When quantum computers eventually become powerful enough to crack the cryptography protecting Bitcoin wallets, the most basic question won’t be how to stop the attack — it will be how to prove you own your wallet at all. That’s the problem Project Eleven is trying to solve with a new cryptographic technique aimed at securing Bitcoin post-quantum ownership for users who may not have time to prepare.
Summary
Key takeaways
- Project Eleven introduced a post-quantum proof that lets Bitcoin users verify wallet ownership after Q-Day using a wallet’s key derivation path.
- The technique proves control of a parent key without revealing it — something a quantum attacker cannot replicate.
- Jim Posen, lead maintainer of the open-source Binius zero-knowledge proof system, built the implementation, funded by Project Eleven.
- The prototype is unaudited and requires blockchain protocol-level support before it can be deployed.
- The recovery method targets users who miss a future migration to quantum-safe addresses, giving them a fallback path to prove ownership through derivation rather than signature.
Project Eleven’s Post-Quantum Bitcoin Wallet Ownership Proof
The core of the problem, as Project Eleven CEO Alex Pruden explained in a thread on X, is that digital signatures — the standard way someone proves they own a Bitcoin wallet — stop being reliable once quantum computers can derive private keys from public keys. At that point, both a legitimate owner and a quantum attacker can produce identical signatures. Ownership becomes indistinguishable from forgery.
That scenario is what the industry calls Q-Day: the moment a quantum computer can break the elliptic curve cryptography that underpins Bitcoin’s security model. When it arrives, any wallet whose public key is exposed on-chain becomes a target. An attacker could derive the private key, forge a valid signature, and move funds — all without the real owner knowing until it’s too late.
“After Q-Day, once a quantum computer can derive an ECC private key from its public key, a valid signature no longer proves ownership,” Pruden wrote. “Both the quantum adversary and the legitimate owner are able to produce identical signatures.”
Key Innovation Using Wallet’s Key Derivation Path
Project Eleven’s solution shifts the proof of ownership away from signatures entirely. Instead of relying on a private key — which a quantum computer could eventually compromise — the technique uses a wallet’s key derivation path to prove the user controls the parent key from which the wallet’s private key was originally generated, without ever revealing that parent key.
The logic is straightforward but powerful: a quantum computer may be able to derive a wallet’s private key from its public key, but it cannot work backwards to reconstruct the seed phrase or parent key sitting higher up in the derivation hierarchy. Only the actual owner holds that information. Proving knowledge of it, without exposing it, becomes the new definition of ownership in a post-quantum world.
“So even after Q-Day, an attacker who’s broken your address’s private key does not hold, and can’t compute, the seed phrase it was derived from,” Pruden wrote. “Proving you know that parent key, without revealing it, is something only the real owner can do.”
Prototype Status and Development Partnership
The implementation was built using Binius, an open-source zero-knowledge proof system designed to accelerate hash-heavy cryptographic operations. Jim Posen, lead maintainer of Binius, developed the approach with funding from Project Eleven. The work also builds on “signature lifting,” a technique first proposed by researchers Alon Sattath and Robert Wyborski.
There is an important caveat. The prototype is currently unaudited and would require blockchain protocol-level support before it could be deployed in any real-world scenario. It is experimental — a proof of concept demonstrating that the approach is technically viable, not a ready-to-use product.
Understanding Q-Day and Its Threat to Bitcoin Security
Q-Day represents a specific and well-defined threshold: the point at which a sufficiently powerful quantum computer can break elliptic curve cryptography fast enough to target active Bitcoin wallets. The concern isn’t theoretical — it’s a question of timing and scale.
When a wallet’s public key has been exposed on-chain through a previous transaction, it becomes readable by anyone, including a future quantum adversary. With enough computational power, that public key is sufficient to derive the corresponding private key, effectively handing over full control of any funds in the wallet. The existing security model, built around the computational difficulty of reversing elliptic curve operations with classical computers, collapses entirely.
Challenges in Proving Wallet Ownership Post-Q-Day
The deeper problem is that the compromise doesn’t just enable theft — it destroys the evidentiary value of digital signatures altogether. If anyone with a quantum computer can generate a valid signature for any wallet, courts, protocols, and recovery mechanisms can no longer treat signature validity as proof of identity. That’s the gap Project Eleven is trying to close with a derivation-based proof that operates above the signature layer.
The Importance of Project Eleven’s Solution Post-Q-Day
The recovery method is specifically designed for users who miss a future migration window to quantum-safe addresses. In an ideal scenario, all Bitcoin holders would proactively move funds to quantum-resistant wallets before Q-Day. In practice, that won’t happen universally. Coinbase‘s quantum advisory council has warned that roughly 7 million Bitcoin could eventually be vulnerable if owners fail to migrate in time.
For those users, Project Eleven’s approach offers a fallback: prove ownership through the derivation path, not through a signature that a quantum machine could also produce. The mechanism doesn’t prevent the attack — it provides a cryptographic basis for distinguishing the real owner from the attacker after the fact.
“As much as I’d love for the entire world to take a quantum migration plan seriously, the reality is that some digital asset wallets will miss the window,” Pruden wrote. “This gives them a fallback: prove ownership through derivation, not signature, even after that window closes.”
The analytical implication here is significant. Most post-quantum Bitcoin research has focused on preventing attacks — hardening the protocol before Q-Day arrives. Project Eleven’s proposal addresses the recovery layer: what happens to users who are already exposed when the moment comes. That’s a different, and arguably more pressing, problem for the millions of Bitcoin holders who are unlikely to follow technical migration guides on a tight deadline.
Broader Context and Industry Efforts on Bitcoin Quantum Security
Project Eleven’s proposal lands at a moment when the broader Bitcoin ecosystem is accelerating its post-quantum preparations, though consensus and coordination remain slow-moving challenges.
BIP-360 and Industry Preparations
In February, Bitcoin developers advanced BIP-360 — a Bitcoin Improvement Proposal laying the groundwork for quantum-resistant upgrades — into formal review. In March, BTQ Technologies released the first working implementation on its Bitcoin Quantum testnet, allowing developers to test the proposal and surface the practical difficulties of achieving network-wide consensus on such a major protocol change.
These efforts signal that the Bitcoin developer community is taking the threat seriously, but they also highlight the coordination problem: any quantum-safe upgrade requires broad agreement across a decentralized network of miners, node operators, and developers, a process that historically takes years.
Regulatory and Advisory Actions
On the regulatory side, President Donald Trump signed executive orders in June accelerating the federal government’s own transition to post-quantum cryptography, adding political weight to an issue that has largely been treated as a distant engineering problem. Coinbase’s quantum advisory council issued its own warning around the same time, urging blockchain developers to begin planning post-quantum migrations immediately rather than waiting for a consensus upgrade.
What makes the timing notable is the convergence: research, protocol proposals, testnet implementations, corporate warnings, and government policy are all moving in the same direction at roughly the same time. The question is whether that momentum translates into actual network upgrades before Q-Day — and whether solutions like Project Eleven’s derivation-based proof can fill the gap for those who inevitably fall through the cracks.
FAQ
What is Q-Day in the context of Bitcoin security?
Q-Day is the moment when a quantum computer can break the elliptic curve cryptography that secures Bitcoin transactions, undermining digital signature security and making it possible for attackers to derive private keys from public keys.
How does Project Eleven’s proof help Bitcoin users post-Q-Day?
It uses a wallet’s key derivation path to prove ownership of the parent key without revealing it. Because a quantum computer cannot reconstruct that parent key from a compromised private key, this method allows legitimate owners to prove control even after their wallet’s private key has been exposed.
Who developed the implementation of Project Eleven’s proof system?
Jim Posen, lead maintainer of the open-source Binius zero-knowledge proof system, developed the implementation. The work was funded by Project Eleven and builds on “signature lifting,” a technique originally proposed by researchers Alon Sattath and Robert Wyborski.
Is Project Eleven’s recovery method ready for immediate blockchain use?
No. The prototype is currently unaudited and requires blockchain protocol-level support before it can be used operationally. It is a proof of concept demonstrating technical feasibility, not a deployable solution.
Article produced with the assistance of artificial intelligence and reviewed by the editorial team.

