Skip to main content
MANIFOLD
Q-Day before 2030?
88
Ṁ50kṀ87k
2030
18%
chance

Resolution criteria

Q-Day resolves YES if a quantum computer becomes powerful enough to crack current encryption techniques on or before December 31, 2029. Resolution will be determined by credible public announcements from major quantum computing organizations (Google, IBM, IonQ, Quantinuum, or equivalent) demonstrating a cryptographically relevant quantum computer (CRQC) capable of breaking RSA-2048 or equivalent elliptic curve cryptography. NIST's deprecation timeline calls for quantum-vulnerable algorithms to be deprecated after 2030, providing an objective reference point. The market resolves NO if no such capability is publicly demonstrated by the end of 2029.

Background

Q-Day is when quantum computers can break today's encryption, marking the point when a cryptographically relevant quantum computer can run algorithms like Shor's to break RSA and elliptic-curve encryption. The quantum resources needed to break modern encryption have dropped by an order of magnitude since May 2025. What once required 20 million qubits now requires fewer than one million for RSA, potentially fewer than 100,000 under newer architectures.

The current consensus points to 2030 ±2 years for CRQC capability. Forrester's analysis projects Q-day by 2030, while even in optimistic forecasts, the probability of such a machine arriving within ten years remains under 20%.

Considerations

The "Harvest Now, Decrypt Later" attack model involves adversaries, including nation-state actors, systematically harvesting encrypted data today with the intention of decrypting it once a cryptographically relevant quantum computer becomes available. This means the threat is already active regardless of when Q-Day officially arrives. Additionally, Q-Day will likely only be recognized in hindsight, perhaps when a major encryption crack is publicly demonstrated.

This description was generated by AI.

  • Update 2026-04-09 (PST) (AI summary of creator comment): Breaking either RSA-2048 or equivalent elliptic curve cryptography is sufficient for YES resolution — both do not need to be broken.

Market context
Technology
Crypto
Quantum Computing
Get
Ṁ1,000
to start trading!

People are also trading

Sort by:

Is breaking elliptic curve cryptography enough for this to resolve YES or do both ECC and RSA need to be broken for this market?

@PlasmaPower "capable of breaking RSA-2048 or equivalent"

@SG what's the ECC equivalent? No one uses 2048 bit curves, but I'd say the best equivalent would be the most commonly used ECC, ECDSA over P-256 (aka secp256r1). Does that sound like a fair basis? Or do you mean ECC of equivalent quantum difficulty? (which afaik does not exist in real-world usage at least)

@PlasmaPower that sounds reasonable

Oh, the "harvest now, decrypt later" idea is really fascinating, actually! I hadn't thought about that.

This is essentially a market on how much do state actors want to boast?

@JussiVilleHeiskanen That's a funny way to look at it, but I think I agree. 😆

People are also trading