Independent researcher Giancarlo Lelli has won a one bitcoin prize worth roughly $78,000 after breaking a 15-bit elliptic curve cryptography key on publicly accessible quantum hardware, quantum security startup Project Eleven confirmed on Friday. The supporting evidence appears in the cited X post.
The achievement represents a 512-times jump over the previous public demonstration of the same attack class, which stood at just 6 bits.
Project Eleven announced the award on X, identifying Lelli as the winner of its Q-Day Prize, a bounty designed to track real-world progress in quantum attacks against the elliptic curve cryptography that secures bitcoin, ether, and most major blockchain networks. The prior record, a 6-bit break achieved by researcher Steve Tippeconnic in September 2025, has now been surpassed decisively.
What the 15-Bit Break Actually Means
Elliptic curve cryptography is the mathematical foundation that allows a crypto wallet to prove ownership of funds without ever exposing the private key. A wallet’s public key can be seen by anyone on the blockchain, but deriving the private key from it is designed to be computationally infeasible.
Quantum computers running Shor’s algorithm, a technique first described in 1994, attack the underlying logic that makes that one-way relationship secure.
Lelli’s result does not mean bitcoin wallets are in immediate danger. Bitcoin relies on 256-bit elliptic curve security, a key space of astronomical scale.
A 15-bit key has a total search space of just 32,767 possibilities, which is trivially small by comparison. However, the prize was never structured to threaten production systems directly.
It was designed to measure whether these attacks were moving off whiteboards and onto real quantum hardware, and the answer is now clearly yes.
What has shifted is the trajectory of resource estimates. According to Project Eleven, current projections for a full 256-bit break have fallen below 500,000 physical qubits.
That figure still sits well beyond the capabilities of today’s machines, but researchers and engineers tracking the field say the downward revision in qubit requirements is itself a signal that the threat horizon is compressing faster than earlier models predicted.
Why 6.9 Million Bitcoin Are Watching Closely
The urgency is sharpest for a specific subset of bitcoin holders. Roughly 6.9 million bitcoin currently sit in addresses with exposed public keys, meaning those keys are already visible on the blockchain and would be the first targets if a sufficiently powerful quantum computer ever came online.
Pay-to-public-key addresses, early Satoshi-era wallets, and any address that has previously sent a transaction all fall into this vulnerable category because spending a coin requires broadcasting the public key.
For holders in that group, the timeline question is not purely academic. A quantum attacker would need to harvest a public key and then break it before the owner moves funds to a newer, quantum-resistant address.
The faster real-world quantum hardware advances, the narrower that window becomes. The 512-times scaling demonstrated by Lelli in a single generation of public experiments is the kind of data point that makes migration planning feel less like precaution and more like necessity.
Several major blockchain ecosystems have already begun formalizing responses. The Bitcoin community is actively debating BIP-360, a proposal that would introduce post-quantum address types to the network.
Ethereum, Tron, StarkWare, and Ripple have each launched or outlined parallel migration efforts aimed at hardening their cryptographic foundations against future quantum threats.
None of these proposals has reached full deployment, and coordinating network-wide upgrades across decentralized communities is a slow, contested process.
Project Eleven’s Q-Day Prize was built on the premise that public, reproducible experiments would give the industry an honest benchmark for how quickly the threat is maturing.
Lelli’s win, achieved on hardware available to any researcher willing to access it, confirms that quantum attacks on real cryptographic primitives are no longer confined to well-funded national laboratories or theoretical papers.
The gap between a 15-bit demonstration and a 256-bit production break remains enormous, but the pace of progress across just two public experiments in under eight months is drawing serious attention from protocol developers and security researchers across the space.
For now, bitcoin’s core security remains intact. The work ahead involves not just advancing quantum hardware but also driving urgent conversations about when and how the industry’s most widely used cryptographic standards get replaced before that hardware catches up.
Not Financial Advice: This article is for informational purposes only. Crypto investments are highly volatile. Always do your own research.
