If quantum computers achieve the ability to breach Bitcoin’s cryptography, approximately 1 million BTC tied to Satoshi Nakamoto, the Bitcoin network’s creator, could be at risk of theft.
At the current valuation of about $67,600 per bitcoin, that amount would equal around $67.6 billion.
However, Satoshi’s holdings are just part of a larger issue.
Analysts estimate that nearly 6.98 million bitcoins could be compromised in a sufficiently advanced quantum attack, according to Ki Young Ju, the founder of CryptoQuant, who recently shared insights on X. This total indicates a potential exposure of about $440 billion at prevailing market prices.
Understanding Coin Vulnerability
The risk isn’t consistent across all coins. In Bitcoin’s early days, pay-to-public-key (P2PK) transactions included public keys directly on the blockchain. Modern addresses usually only display a hashed version of the key until the coins are utilized. However, if a public key becomes exposed through early mining or address recycling, that information remains permanently accessible. In an advanced quantum context, those keys may potentially be reversible.
Debate Over Intervention
Freezing at-risk coins could jeopardize Bitcoin’s essential neutrality, argues Nima Beni, founder of Bitlease. He notes that Bitcoin’s design treats all unspent transaction outputs (UTXOs) equally, without regard to wallet age, identity, or perceived threats. Altering this framework, even for protective reasons, could set a precedent for future interventions.
Georgii Verbitskii of TYMIO highlights another challenge: it’s nearly impossible to distinguish between truly lost coins and those that are merely inactive. From a protocol standpoint, there is no fail-safe method to differentiate between the two. This faction advocates enhancing cryptography to enable voluntary transitions to quantum-resistant signatures rather than modifying the underlying ownership rules.
The Mathematical Perspective
Conversely, some argue that any intervention contradicts Bitcoin’s core principle that private keys govern coins. Paolo Ardoino, CEO of Tether, suggested that allowing older coins to return to circulation, even due to quantum advancements, would be preferable to changing consensus rules. He believes that any temporary inflation from these lost coins re-entering the market would eventually stabilize.
Roya Mahboob, CEO of Digital Citizen Fund, echoed this sentiment, insisting that freezing old addresses would violate established property rights and immutability. Should quantum systems successfully breach exposed keys, she asserts that the initial discoverer should claim those coins, while she anticipates upgrades from Bitcoin Core developers to fortify the protocol before any major threats arise.
Concerns About Wealth Redistribution
Jameson Lopp voiced that allowing quantum attackers to access vulnerable coins could lead to a significant wealth redistribution to those who first acquire advanced quantum technology. He critiqued the term “confiscation” in this context, suggesting it would be more accurately described as “burning” unspendable coins unless transitioned to upgraded quantum-resistant addresses before a deadline—a change demanding widespread agreement.
He argues that permitting quantum recovery would reward technological dominance rather than contribution to the network. Quantum miners, he asserts, do not engage in trading and merely exploit the system.
Assessing the Quantum Threat
As the philosophical debate intensifies, the timeline for potential quantum threats remains uncertain. Zeynep Koruturk from Firgun Ventures remarked that recent research revealed fewer physical qubits might be necessary to break encryption systems like RSA-2048 than previously thought, potentially shortening the decryption timeline to just a few years. However, others advocate for caution, with Aerie Trouw of XYO stating there is no immediate cause for alarm while Frederic Fosco from OP_NET suggests simply upgrading cryptography would solve the issue.
The core issue revolves around governance, timing, and belief—whether the Bitcoin community can achieve consensus before quantum computing escalates into a genuine threat. Freezing at-risk coins could challenge Bitcoin’s claim of immutability, while allowing them to be compromised may jeopardize its fairness commitment.
