BitMEX Research has proposed a “canary fund” mechanism for Bitcoin as a reactive safeguard against future quantum computing attacks, arguing that major restrictions on older coins should only occur once a real exploit is demonstrated on-chain.
The design, outlined as a potential soft fork, would delay any network-wide freeze of vulnerable addresses until a successful quantum-based theft is proven. This positions BitMEX’s idea directly against Bitcoin Improvement Proposal 361 (BIP-361), which calls for a preemptive and phased shutdown of legacy address types.
How the canary fund would work
At the center of the BitMEX proposal is a special Bitcoin address known as a “canary fund.” This address would be constructed using a “nothing-up-my-sleeve number” (NUMS) — a mathematically valid public key with no known private key.
- A publicly known canary address holds the NUMS-based key.
- Participants can deposit bitcoin into this address, turning it into a bounty.
- Anyone capable of using a quantum computer to derive the private key and spend the funds would effectively “trip” the canary.
If a transaction is ever broadcast that spends coins from this canary address, it would serve as an undeniable signal that quantum computers can break the network’s current cryptography. The proposed soft fork would then automatically trigger a defensive freeze on vulnerable outputs.
Until that point, no freeze would occur and all coins, including those in older formats exposed to quantum risk, would remain fully spendable.
Reactive freeze instead of blanket restrictions
Under BitMEX’s framework, legacy and quantum-exposed funds would not be preemptively locked. They would continue to move freely unless and until an attacker demonstrates a quantum exploit in practice.
The proposal also sketches a “canary watch state” in which participants could use multisignature wallets and still retain direct control over their withdrawals. Even in a post-breach environment, the aim is to allow continued usability while quarantining only specific compromised outputs.
According to the technical outline, this approach would keep quantum-exposed transactions spendable even after the five-year timeline referenced in BIP-361. Only particular outputs shown to be at risk could be temporarily locked as a safety measure, with the intention of limiting fallout rather than freezing large portions of the supply in advance.
Contrast with BIP-361’s preemptive freeze
BIP-361, co-authored by Jameson Lopp, proposes a much more conservative stance toward quantum risk. The draft envisions:
- A three-year grace period after activation, during which traders could migrate funds away from old address types.
- A ban on new payments to legacy formats after that grace period.
- A further two-year window before making remaining legacy signatures invalid, rendering coins in those addresses permanently unspendable.
The motivation is the high proportion of bitcoin believed to be held in quantum-exposed formats. Some estimates suggest around 34% of the total supply is at risk, including roughly 1.7 million BTC in the oldest pay-to-public-key (P2PK) addresses. That group is widely believed to encompass the early holdings attributed to Bitcoin creator Satoshi Nakamoto.
Rising concern over quantum timelines
Concerns have been amplified by recent research from groups such as Google’s Quantum AI division, which indicates that the resources needed to break common cryptographic schemes may be lower than earlier forecasts suggested.
Some projections now place the emergence of quantum machines capable of challenging Bitcoin’s current security assumptions as early as 2027. That possibility has pushed developers to explore both proactive and reactive defense models, even as the exact timeline remains uncertain.
Community backlash over “confiscatory” measures
The BIP-361 approach has drawn sharp criticism from many in the Bitcoin community. Opponents argue that preemptively invalidating old coins, even with a long lead time, conflicts with core principles of self-custody and absolute control over funds.
Commentary around the proposal has described it as confiscatory in effect, raising fears that social or political pressure could drive similar changes in the future.
Responding to the backlash, Lopp has stressed that BIP-361 is not a finalized activation plan but a contingency concept. He has framed it as a rough framework to address potential liquidity shocks if post-quantum signature schemes become necessary, rather than a proposal that should be adopted under current conditions.
Implications for traders and the network
The emergence of the BitMEX “canary fund” idea sets up a clear philosophical divide:
- BitMEX’s model: wait for hard, on-chain proof of a quantum exploit before imposing restrictions, using a bounty-based canary address as an early warning system.
- BIP-361’s model: act before any breach occurs, gradually phasing out vulnerable address types to reduce systemic risk.
For traders, the immediate practical signal is consistent across both approaches: holding large balances in legacy address formats, especially those created before 2010, carries rising perceived risk in long-term scenarios.
While neither proposal is close to activation, the debate underscores a growing incentive for holders of older coins to migrate to modern address types with stronger security assumptions, even as the community continues to argue over how far the protocol itself should go in preparing for the quantum era.
Concerned about Bitcoin’s future under quantum threats? Deepen your understanding of blockchain security with our guide: learn how blockchain works today.
Disclaimer: The content on this page is provided for general informational purposes only and does not represent the views or financial advice of Toobit. We make no guarantees regarding the accuracy or completeness of this information and shall not be held liable for any errors, omissions, or outcomes resulting from its use. Investing in digital assets involves risk; users should independently evaluate their financial situation and the risks involved. For further details, please consult our Terms of Service and Risk Disclosure.
