How Real is the Quantum Threat? | Bitcoin 2026

[music] [applause] >> All right, Vegas. Uh thanks for the third of you that stayed for this panel. Um I'm Alex Thorn from Galaxy. I've got Brandon Black, James O'Beirne, Hunter Beast, and Alex Pruden. Uh this is the talk of the town, like Greg said. This is a big topic. A lot of people are asking a lot of things about it. I hear about it in from our institutional counterparties, what's the deal with quantum? Uh we're going to get into some of these things. We're going to talk about the urgency. We're going to talk about uh possible solutions and mitigations. And then we're going to talk about what to do with coins and exposed addresses such as Satoshi's coins. Before we do that, I'm going to start with you, Alex Pruden from Project 11. Uh you have uh raised a lot of the discussion about this in in the public. Can you give the audience a quick overview of what the potential problem is, what quantum might do to Bitcoin if it becomes real? Uh yeah, thanks. And first of all, I don't want to take credit for raising this as a discussion topic. Hunter's done a lot of work over the last year as well as Pierre Luque and a lot of other folks in the community. So, um first off, okay, quantum, what does it matter to this group here? Um quantum computers are a type of computer that's based on the principles of quantum mechanics uh that can perform some problems more efficiently than a classical computer could. Uh one of those problems is uh with something called the elliptic curve discrete logarithm problem, which is the basis for the public key cryptography that we use in Bitcoin. Right? And very just quickly, what does that mean? You know, as uh yeah, you got the public key crypto system, as the name implies, the public key is meant to be public, and you shouldn't be able to recover the private key from just knowing the public key. And this private key is used to sign messages, right? And a quantum computer running Shor's algorithm uh enables you to do just that, right? And so, what is the impact on Bitcoin? Well, it enables me to go the kind of the the wrong way down the one-way road. If I have a public key in my possession, I can recover your private key or someone's private key, the the corresponding private key, and then sign a message uh to basically, you know, show that I or I to appear to be the one that owns the private key, right? And what does this mean practically? It breaks the concept of ownership that basically the public key cryptography in Bitcoin is meant to ensure. Uh that's a good overview. Uh I don't know, Brandon, you want to offer uh any any differences in in the way you would characterize it from Alex here or how do you think about it? Well, I I think it's just the right answer, like yes, it breaks the cryptography, it can reverse the elliptic curve discrete log. Um the only thing I would add really is that that's if we can build a quantum computer that can run Shor's algorithm, which has not yet been demonstrated. How close [clears throat] are we, Brandon or James, in your mind to building one? I think based on the evidence, not very close at all, if it's even possible. Um given things like you know, we don't really know how long we can entangle qubits. We haven't passed qubits through circuits of a depth anything resembling, you know, what would actually execute Shor's. And every demonstration cited as being some kind of evidence toward a cryptographically relevant quantum computer is um either sort of a slight of hand or an outright hoax um as in the case of what we saw from Alex's organization uh recently where a pre-computing step is done by a classical computer that is then encoded into the quantum circuit and um used as some kind of fodder to say, "Oh, well, we're we're making such great progress. We've cracked 16-bit ECDSA." When in actuality, doing something like that in a classical context is fairly trivial. Uh and then dressing it up with quantum window dressing is kind of a you know, meaningless gesture. Uh well, James, I appreciate you giving me the opportunity to talk about Project 11's product, the random number that's quantum powered. Uh but no, in all seriousness, I really I I appreciate the opportunity to address that. Look, I think there's a consensus at this point that the Q-Day prize, which is what you're referring to, is not evidence of a, you know, progress towards a cryptographically relevant quantum computer, right? And a skeptic like you cites the absence of this progress as reasons to not believe that this is possible. But I think, you know, if you look at the literature, specifically Google's paper that came out in the last couple of months, or Atom paper, so these are leading academics in the field of quantum physics that have been working on error correction, the ability to basically make the reason why this, you know, the the Q-Day prize contestant is not able to do anything interesting is because they don't have error-corrected quantum computers. And I don't think it's right to say that there's been no progress on quantum computing. There has actually been demonstrated error correction in Google's paper in 2024 below threshold. So, I think the question is, if it's not the Q-Day prize, then what is the right benchmark that would convince a skeptic like you? And the reason I think this is important is because we don't want to throw away cryptography that is securing trillions of dollars and has for years, right? But at the same time, there is a risk that a cryptographically relevant quantum computer can be built, and I think that risk is potentially existential to Bitcoin. If you guys are quantum experts, why did you market that demo as a break of ECDSA on the basis of quantum computer? Shouldn't shouldn't you know enough to know that that wasn't actually anything of the sort? I want to make this panel about quantum, and so I want to let the moderator, Alex there, kind of drive it. We can debate whether or not we have the authority to talk about it, but I want to make sure this the value for this audience is to learn about this topic. >> Well, maybe to get back on topic, can you tell the audience how many qubits, how many Toffoli gates are necessary to run Shor's algorithm? Uh well, it depends on the specific paper and resource assessment that you're looking at, right? So, you take the Google the Google paper, I believe they cite 70 million Toffoli gates, right? And so, by the way, we're cited in that paper. Our work is in there. And so, uh yeah, so I you know, there there are there's a space-time trade-off, and it kind of depends on how you plan to build this quantum computer. And I think this is maybe something for the audience to take in mind. You know, there's multiple tech trees to building these systems. You have superconducting computers, which is what IBM and Google basically give you an interface to use. But the kind of next generation of computers that have the potential to be very efficient cryptographically or, you know, potential to break the cryptography underlying Bitcoin use different approaches, right? And so, I don't think it's right to say that just because one approach fails, all the others will, too. All right, gentlemen, let's let me give Hunter a chance to get in here. Hunter from Surmount Systems, also uh one of the authors of BIP 360. What what's your perspective on this part of the conversation, Hunter? Well, I think we need to do our best to seek truth here and be intellectually honest. And uh the intellectual honest answer is that there is no hard evidence that would point to definitively disproving or proving the threat yet. And so, I think in this time of uncertainty, we need to fall back on first principles, and we need to do the work to build the the tools we need to convince people with proof and evidence that the threat could maybe be imminent. Also, I'm not sure if it's the right question to be asking. I think one of the most depressing things I think about is just like, are we going to be coming back here year after year having done nothing to address the concern and just keep bickering about this and doing nothing productive. In a way, that's its own grift, right? Like we could if if quantum computers really are impossible, we could come back here 5 years, 10 years, build a whole career on this just bickering over this grift. >> Many have done that. Well, you know, and so I would like, in my opinion, to just put the fud to rest. Do the work, it's an engineering problem, and present evidence and strategies and uh give people the opportunity to change their minds based on new input. I don't think people are particularly unreasonable or intransigent in the Bitcoin community as people like to think. I think we are we we we've gotten this far based on evidence and reason and not on ideology and coercion. All right. So, um we can and we will, I know we will, and maybe we'll do it for the next five Bitcoin conferences, debate the urgency of the problem. But if we grant that it could be possible, let's say even a 1% chance, I want to talk a little bit about some of the work that is being done as mitigations or solutions or that could be done or the difficulty in enacting something on the Bitcoin protocol if something was to be done. Um maybe sticking with you, Hunter, BIP 360 is one of the most reviewed BIPs and also more advanced uh that has been proposed as a mitigating solution. Would you give a high level of what the proposal is? Yeah, so BIP 360, and not to be confused with BIP 361, it's a very different BIP. Uh so, BIP 360 exists as essentially a opt-in uh now new output type in Bitcoin. An output type is kind of similar to an address for the pubs, right? And so, um this allows us to essentially uh have a like a a first step for wallet optionality on how you wish to spend your coins. And you might commit to a path that lets you spend them with elliptic curve cryptography as it currently exists. It will also allow you to maybe spend post-quantum cryptography at some future date and commit to a script path in your wallet before that's even active on mainnet. Uh and we might even combine that with a elliptic curve cryptography so that there's no reduction in security assumptions of what we currently understand as safe. And so, we need to be very rigorous and conservative in solving this problem. And uh I think we should in in a bare minimum activate BIP 54, which is the great consensus cleanup that is very uncontroversial. We need to do that. It protects us against a number of other threats. We also need to uh activate BIP 360 and and maybe not any other post-quantum cryptography, but BIP 360 and BIP BIP 50 50 uh 54 are both very solid, uncontroversial, conservative approaches to solving these problem this problem. And uh hopefully uh maybe even uh another another thing that we've been working on for BIP 360 to hopefully bridge the gap uh and divide amongst uh uh Bitcoiners around, you know, a lot of the things we're talking about. I would like to make BIP 360 compatible with BIP 110. And that that takes a lot of engineering effort, but we've been doing it. And I think I I know I know there's some BIP 110 skeptics out there. I think, you know what? These people have enough shared common values with us. We should We should focus on the fact that Bitcoin is a direct challenge to nation-state monetary sovereignty, and we need to remember our mission to separate money from state. Hunter Hunter bridge-builder beast, um we're not going to get into BIP 110, but I appreciate those comments. What was I going to say, Alex? >> I was just going to say I think it's it's kind of hard to separate the urgency of the problem from the potential solution, right? Because if you think, you know, there's a lot of aspects here at risk, right? So, BIP 360, among other things, it kind of disables a way to reveal your public key. Um Well, it doesn't disable anything. Well, it I mean it it basically helps mitigate a potential risk of public key, you know, reuse or or exposure, right? But I think there's obviously a world in which if a quantum computer is coming sooner, then there needs to be more aggressive actions to mitigate, right? And so, this again brings it back to like, "Hey, what is the right benchmark? How do we know?" Look, I think uh you know, just today you had Scott Aaronson, noted quantum researcher, on the Coinbase advisory panel. He published a blog post that "This is your warning. The quantum computer may arrive by the time by the time this decade is out." he said it as definitively as he could because he doesn't want to be doesn't want to be blamed for not doing enough. So, look, I think again, to your framing, Alex, I think if there's even a 1% chance, we should proactively move forward and, you know, from a you know, kind of a top-to-bottom way address this problem to make it so that the quantum topic is not viewed as FUD. I don't think it's right to frame it as FUD. I think this is about mitigating one of the most existential risks to Bitcoin. The shortcoming to that framing is that there are many risks to Bitcoin, and there's a finite amount of engineering effort that we have to distribute over those risks. >> Well, what's a more existential risk than this? Scaling. Scaling is existential? If we can't scale, centralization will make Bitcoin completely fail on the Absolutely. >> How about the particular parameters around supply distribution and the fact that if you guys scare up all of institutional investors and whip everybody into a frenzy because they're reminded that they don't actually understand the cryptographic bedrock and they're in doubt and they're delaying their adoption of Bitcoin, then by the time the security spend on Bitcoin has been reduced by twice and then again 8 years from now, um we may be in a in a very uncomfortable position in terms of the net security spend on mining. >> I think the only crypto I mean, there is no way that anything I could say could threaten the cryptographic bedrock of Bitcoin. I think that's the point of it's a bedrock, but a quantum computer might threaten that bedrock. >> we need to talk really seriously about like what is the threat of a quantum computer. And the reality is that most people's UTXOs are safe forever because a quantum computer, even if it is invented, is going to be expensive for a long time. So, if it costs $50,000 to break a public key into a private key, every UTXO worth less than $50,000 is safe forever, right? We We can't like panic about this. The fact that it can break a public key doesn't mean every public key can get broken. And so, it really depends It depends what the evidence shows. It depends which kind of quantum computer we have out there. If it's a neutral atom computer, it'll never give us a short range attack. It'll never break a key faster than a week or so on a neutral atom, but it would on a superconducting. So, we really have to look at the evidence of what's happening on real quantum computers. And of course, as James just said, the evidence today is that no real quantum computer has ever run Shor's algorithm. And so, it does not make sense to take any action beyond BIP 360, which is good for other reasons, too, on Bitcoin today. I guess the question is how do you know you're like how how will we know that we'll get that evidence? In fact, so Craig Gidney, noted Google cryptanalyst who was also nice enough to take time out of his Saturday to flame me this weekend, you know, he he said I asked him this question. I said, "Look, okay, if this is not it, then what is the benchmark, right?" And he said, "I don't have a good answer. There's not a good benchmark." I think, you know, and the Google paper itself says, "Hey, when we get to the point where we can factor a 32-bit number, it's over." And this is the risk here. And by the way, these post-quantum cryptographic migrations have to be handled with care. They should not be rushed. And that's exactly why I think even if there's a 1% chance, we need to be conservative and act, you know, in the best interest of Bitcoin, which is I think is proactively address this threat. Go ahead, Hunter. I I think it's also important to point out that it if we don't come up with a good, evidence-based, comprehensive solution that essentially puts the FUD to rest, that opens up the door for essentially fraudsters and grifters to capitalize on that fear and sell us solutions based on trust-me-bro cryptography. We just saw uh a wallet uh here at this conference called Castle with a Q, and their whole freaking thing is like, "Oh, we have a black box that generates a really great with secret key for you. And uh trust me, bro, use our private key that we'll give you in your wallet." And uh really there's no secure way in my mind that you can do that with that like essentially isn't just, you know, uh a a a a non-custodial in a different form. And so, I really do think it's important that we keep keep bear in mind that as the fear and temperature around this argument continues to build, that opens the door. That leaves open the door for fraudsters and grifters to sell us broken solutions and capitalize on that. >> And and not just I would add, too. I agree with that, and it's also um alternate cryptocurrencies that perhaps have much more centralized development uh ecosystems or even foundations or for-profit companies supporting them are likely to roll out their own. I think Solana just announced their quantum roadmap. Ethereum's been talking about it like in the halls of, you know, investment world, that might benefit them at the expense of Bitcoin if there isn't something more >> Ironically, ironically >> Ironically, the the Ethereum plan is so complex that I I I I kind of wonder if it might take them as long as it did for them to implement and merge post uh uh What is it? Proof of stake? >> Proof of stake. >> Yeah. Uh like like they took them 7 years from the announcement of Casper to like the merge. And I'm just thinking like they're going to overshoot this. I'm not confident they're going to nail it in time. Really, in Bitcoin, our cryptography our cryptographic situation is orders of magnitude simpler. The governance, I'm not as worried about. I think people will change their mind if they're presented with good reasons to take action. So, one thing that I think we should all be honest about there are tons of new cryptographic primitives being developed regularly uh for Bitcoin uh that are post-quantum. I I like to talk about it as just post-SECP256K1. That's the current encryption that we or the cryptography we use for Bitcoin. And even if a quantum computer never happens, which I think it never will, that cryptography will break someday. So, of course, the Bitcoin community is actively day in and day out researching new crypto systems. And I think all I would say is we will activate new cryptography for Bitcoin when it is suitable. As of this time right now, there is not a suitable alternative to SECP256K1, but when there is, we will activate it. And it doesn't matter whether it's for quantum or just because we should have a backup system, right? So, I Well, we're talking about quantum here. Bitcoin is always researching and moving forward and and will be ready for these things. Yeah, you're saying either could even be risk that, you know, current ECDSA becomes vulnerable for a classical reason. It's battle-tested now, but in that case, there will be more others. If you think about post-quantum crypto specifically, one of the big issues is with the current schema that uh if existed, and there are constantly improvements on this side of the thing, but the the signatures are very large, right? And I've even seen them come down already, but they're still quite large. And Bitcoin block space is quite scarce. And so, uh is it Would Would the panel agree that you know, if people are working on compressing better post-quantum cryptography, whether or not we actually add it to Bitcoin yet, but if it's, you know, sitting in the repo, reviewed, it's got eyes on it, right? It's not rolling our own crypto. It's been around. That That's beneficial to have. Would that solve some of the fears? And then we hit the threshold, We can't possibly agree here cuz we have to debate this, Alex. No, I'm just joking. In all seriousness, I think what you said is absolutely reasonable, and I think this is again, going back to the point that we don't want to throw the time-trusted algorithms that we have in the bin for nothing. We don't want to grab something off the shelf and stick it in Bitcoin and then it breaks classically. And that would be the stupidest thing to do, right? And so I think there are a lot of different post-quantum schemes out there. Some of them are well-studied or some of them are based on well-studied assumptions. Some are not, some are performant, some are not. And I think Bitcoin should have, you know, look at all of these. And that's in fact exactly what's happening. One of the things that I've been amazed by in the last year since, you know, I think there was one panel or two panels on this topic. I mean it's the theme of the conference basically. There's been a ton of researchers on the open source stage presenting their work and that's amazing. And I think people should continue to do that. I mean there are inevitably going to be trade-offs. But as Reardon pointed out, you know, Bitcoin can never rely on the security of one crypto system forever. Even if you don't believe that a quantum computer is going to happen, which I do think it might. I think I think it will happen. I think that's the consensus of physicists out there, too. You know, I still think at the end of the day, um, you know, you need to be ready to be agile in the face of future threats. I think there are a few caveats on that. It's it's obviously good if we come up with new crypto systems that have different assumptions and say are predicated on things like SHA-256. But again, there are some caveats. Number one, what is that coming at the expense of? You know, what could we have been working on that we weren't working on? Number two, I think the really important thing to do in this situation is challenge the premise of the argument. I think quantum cryptographically relevant quantum computers are a science fiction at this point. And that needs to be re-underwritten rigorously because if we go and spend a bunch of time and devote really smart guys like Jonas Nick to coming up with new hash-based schemes, we're re-underwriting the concern and we're messaging to the the the world that, oh no, this is actually something we're kind of worried about. When again, in reality, I think there are much bigger fish to fry. And um, quantum is fan fiction at this point. >> one on this panel is a quantum physicist. Not me, not you, not any of us. But the There are many prominent quantum physicists including Scott Aaronson who I just referenced that would argue strongly against your claim that it is science fiction. Now, it hasn't been proven to work in the lab. >> climate scientists say that the ocean was going to overflow Florida. I I mean, sure, but that doesn't necessarily mean that like this is not necessarily apples to apples, right? I think in fact, you actually can look at the testable predictions of quantum computing and error correction, which people predicted and that and theorized and then ultimately experimentally demonstrated as progress, right? So I don't think it's right to say that some pseudo-scientific claims about climate are equivalent to the actual demonstration of that. >> Hunter. Go ahead, Hunter. Like one thing I just want to make clear is that I don't think we should trust the experts in this regard, either for or against. I don't think academia is particularly well-suited for essentially answering questions on the frontier of what we know and do not know, unfortunately, for better or worse. And since 1973, Nature has mandated peer review. And although peer review is really nice, what it does is it essentially creates an incentive, a perverse incentive, to be deliberately conservative in what they what can be proven. And unfortunately, for some kind of break on this level, we really cannot know if the even if the capability could exist today and we're just not being told. The two biggest players in quantum computers are the NSA and the PLA. These are nation-state level actors. We need to take nation-state level threats seriously. Now, that said, am I saying that we should be irresponsible and not be rigorous? Of course not. But I do think that we should not we need to question every assumption, including the assumption that we even need a quantum computer to enact an attack on this level. I mean, there there are possibly ways where we do not need necessarily Hilbert space of unbounded precision if we can just come up with an approximate solution for keys of sufficient length. Okay, let's This has been very exciting. We don't have too much more time, but I want to get into one of the big questions that people ask about. Alex, you you referenced like the bare public key coins. Project 11 has a good data website, I think, on the Q day clock. Yeah, and then well, the risk list we have a risk list which shows basically all the exposed public keys that have been exposed in a variety of ways, whether they're P2PK outputs or whether there was a double spend somewhere in the history of the blockchain. You can see the public key there. Right. So the I would say maybe I'm leaving one out, but in general, the two category The question is, is your public key sitting there visible to be run through such a an attack, right? A brute-force attack by cryptographically relevant quantum computer running Shor's algorithm. The two categories are those that are in P2PK addresses, which is a deprecated Excuse me, deprecated address format, but which Satoshi and most all early early miners and Bitcoiners used. Um, and then any other key that has been previously used. So, address reuse. So, an exchange deposit address that they don't cycle every time, right? Or, you know, if you posted your address on your wedding website and said, "In lieu of flowers and gifts, please send Bitcoin," which I did in 2016. Uh, it wasn't that effective. Um, that's what? 7 8 million coins currently, right? Yeah, 35% I think it's 7 million-ish, 6.9 million of the percent So, 35% of the total supply is exposed. >> but the vast majority of those are reused coins potentially with people who are here now, they could upgrade. So, I really like the Bitcoin risk list work that's risk with a Q at Project 11. But I also want to make sure that people are aware of Wicks Smart Bitcoin's work on quantifying that problem as well. And he pointed out recently that uh of those like 7 million 7 million sounds like a big number. It's actually a lot lower in practice because of those 7 million coins, the vast majority have been moved within the last year. At which which point I think that the real number at risk of like dormant coins or lost coins including Satoshi's would be more like 2.66 million. >> Okay, so let's focus on those coins cuz then I'm going to cut right to the chase. People say, "What to do with Satoshi's coins?" You could do nothing. We we Bitcoiners could do nothing. Or you could on the far end of the spectrum, hard fork, seize them, burn them, etc. So, there's some ideas in the middle. Let's just go down the list here the the panel here. What would you do, Brandon? I would I would just leave the coins alone. If a quantum computer can start stealing people's coins and we haven't migrated, um it's Bitcoin's ownership is not about I think there was a talk about like proving ownership with signatures. Bitcoin is a protocol and the protocol depends on signatures. Whoever can produce a valid signature can spend the coins. Um, I think it would be controversial to the point of fracturing the Bitcoin community and and creating lots of drama if we were to say we're going to break at that premise, that that whoever produces the signature can move the coins. Um, that is of course predicated on the that we do get BIP 360 and some additional cryptographic assumption in before a quantum computer really starts attacking, uh, which I think is very likely because the the timeline for quantum computers is very long. So, you're saying a little bit of mitigation work and then do not violate the property rights of >> Yeah, but the chips fall where they may. What about you, James? I'll keep it simple and short. If you undermine the property right guarantees of Bitcoin, we're cooked. It was pointless. So, leave them alone. Hunter? We have to be really careful here because as you both correctly pointed out that essentially we have something as drastic as BIP 361 would be a very egregious violation of the private property promise. And that's also understood to be essentially the social contract of Bitcoin. That we don't necessarily support or promote activation of protocol changes to unilaterally prevent people from spending their coins. That said, I think it's also important to understand like these these different positions and perspectives that we're doing things based on the right principles. And you know, obviously, burning those coins permanently just because we want number to go up is a bad it's it's it's just a bad idea all around. And even I will also point out every author of BIP 361 does not support their own writing, their own BIP. Yes. Which it was an informational BIP. It was an idea. By the way, that said, ban the spending to the P2PK addresses after a period of time, then ban them sending after a period of time, effectively freezing them. Right. And now, on the other side, the liquidation argument, we have to also be careful about why we want to support liquidation. If we want liquidation for number to go down so that we can buy people's stolen property at a discount, I think that's also I think probably not not a good reason. >> That's an interesting framing of the do nothing argument. Alex, what's your answer here? Yeah, I so my my answer is quickly is Look, I I don't have a strong opinion. I think there are good arguments for and against. And I I if anything, if I would advocate to not focus on this issue in particular as much as focusing on solution a solution for the contingency that, you know, post-quantum or quantum computer exists and and taking care of the folks that are still using Bitcoin and thinking about Bitcoin into the future. I will point out two things though. One is that there are quantum computing companies out there that are absolutely looking at Satoshi's coins as part of their go-to-market. Yeah, I saw I saw Greg Maxwell actually posted this on Reddit saying that he was aware of quantum computing companies specifically raising money for the purpose of attacking Satoshi's coins. So, if that is true, I think the other thing that you know, this the other fact is like you know, I think the that this is a the question the community is really split on. I think the last uh survey I remember was last summer, Presidio did a post-quantum Bitcoin thing and they surveyed everyone there and it was 50/50 split. Do you know, freeze or don't freeze? And so, I think this is going to be a hard issue, but I don't think we focus on it. I think we focus on doing what we can to secure the Bitcoin network for everyone who's alive today. All right, 15 seconds left. I'm going to ask the question of the title of the panel. How real is the quantum threat, Brandon? Not at all. James? Bitcoin's maybe the most geopolitically potent technology that any of us will be privy to in a long time in in terms of potential. Um we we have to be cognizant that there will be attacks. Um when the government shows up and tells me that they're here to help and that they're retiring my ECDSA scheme, I'm a bit wary. Um quantum's not a threat. Do the research. All right, quick. Hunter? Uh I I I I don't think that we should focus too much on whether the threat is real or not. I think we should >> to answer the question, but you have 1 second. How real is the quantum threat, Hunter? We need to do the work to build the solutions to make sure that we provide based on evidence and truth uh whether whether we should make changes to mitigate the fud. Alex? Um I don't want to roll the dice and bet my Bitcoin or my family's Bitcoin on the chance that those guys are wrong. So, we need to do something. Thank you, everyone. Alex Prud'homme, Hunter Beast, James O'Beirne, and Brandon Black. I'm Alex Thorn. Thank you. Thank you. >> [music] >> Every year, this community comes together to celebrate, [music] to debate, to build what comes next. >> [music] >> And every year, the stage [music] gets bigger. Sound money, center stage. [music] So, where do you go to celebrate the next chapter in Bitcoin history? [music] You come home. Nashville, July 2027. [music]