Why Is Quantum Risk Becoming A Bitcoin Governance Issue?
Coinbase’s Independent Advisory Board on Quantum Computing and Blockchain has estimated that roughly 7 million bitcoin sit in addresses exposed to a future quantum attack, turning a long-running technical concern into a larger governance question for the bitcoin community.
The report does not argue that bitcoin cryptography can be broken today. It instead says the migration process could take years, meaning the network cannot wait until a cryptographically relevant quantum computer exists before deciding how vulnerable coins should be handled.
The exposure is divided into two main groups. About 1.7 million bitcoin are held in roughly 20,000 legacy pay-to-public-key addresses, where the public key itself is visible onchain. Those coins are directly exposed if quantum computers become capable of deriving private keys from public keys. Many of them are believed to be early-era coins, including coins assumed to belong to bitcoin’s pseudonymous creator or owners who may have lost access long ago.
The larger risk comes from address reuse. Citing estimates from quantum-security firm Project Eleven, the board said about 5 million bitcoin are vulnerable because their public keys have already been revealed. Unlike the older legacy coins, much of this bucket appears to involve active users, including large cold wallets held by known exchanges and wallets showing recent activity.
Why Does Address Reuse Matter?
Bitcoin addresses are safest when public keys are not exposed until coins are spent. When users reuse addresses, or when older address formats reveal public keys more directly, that protection weakens in a future quantum scenario.
That distinction matters because the governance debate is not only about abandoned coins. If all vulnerable bitcoin belonged to owners who lost their keys years ago, the policy question would be narrower. The board’s report says the more difficult issue is what to do with holders who still control their funds but fail to migrate before any future deadline.
That group could include exchanges, custodians, and active holders behind reused-key wallets. For the market, this shifts quantum migration from a theoretical security upgrade into an operational issue for companies holding customer assets. Exchanges may eventually need to prove that cold wallet infrastructure, custody procedures, and internal controls are prepared for a post-quantum migration path.
The finding also increases pressure on the bitcoin developer community to separate two debates: how to add post-quantum protection, and whether the network should restrict or freeze coins that remain vulnerable after a long transition period.
Investor Takeaway
The immediate market risk is not a quantum attack today. The risk is uncertainty over how bitcoin will manage a multi-year security migration involving exchanges, active wallets, and potentially millions of coins that may not move before a deadline.
Should Vulnerable Bitcoin Be Frozen Or Left Alone?
The report lays out competing approaches but does not endorse a single solution. One proposal would set a future deadline after which quantum-vulnerable signatures, including ECDSA and Schnorr, are no longer accepted. Coins that do not migrate in time would effectively become frozen.
Supporters of that approach argue that once cryptography is broken, old signatures no longer provide reliable proof of ownership. They also argue that allowing long-dormant vulnerable coins to move after a quantum breakthrough could create a sudden supply shock and damage remaining holders. The report also notes concerns that a sanctioned actor, including North Korea, could seize vulnerable coins if the network fails to act.
The opposing view is that bitcoin should enable post-quantum addresses but leave responsibility with each owner. Backers of that position argue that freezing or burning coins would amount to network-level confiscation, cutting against bitcoin’s property-rights ethos. They also argue there is no reliable way to distinguish a negligent owner from someone who is imprisoned, deceased, incapacitated, or temporarily unable to access a key.
Between those positions, the report describes intermediate ideas. An “Hourglass” design would limit how many legacy P2PK coins can move per block to reduce the risk of a sudden supply shock. Draft BIP-361 would phase out legacy signatures after a set time while allowing users to prove ownership through a quantum-resistant zero-knowledge proof. Provable Address-Control Timestamps, or PACTs, would let holders commit today to a future quantum-safe transfer without immediately moving funds onchain.
What Are The Implications For Exchanges And Institutions?
The exchange exposure is one of the report’s most important market points. If large cold wallets are among the 5 million bitcoin exposed through address reuse, then quantum migration becomes a custody and disclosure issue for major platforms.
Institutions evaluating bitcoin exposure may eventually need to ask whether custodians have mapped vulnerable wallets, tested migration procedures, and prepared customer communication plans. Asset managers and corporate holders may also need to understand whether their coins sit in address types that expose public keys and whether movement to safer structures can be done without creating operational or market disruption.
The board urged the bitcoin community to start technical migration work now, saying post-quantum signature support should not be delayed by disagreement over abandoned coins. It also called for clearer communication so users are not left guessing about timelines, risks, or required actions.
The report’s members include researchers and cryptographers from Coinbase, Stanford, UT Austin, the Ethereum Foundation, Eigen Labs, the University of Washington, and UCSB. Their conclusion is cautious but direct: quantum risk is uncertain, but the migration process is long enough that planning needs to begin before the threat becomes immediate.
For investors, the issue is less about near-term price pressure and more about future network credibility. Bitcoin’s value depends partly on the durability of its security model. A credible post-quantum roadmap would reduce uncertainty for exchanges, custodians, and institutional allocators. A fragmented debate over whether to freeze vulnerable coins could do the opposite, adding governance risk to one of the market’s most important long-term assets.
