Around 7 million Bitcoin are currently held in addresses that could be vulnerable to future quantum computing attacks, according to a report from the Independent Advisory Board on Quantum Computing and Blockchain. The group warns that a large share of these funds belongs to active users, including assets stored in cold wallets tied to major institutions.
The findings highlight a long-standing technical weakness that could become critical if quantum capabilities advance faster than expected.
Legacy and reused addresses drive exposure
The report estimates that about 1.7 million Bitcoin sit in roughly 20,000 legacy pay-to-public-key (P2PK) addresses. These early-era addresses expose full public keys directly on the blockchain, making them the most immediately susceptible to quantum-based decryption. Many of these holdings are believed to be linked to early network participants who may no longer control their keys.
An additional 5 million Bitcoin are tied to reused addresses. Data cited from Project Eleven suggests most of these funds belong to active accounts, some of which show recent on-chain activity or are held in cold storage. Address reuse exposes public keys after transactions, leaving any remaining balance permanently visible and potentially vulnerable.
No immediate threat, but long timelines raise urgency
The advisory board stresses that no operational quantum computer currently exists that can break Bitcoin’s cryptography. However, it warns that building and deploying quantum-resistant systems could take years, requiring early preparation.
The report also references a growing concern known as “harvest now, decrypt later,” where adversaries store publicly available blockchain data today in anticipation of future decryption capabilities. A recent study from Google Quantum AI suggests the technical threshold for breaking encryption may be significantly lower than previously believed, intensifying long-term concerns.
Industry divided on how to respond
Proposals to address the risk vary widely and reflect a deeper divide over how to balance security with Bitcoin’s principles.
One approach would enforce a migration deadline, after which older signature schemes such as ECDSA and Schnorr would no longer be accepted. This would effectively freeze any funds that are not moved in time.
Another approach would introduce post-quantum address formats while leaving migration decisions to individual users, avoiding protocol-level intervention but accepting the possibility of theft from unprotected funds.
Between these positions, developers are discussing hybrid ideas, including limiting how many vulnerable coins can move in each block under an “Hourglass” model, or phasing out legacy signatures through proposals such as BIP-361. Other concepts, including Provable Address-Control Timestamps (PACTs), aim to let holders pre-commit to future migrations using cryptographic proofs without moving funds immediately.
Scale of exposure raises stakes
The vulnerability stems from how ownership is proven on-chain, particularly in older formats that permanently reveal public keys. While the issue has been known for years, the scale—estimated at over $400 billion at current prices—has renewed concern.
The most acute risk lies with P2PK addresses, while reused addresses represent a broader but less direct exposure. Together, they form a significant portion of Bitcoin’s circulating supply.
Market context adds pressure
The debate comes as Bitcoin continues to hold near the $60,000 level amid macroeconomic uncertainty and notable outflows from ETFs. The potential need for large-scale fund migration introduces another variable for traders already navigating volatile conditions.
In the near term, the most practical mitigation remains avoiding address reuse and moving funds to more secure formats. While the quantum threat remains theoretical, the report concludes that preparations must begin well before the technology becomes viable.
Concerned about Bitcoin’s future security? Learn how digital signatures work in crypto in this guide on digital signatures.
Disclaimer: The content on this page is provided for general informational purposes only and does not represent the views or financial advice of Toobit. We make no guarantees regarding the accuracy or completeness of this information and shall not be held liable for any errors, omissions, or outcomes resulting from its use. Investing in digital assets involves risk; users should independently evaluate their financial situation and the risks involved. For further details, please consult our Terms of Service and Risk Disclosure.
