How Quantum Computing Threatens Bitcoin
Elliptic Curve Cryptography (ECC) Vulnerability:

Bitcoin's private keys are secured by ECC, which is highly secure against classical computers.
Quantum computers could use Shor’s Algorithm, which is designed to efficiently solve the discrete logarithm problem underpinning ECC, enabling the recovery of private keys from public keys.
Public Keys on the Blockchain:

Public keys become vulnerable if quantum computers can reverse-engineer the private keys.
Any Bitcoin address with an exposed public key or already-used public key is at risk.
Unspent Transaction Outputs (UTXOs):

Addresses that haven't exposed their public keys (unused addresses) are safer, as their public keys are not directly on the blockchain.
However, if Bitcoin continues to use current cryptographic methods, even unused addresses could eventually become vulnerable.
When Could This Happen?
Quantum Threshold:

Breaking Bitcoin's cryptography would require a quantum computer with millions of logical qubits and the ability to perform error correction effectively.
Current quantum computers are far from this capability (as of 2025), with fewer than 1,000 qubits and limited error correction.
Timeline:

Optimistic estimates suggest that a quantum computer capable of breaking ECC might emerge in 10–20 years, but significant engineering and scaling challenges remain.