If quantum computers eventually reach the capability to break Bitcoin’s cryptographic defenses, approximately one million BTC linked to Bitcoin’s creator, Satoshi Nakamoto, could be at risk of theft.
At the current valuation of around $67,600 per bitcoin, this amount would equate to nearly $67.6 billion.
However, Satoshi’s holdings represent only a fraction of the potential exposure.
Analysts estimate that close to 6.98 million bitcoins might be susceptible if a sufficiently advanced quantum attack occurs. Ki Young Ju, founder of CryptoQuant, recently shared on X that at today’s prices this vulnerable supply could total about $440 billion.
The growing debate inside and outside the Bitcoin community revolves around a straightforward yet often contentious question:
Why Are Certain Bitcoins Vulnerable?
The risk is not evenly distributed across all bitcoins. In Bitcoin’s early days, pay-to-public-key (P2PK) transactions revealed public keys directly on the blockchain. Nowadays addresses usually show only hashed versions until coins are spent; however once an early public key is exposed—either through mining or address reuse—that exposure remains permanent. With advanced enough quantum technology, these keys might theoretically be reversed and compromised.
Neutrality Versus Intervention
Some argue that freezing vulnerable coins would contradict Bitcoin’s core principle of neutrality.
Nima Beni, founder of Bitlease, explained: “Bitcoin treats all unspent transaction outputs equally without regard for wallet age or identity or any perceived threat — this impartiality underpins its credibility.”
He warned that creating exceptions—even for security reasons—would alter this fundamental architecture because granting authority to freeze coins opens doors for other interventions as well.
Georgii Verbitskii from crypto investor app TYMIO highlighted another issue: distinguishing truly lost coins from dormant ones is practically impossible within protocol constraints.
“There is no reliable method in the protocol to differentiate between permanently lost bitcoins and those simply inactive,” Verbitskii stated.
This group favors upgrading cryptographic methods and enabling voluntary migration toward quantum-resistant signatures rather than modifying ownership rules embedded in the protocol itself.
Laissez-Faire Approach: Let Mathematics Decide
A contrasting viewpoint holds that any intervention infringes upon Bitcoin’s foundational rule—that private keys govern coin control.
Tether CEO Paolo Ardoino suggested it may be better to allow old coins potentially recovered via quantum breakthroughs back into circulation instead of changing consensus protocols:
“Any bitcoin stuck in lost wallets—including Satoshi’s if he isn’t alive—will eventually be hacked and reintroduced into circulation.”
“The inflationary impact would likely be temporary as markets adjust over time.”
This perspective embraces “code is law” philosophy where advancements in cryptography naturally dictate coin movement.
Roya Mahboob , CEO & founder of Digital Citizen Fund , echoed similar sentiments :
“Freezing old addresses dating back to 2009 violates immutability and property rights,” she told CoinDesk .
“Whoever cracks exposed keys first should rightfully claim those coins.”
She also expects ongoing research by Bitcoin Core developers will strengthen protections before any serious threat arises .
The Argument For Burning Vulnerable Coins
Jameson Lopp warns allowing attackers with quantum tech free rein over vulnerable funds amounts to massive wealth redistribution favoring whoever gains access first .
In his essay Against Allowing Quantum Recovery Of Bitcoin , Lopp clarifies he prefers describing defensive soft forks as burning rather than confiscation:
“’Confiscation’ doesn’t accurately describe what’s happening,” Lopp wrote . “’Burning’ better captures rendering funds inaccessible rather than seizing them.”
Such measures typically require soft forks making affected outputs unspendable unless migrated timely onto upgraded quantum-secure addresses—a change demanding broad consensus.
Lopp argues permitting recovery rewards technological dominance instead of genuine network participation:
“Quantum miners don’t exchange value—they’re parasites feeding off system vulnerabilities.”Assessing The Imminence Of The Threat
While philosophical debates continue heating up,the technical timeline remains uncertain.
Zeynep Koruturk from Firgun Ventures said recent findings suggesting fewer physical qubits needed than expected shocked many experts.
“If lab results confirm these theories,the timeframe for breaking RSA-2048 encryption could shrink down two-three years,” she noted,making elliptic curve cryptography vulnerable too eventually.
Caution voices persist:
XYO CTO Aerie Trouw believes practical concerns remain distant enough not warrant panic now,
while OP_NET co-founder Frederic Fosco stresses upgrades can fix issues quickly:
“If such machines appear,you just update your crypto—it’s an engineering challenge with known solutions.”
The ultimate dilemma centers on governance,timing,and philosophy—whether consensus emerges before powerful quantum computing threatens network security.
Freezing susceptible funds challenges immutability claims while letting them fall risks fairness principles.