A developer named avihu28 just published something the Bitcoin community has been waiting years for. The GitHub repository went live 15 hours ago. It describes a fully working quantum safe Bitcoin transaction scheme.
No softfork. No protocol changes. Nothing that requires miner consensus.
The scheme, called Quantum Safe Bitcoin or QSB, runs entirely inside Bitcoin’s existing legacy script constraints. Those are the same rules Bitcoin has operated under for years. The 201 opcode limit. The 10,000-byte script size ceiling. QSB works within all of them.
Must Read: BTC Trader Flips Bullish After Closing Leverage at Bottom
The Problem QSB Is Actually Solving
Standard Bitcoin transactions rely on ECDSA signatures over the secp256k1 curve. That is the security assumption every wallet, every exchange, every on-chain transaction depends on right now. Shor’s algorithm, running on a sufficiently large quantum computer, can compute discrete logarithms efficiently. It breaks ECDSA entirely. A quantum adversary could forge signatures and spend coins they do not own.
QSB builds on earlier research called Binohash, published by Robin Linus in 2026. Binohash used a HORS-like one-time signature scheme embedded in Bitcoin Script. The weakness in that approach was its proof-of-work puzzle. It assumed the smallest known ECDSA r-value could not be improved. A quantum computer running Shor’s algorithm could compute the discrete logarithm of r = 1, breaking that assumption completely.
QSB throws out that assumption. Replaces it with something a quantum computer cannot touch.
You Might Also Like: BTC Bottom Is Closer Than Anyone Will Admit
The Hash Puzzle Nobody Saw Coming
The core of QSB is what the repository calls the hash-to-signature puzzle. A DER-encoded ECDSA signature has rigid structural constraints. Specific tag bytes, internally consistent length fields, positive integer values. A random 20-byte string satisfies all those constraints with probability around 2 to the power of negative 46.
That probability becomes the proof-of-work target.
The locking script hashes a transaction-bound public key via OP_RIPEMD160. The 20-byte output gets interpreted as a DER-encoded ECDSA signature. The script then verifies it. Success only happens if the hash is valid DER. That is a roughly 2^-46 event. Changing any part of the transaction changes the public key, changes the hash, and almost certainly breaks that check. The security here comes entirely from RIPEMD-160 pre-image resistance. Not from any elliptic curve assumption. Not from anything Shor’s algorithm attacks.
The repository states this delivers approximately 118-bit second pre-image security under Shor, and around 59-bit under Grover’s quadratic speedup.
Must Read: Trump’s Secret Plan to Force Massive Rate Cuts
What the GPU Tests Actually Showed
The implementation is not theoretical. Testing has happened on real cloud GPUs. An RTX PRO 6000 Blackwell card ran the pinning search at 238 million candidates per second. An RTX 4070 SUPER hit 88 million per second.
A real DER hit was found. Sequence 151205, locktime 656535577, after roughly 6 hours on 8 GPUs.
The full cost breaks down across three phases. Pinning search runs about $25 to $50. Each of the two digest rounds costs another $25 to $50. Total spend lands between $75 and 150 dollars. The computation scales with added GPUs. More machines mean shorter wall-clock time, same total cost.
There is one catch worth noting. The transaction is non-standard. It exceeds Bitcoin’s default relay policy size limits. Submitting it to the network requires going directly to a miner through something like Slipstream. That is not a small operational detail. It is a real constraint.
You Might Also Like: Rwanda Shuts Bybit’s Franc P2P Move Before New Law
What Is Still Unfinished
The repository is direct about current status. GPU digest search is implemented but not yet tested end-to-end with real transaction parameters. Transaction assembly code exists but awaits a completed digest search. Nothing has been broadcast on-chain.
The pinning search works. The math checks out. But full execution has not crossed the finish line yet.
The spending process runs three phases: transaction pinning, two digest rounds, and final assembly. Each digest round searches over subsets of dummy signatures. Each subset produces a different scriptCode, a different sighash, a different recovered public key. The scheme uses ECDSA only as a vehicle. The hardness comes from hashing, the repository explains, not from the elliptic curve underneath.
The repository is public at github.com/avihu28/Quantum-Safe-Bitcoin-Transactions. It carries 77 stars and 6 forks as of publishing.
This article was created by News Coverage Agency, the best PR agency helping all firms gain access to media.