Summary
- BTQ’s Bitcoin Quantum Testnet v0.3.0 now supports BIP 360’s Pay-to-Merkle-Root (P2MR) outputs, which remove Taproot’s key path spending and force all UTXOs through hash-based script paths to reduce long-exposure quantum risk.
- The testnet validates the full P2MR lifecycle — from address creation and funding to signing, mempool acceptance and confirmation — while preserving compatibility with Lightning, BitVM, Ark, multisig and timelocks.
- BTQ’s release, with one-minute blocks, restored SegWit discount and Dilithium-focused sigop hardening, tackles today’s “harvest-now, decrypt-later” public key exposure but leaves short-exposure quantum attacks to future signature-level upgrades.
BTQ Technologies Corp. announced Thursday the completion of the first functional implementation of Bitcoin Improvement Proposal 360 (BIP 360) on its Bitcoin Quantum Testnet v0.3.0 — marking the first time a quantum-resistant transaction format derived from a formal Bitcoin improvement proposal has been activated in a practical, live testing environment. The announcement, released via PR Newswire, moves BIP 360 from a draft concept into what BTQ describes as “usable, testable infrastructure” available to developers, miners, and researchers today.
BIP 360, co-authored by Hunter Beast, Ethan Heilman, and Isabel Foxen Duke, proposes a new Bitcoin output type called Pay-to-Merkle-Root (P2MR) — a direct response to one of Bitcoin’s most discussed long-term vulnerabilities: the exposure of elliptic curve public keys to quantum computing attacks. Under current Bitcoin architecture, certain transaction types — particularly P2PK outputs and Taproot (P2TR) addresses — leave public keys exposed on-chain, where a sufficiently powerful quantum computer running Shor’s algorithm could theoretically derive the corresponding private keys and drain the associated funds. An estimated 6.26 million BTC, representing roughly $440 billion at recent prices, sits in quantum-vulnerable address types.
P2MR operates with nearly identical functionality to Bitcoin’s existing Taproot output type but with one critical modification: it removes the key path spending mechanism introduced by Taproot, which allows a transaction to be authorised by a single public key signature. Under P2MR, all UTXOs must be spent exclusively through script paths — Tapscript Merkle trees — which rely on hash-based commitments rather than elliptic curve public keys. Since hash functions are considered substantially more resistant to quantum attacks than elliptic curve cryptography, this eliminates a major surface area for long-exposure quantum attacks.
Crucially, P2MR retains full compatibility with Bitcoin’s existing smart contract capabilities, including multi-signature arrangements, timelocks, and complex custody structures. BIP 360’s authors have also confirmed compatibility with the Lightning Network, BitVM, and Ark — the key Bitcoin scaling and programmability frameworks that depend on Taproot architecture — making the upgrade additive rather than disruptive to the ecosystem.
BTQ’s v0.3.0 testnet release validates BIP 360 across the full transaction lifecycle: address creation, funding, transaction construction, signing, mempool acceptance, broadcast, and confirmation. Additional enhancements include optimised one-minute block spacing for faster iteration, a restored SegWit discount — critical given that post-quantum signature schemes using NIST-standardised ML-DSA (Dilithium) cryptography produce substantially larger transactions than standard Bitcoin signatures — and Dilithium signature hardening through improved sigop counting and tapscript security fixes. The testnet currently connects over 50 miners and has processed more than 100,000 blocks.
It is important to note the boundaries of what BIP 360 achieves. The proposal addresses long-exposure quantum vulnerability — the risk that an attacker harvests today’s public keys for decryption once quantum hardware matures — but does not yet protect against short-exposure attacks, where a quantum computer would need to break a signature within the time a transaction is unconfirmed. Full post-quantum security for Bitcoin will require additional proposals covering signature schemes. BIP 360 is, by its authors’ own description, a necessary first step rather than a complete solution — but Thursday’s deployment demonstrates that the infrastructure for that transition is no longer purely theoretical.
Be the first to comment