The quantum threat to Bitcoin ownership arises because about 6.9 million BTC, roughly one-third of all mined bitcoin, are held in wallets whose public keys are permanently visible on-chain. Most of these funds are early bitcoin stored in address formats that published the public key by default, and the set includes any wallet that has ever been spent from because spending reveals the public key for remaining balances. The 2021 Taproot upgrade expanded the problem.
Bitcoin wallets become vulnerable to the quantum threat to Bitcoin ownership when their public keys are visible on-chain, because that visibility exposes those keys to quantum attacks. Approximately 6.9 million BTC are held in addresses whose public keys are permanently visible, and most of these funds are early bitcoin stored in address formats that published the public key by default. Any wallet that has ever been spent from reveals its public key at the time of spending, which exposes the keys protecting any funds that remain at that address. The 2021 Taproot upgrade expanded the set of on-chain public keys by increasing the use of script types whose keys may be revealed when executed. As an illustrative example of unexposed holdings, roughly 1 million bitcoin attributed to Satoshi Nakamoto have remained untouched and thus have not had their public keys revealed on-chain.
Recent research by Google has highlighted a potential quantum threat to Bitcoin ownership, illustrating that quantum attacks on Bitcoin’s cryptographic security could be executed with fewer resources than previously anticipated. Such an attack, focused on breaking Bitcoin’s public key cryptography, might occur within a timeframe that competes with Bitcoin’s block times, posing a risk to certain vulnerabilities within its transaction processes.
Despite these concerns, Bitcoin’s underlying blockchain infrastructure remains resilient due to its reliance on cryptographic hashing functions. These hashing mechanisms are considered secure against quantum computational threats, meaning Bitcoin’s blockchain ledger itself would remain operational, maintaining the ongoing production of blocks and the integrity of the chain. This demonstrates a separation of risk between transaction keys and ledger resilience.
About 6.9 million BTC are in addresses whose public keys are permanently visible, exposing a substantial share of Bitcoin. Google research indicated a proposed quantum attack could need fewer resources than previously estimated. That attack could operate within a window competing with Bitcoin’s block times. Bitcoin mining and the ledger depend on hashing mechanisms quantum computers cannot meaningfully break; blocks would continue and the chain would remain operational.
