Bitcoin faces quantum threat to $469B as new report warns of faster timeline

A new quantum computing report warns the crypto industry has less time than expected to prepare for cryptographic attacks that could threaten more than $2 trillion in digital assets.

Nearly one-third of all Bitcoin in circulation — 6.04 million coins worth about $469 billion — is already vulnerable to theft if powerful quantum computers become a reality, according to research published Wednesday by blockchain analytics firm Glassnode. The analysis found that 30.2% of the issued supply has had its public cryptographic keys exposed on-chain, making those coins potentially recoverable by an attacker using Shor's algorithm on a sufficiently capable quantum machine.

"The operational insight is therefore clear: quantum readiness is not only a protocol-level question," Glassnode said in the report, which described the data as a baseline map of where public keys are already visible on Bitcoin's blockchain rather than a prediction that attacks are imminent.

Glassnode separates the exposed supply into two categories. Structural exposure accounts for 1.92 million BTC, or 9.6% of the issued supply — coins locked in script formats that reveal the public key by design, including early pay-to-public-key outputs linked to Bitcoin's pseudonymous founder Satoshi Nakamoto, legacy multisignature structures, and Taproot outputs. Many of these coins may be effectively immovable, trapped in lost wallets or dormant holdings that cannot be voluntarily migrated to safer address formats.

The larger category is what Glassnode calls operational exposure, totaling 4.12 million BTC, or 20.6% of the issued supply. These coins became vulnerable through address reuse — a practice where a wallet receives multiple transactions at the same address, eventually broadcasting the public key during a spend and leaving any remaining balance exposed. Within this bucket, 1.66 million BTC is exchange-related, representing about 40% of all operationally unsafe Bitcoin. The exposure is uneven across platforms: Coinbase's labeled balances show only 5% exposed, while Binance and Bitfinex show 85% and 100%, respectively.

Quantum Security Firms Propose Mitigation Strategies

Quantum security firm AmericanFortress told CoinDesk it has developed a new cryptographic signing framework to protect wallets, including the estimated 1.1 million BTC commonly attributed to Satoshi Nakamoto. Chief Executive Michal Pospieszalski said many early Bitcoin wallets were created before modern hierarchical deterministic wallet standards existed, making automatic migration difficult. The company is proposing a Bitcoin protocol upgrade that would temporarily lock potentially vulnerable dormant coins.

"Our quantum-resistant protocol would automatically freeze and protect those funds until governance decides what to do with them after Q-day," Pospieszalski said.

The urgency is underscored by parallel developments outside crypto. The Trump administration plans to award $2 billion to nine quantum computing firms while taking minority equity stakes in each, according to a Wall Street Journal report. Recipients include IBM ($1 billion), GlobalFoundries ($375 million), D-Wave Quantum, Rigetti Computing, and Infleqtion — spanning superconducting qubits, annealing systems, and neutral atom approaches. Shares of publicly traded recipients climbed between 7% and 21% in premarket trading on the news.

Apple has also been hardening its defenses, publishing research on May 22 detailing how it verified parts of its post-quantum cryptography stack using formal mathematical proofs. The effort centers on corecrypto, Apple's low-level cryptographic library used across more than 2.5 billion active devices. Engineers found a missing step in an early ML-DSA implementation that could have produced incorrect cryptographic output in rare cases — a flaw conventional testing missed.

What Comes Next

The Glassnode report estimates that 13.99 million BTC, or about 70% of the issued supply, currently shows no public-key exposure. But the window for proactive migration may be narrowing. Industry opinion remains divided on how quickly quantum computing will reach cryptographic relevance, though the new report suggests timelines may be shorter than previously assumed.

For Bitcoin holders, the practical implication is clear: coins in reused addresses or legacy script formats carry structural risk that cannot be undone after a transaction broadcasts the public key. The question is whether the industry will implement mitigation measures — protocol upgrades, wallet migration tools, or quantum-resistant address formats — before a capable quantum computer exists.

This article is for informational purposes only and does not constitute investment advice.