Steel is going up on the South Side of Chicago, 500 tons of it erected in six days, at the site where US Steel's Southworks plant sat vacant for more than 30 years. The structure rising in its place is not another warehouse or condo tower. It is the shell of what PsiQuantum intends to become the world's first million-qubit, fault-tolerant quantum computer, built with $1 billion in backing that includes a partnership with Nvidia. As of March 6, 2026, the facility is under active construction at the Illinois Quantum and Microelectronics Park (IQMP), and the crypto industry is paying attention for one reason: a machine at that scale could, in theory, crack the elliptic-curve cryptography that secures every Bitcoin wallet on Earth.
A Million Qubits Where a Steel Mill Used to Stand
PsiQuantum's approach differs from competitors like IBM and Google in one fundamental way: it uses photonic qubits, routing single particles of light through silicon chips rather than trapping ions or cooling superconducting circuits. The company argues this approach is the only path to scaling past the thousands-of-qubits barrier that has stalled the industry. The largest quantum computer in existence today, built at the California Institute of Technology, contains 6,100 qubits. PsiQuantum is targeting roughly 164 times that number.
The 128-acre IQMP campus sits along the Lake Michigan shoreline, anchored by PsiQuantum as lead tenant. Phase one, which includes office space, a data hall, and a cryogenic cooling plant, is expected to complete by 2027. The full million-qubit system will take longer, likely arriving within the next decade. Governor JB Pritzker called the groundbreaking "a historic day in Chicago," and the site is projected to generate $100 million in new property taxes over 20 years, with an estimated $50 billion in regional investment flowing into quantum and microelectronics infrastructure.
National research laboratories Fermilab and Argonne are partnering on the project, giving PsiQuantum access to some of the deepest physics expertise in the country.
Why Bitcoin Holders Should Care (and Why Most Should Not Panic)
The worry is straightforward: Bitcoin's ECDSA (Elliptic Curve Digital Signature Algorithm) relies on the computational difficulty of deriving a private key from a public key. Classical computers cannot do this in any reasonable timeframe. A sufficiently powerful quantum computer running Shor's algorithm could.
The keyword is "sufficiently powerful." A 2025 research paper suggests approximately 100,000 logical qubits would be needed to crack 2048-bit RSA keys. Bitcoin uses 256-bit elliptic-curve keys, which have a different vulnerability profile, but the order of magnitude is in the same neighborhood. A million physical qubits, after error correction, might yield enough logical qubits to mount an attack, though the exact ratio depends on qubit fidelity, which PsiQuantum has not publicly disclosed for its photonic architecture.
PsiQuantum co-founder Terry Rudolph addressed the elephant directly: the company has "no plans" to attack Bitcoin's cryptography. He noted that operational transparency at a facility of this scale makes concealing such activity effectively impossible. Thousands of employees, government partners, and research institutions would be involved.
That said, "no plans" from one company is not the same as "no capability" from all actors. The concern has never been that PsiQuantum specifically would attack Bitcoin. It is that any entity reaching this computational threshold, whether a nation-state, a defense contractor, or a future competitor, could exploit the same physics.
CoinShares: Only 10,230 BTC Are Actually Exposed
CoinShares published research in early 2026 that significantly narrows the scope of the threat. The firm found that only 10,230 BTC, worth roughly $720 million at current prices, sit in unspent transaction outputs (UTXOs) where the public key is directly visible on-chain. These are legacy Pay-to-Public-Key (P2PK) addresses, a format used in Bitcoin's earliest days.
The broader pool of P2PK outputs holds approximately 1.6 million BTC, about 8% of total supply. But CoinShares argues that most of those coins sit in 32,607 individual UTXOs of roughly 50 BTC each. Cracking each one would require a separate quantum computation, and at current projected performance rates, working through them all would take millennia, even with a million-qubit machine.
Modern Bitcoin addresses (P2PKH and P2SH) hash the public key before exposing it, adding a layer of protection. A quantum attacker would need to crack both the hash function and the elliptic curve, a significantly harder problem. Most Bitcoin in circulation today uses these newer address formats.
The practical implication: the "quantum apocalypse" narrative overstates the immediate risk by roughly two orders of magnitude. The real vulnerability is concentrated in a small set of ancient UTXOs, some of which likely belong to Satoshi Nakamoto's early mining outputs.
The Soft Fork That Could Settle This Before It Starts
Bitcoin's defense roadmap is not empty. A soft fork introducing quantum-resistant signature schemes, such as hash-based signatures (XMSS or SPHINCS+), could protect the network without a hard fork or chain split. The Ethereum Foundation's 2026 roadmap already includes post-quantum cryptography as a priority track, and Bitcoin Core developers have discussed similar upgrades.
The timeline math is what matters. PsiQuantum's million-qubit machine is years away from operational status. A Bitcoin soft fork, if community consensus forms, could deploy in 12 to 18 months. As Nic Carter argued in February, institutional holders like BlackRock, which now custody tens of billions in BTC through its ETF, have both the motive and the leverage to push developers toward action before the threat materializes.
The risk is not that quantum computers will surprise the crypto industry. The construction is happening in public, the physics is well understood, and the timeline is measured in years. The risk is complacency: assuming that because the threat is distant, the response can wait.
What This Means for Wallets and Self-Custody
For users holding Bitcoin in self-custody wallets, the practical advice is simple: use modern address formats. If you are still holding funds in legacy P2PK addresses (addresses starting with "04" in raw format), consider moving them to P2PKH or native SegWit addresses. This does not eliminate quantum risk entirely, but it adds the hash-based protection layer that makes attacks orders of magnitude harder.
Hardware wallet manufacturers like Ledger already use modern address formats by default. The vulnerability is concentrated in coins that have not moved since Bitcoin's earliest years, not in active wallets used for daily spending or crypto card top-ups.
For stablecoin users on networks like Ethereum, Solana, or BNB Chain, the quantum timeline is similar but the upgrade paths differ. Ethereum's roadmap explicitly targets post-quantum signatures. Solana's Ed25519 curve faces the same theoretical vulnerability as Bitcoin's secp256k1, though no concrete upgrade proposal has been published yet.
FAQ
How many qubits would it take to break Bitcoin? Estimates vary, but most researchers place the threshold at roughly 100,000 logical qubits. Due to error correction overhead, this could require millions of physical qubits. PsiQuantum's target of one million physical qubits puts it in the range where the conversion from physical to logical qubits becomes the critical variable.
Is my Bitcoin safe right now? Yes. The largest quantum computer today has 6,100 qubits, roughly 0.6% of what PsiQuantum is targeting. No existing machine can run Shor's algorithm at a scale that threatens Bitcoin's cryptography. The threat is years away, not months.
Should I move my Bitcoin to a different address? If you hold funds in very old P2PK addresses where the public key is exposed on-chain, moving to a modern address format (P2PKH, P2SH, or native SegWit) adds meaningful protection. If you use any modern wallet or hardware device, your addresses already use hashed public keys.
Will Bitcoin upgrade to quantum-resistant cryptography? Multiple proposals exist, and the conversation has accelerated since institutional holders entered the market. A soft fork could deploy quantum-resistant signatures without breaking backward compatibility. The timing depends on community consensus, but the technical solutions are well understood.
Overview
PsiQuantum has begun physical construction of a million-qubit quantum computer in Chicago, backed by $1 billion in funding and partnerships with Nvidia, Fermilab, and Argonne. The facility, expected to reach operational scale within the decade, would theoretically have enough power to crack Bitcoin's elliptic-curve cryptography. CoinShares research shows only 10,230 BTC in legacy P2PK addresses face realistic quantum exposure, with modern address formats providing meaningful protection. PsiQuantum's co-founder has stated the company has no plans to target Bitcoin, and a soft fork introducing quantum-resistant signatures could deploy well before any quantum machine reaches the required capability. The construction is a milestone for quantum computing, not an imminent crisis for crypto, but it is the clearest signal yet that the upgrade conversation cannot remain theoretical.
Recommended Reading
- Nic Carter Says BlackRock Could Fire Bitcoin Developers Over Quantum Inaction
- The Ethereum Foundation Just Laid Out a Three-Track 2026 Roadmap With Post-Quantum Security
- Google Uncovers Coruna, a Spy-Grade iOS Exploit Kit That Steals Crypto Wallets
