A hash function is an algorithm that transforms any data (text, file, or number) into a unique fixed-length fingerprint.

If the input data changes, even minimally, the hash output changes completely.

They are very useful for verifying the integrity and authenticity of information, as they allow detection of any alteration to the original data.

Imagine you have a document, a photo, or a set of instructions. A hash function is like a "blender" that takes that input information and turns it into a unique code, making it a kind of digital fingerprint.

If the content changes—even just a period or a capital letter turned lowercase—the hash result will change entirely.

These functions are essential in the modern digital world. They are used to verify that information has not been altered and apply in all kinds of contexts: from banking systems to secure networks, messaging apps, or encrypted storage.

Bitcoin uses hash functions as key tools to ensure the security, integrity, and decentralization of the system.

These functions are involved in several critical parts of the protocol:

Note on Merkle trees: A Merkle tree is a tree-shaped structure that allows efficient organization and verification of a set of transactions in Bitcoin. Each transaction becomes a hash, then paired with another to form a new hash, and this process repeats in levels until reaching a single final hash: the Merkle root, which represents the entire block content.
This efficiency allows, for example, light wallets (SPV) to verify transactions without downloading the entire blockchain.

Here is a description of the most relevant hash functions in Bitcoin, along with some of their uses outside the ecosystem:

| Hash function | Use in Bitcoin | Also used in |

|---------------------|---------------------------------------------------------|--------------------------------------------------------|

| SHA-256 | Mining (proof of work), address creation | HTTPS, bank cards, digital signatures |

| RIPEMD-160 | Address generation (combined with SHA-256) | Some PGP implementations |

| HMAC-SHA512 | Key derivation in HD wallets (BIP-32) | Password security |

| PBKDF2 | Seed phrase strengthening (BIP-39) | Password managers, file encryption |

| HASH160 | P2PKH address generation | Bitcoin-specific (SHA-256 + RIPEMD-160) |

Very important to know, as it is often misinterpreted:

Bitcoin simply applies them to ensure its security. And that means that if these algorithms ever break, Bitcoin would not be the only system at risk.

In addition to hash functions, Bitcoin also uses a digital signature system called ECDSA (Elliptic Curve Digital Signature Algorithm).

ECDSA is the mechanism that allows a user to prove ownership of a private key without revealing it. This is what makes secure transaction signing possible.

This component is, in fact, the most vulnerable point against quantum computing—not just in Bitcoin, but in all systems that use it.

If a sufficiently advanced quantum computer could run Shor's algorithm, it would be able to calculate a private key from the associated public key for a specific address (the one revealed when signing a transaction). This does not affect the master key or all possible user addresses, but it does allow compromising that specific private key and thus spending the funds in that address if they haven't been moved yet.

That would allow an attacker to spend funds from a Bitcoin address after seeing a signed transaction. For example, if someone broadcasts a transaction, their public key is exposed. A quantum-equipped attacker could use it to derive the private key and steal funds before the transaction confirms.

Not for now. It's important to understand the current reality.

Quantum computers pose a hypothetical but not immediate threat.

Let's put things in context:

What is Grover's algorithm? It is a quantum algorithm that speeds up searching for a solution in a very large set of possibilities.
For hash functions like SHA-256, Grover could reduce the time to find a collision or preimage from 2²⁵⁶ to 2¹²⁸ operations.
This is a significant speedup, but it does not break security, as 2¹²⁸ remains an extremely large number.
Thus, SHA-256 is still considered safe against quantum attacks, at least until sufficiently powerful quantum computers exist.

Bitcoin is not alone in these risks.

Hash functions are pillars of global digital security.

Satoshi did not invent these algorithms but took well-known tools and combined them with unique genius.

When discussing the impact of quantum computing on Bitcoin, it is often framed as if Bitcoin were an isolated system facing a gigantic problem alone. But this view ignores a fundamental context: Bitcoin uses standard cryptography widely adopted worldwide, far beyond the Bitcoin ecosystem.

And, at the risk of sounding repetitive, I insist because it matters: the cryptographic algorithms currently protecting Bitcoin (digital signatures and hash functions) are also used to:

This has a key consequence: Bitcoin would not be the first system needing protection against quantum computing.

If a quantum computer capable of breaking current cryptography existed tomorrow, the first compromised systems would be state, financial, and national security infrastructures. Long before Bitcoin, central banks, governments, militaries, and much of the Internet as we know it would be at risk.

That is precisely why the greatest economic, political, and strategic incentives to solve this problem are not in Bitcoin but in states and large corporations. And these actors have been working for years (as has the Bitcoin community) on developing quantum-resistant cryptography.

This work includes academic research, standardization processes, and testing in critical environments. All that effort, even if not specifically designed for Bitcoin, directly benefits Bitcoin, which can adopt mature, audited, and tested solutions when necessary.

Bitcoin also follows a conservative technical philosophy: not pioneering immature technologies but integrating solutions when they are sufficiently proven. Prematurely changing Bitcoin's cryptography could introduce more risks than it eliminates.

A more realistic way to frame the problem: If the world learns to defend itself against quantum computing, Bitcoin will learn alongside it. And if the world fails, Bitcoin will likely be the least of our problems.

Although the quantum computing danger remains theoretical, the Bitcoin developer community is already discussing ways to prepare.

International organizations have been developing and standardizing quantum-attack-resistant algorithms for years, which will eventually reduce risk for all infrastructure, including Bitcoin.

Current proposals focus on improving public key management and incorporating post-quantum cryptography.

Some of the ideas I consider most important at this time (note: I am not a cryptography expert, so my view may not be fully complete):

Important: There is no final solution yet adopted by network consensus, but the debate is active, and Bitcoin's code is designed to evolve. The key will be to anticipate and act before a real threat emerges.

If you're interested in researching further, here are some links. I recommend following publications on the Bitcoin developer mailing list. Though not easy to follow, it helps stay updated on discussions and proposals:

✨ Keep learning. If you like this article, share it. ✨