draining P2PK addresses, each theft is a correctly signed transaction. There is no intrusion detection system for the Bitcoin blockchain. Transactions are valid or they aren't. By the time someone notices a pattern across thousands of UTXOs, the damage is done and irreversible. And the empirical record directly contradicts the "first to move" claim. The current state of readiness: one BIP with no activation timeline, an ongoing debate about whether to freeze Satoshi's coins, and a quantum-vulnerable exposure surface that is only going up. The exposure is increasing, not decreasing, because address reuse continues to add more and more BTC to the vulnerable set. Meanwhile, the rest of the internet has already deployed PQC to billions of users without anyone noticing. Where things actually stand We maintain the Bitcoin Risq List, an open-source, continuously updated tracker of quantum-vulnerable Bitcoin at the address level. As of block height 936,882 (February 2026): approximately 6.9 million BTC across 13.9 million addresses have exposed public keys. Solana is 100% quantum-vulnerable as their address structure exposes the full public key. Deloitte's analysis found 65% of Ethereum is in quantum-vulnerable accounts. The internet started its post-quantum transition in 2022. National security systems have a 2027 compliance mandate. NIST targets deprecating and disallowing all quantum-vulnerable public-key algorithms well before 2035. The blockchain industry, which directly protects bearer value with the exact cryptographic primitives that a quantum computer breaks, has a BIP and a debate. The question is not whether quantum is a threat to digital assets. It is whether the industry will begin its migration before the window closes. The gap between the internet's pace of PQC adoption and the blockchain industry's pace is not a gap in awareness. It is a gap in urgency and importantly, the gap is not closed by asserting that the threat doesn't exist.

Prochain Bitcoin Meetup de la région parisienne ce sera le mardi 10 février à Montigny-le-Bretonneux (78). Au restaurant "Le So" (anciennement l'Olivetto), à partir de 19h. Passez sur notre Telegram ou par email pour confirmer votre venue, pour réserver la table.