1.7 million Bitcoins exposed to quantum threats, the defense battle in the crypto world has begun

Quantum computing is transitioning from a theoretical threat to a real-world challenge. According to the latest analysis, approximately 1.7 million bitcoins are at high risk of quantum attack, a figure that has become central to the entire discussion on crypto asset defenses. As tech giants like Google make breakthroughs in quantum processors, the quantum storm once considered a distant black swan seems to be approaching.

The Hidden Concerns of 1.7 Million BTC: Why This Time Is Different

For a long time, quantum attacks were viewed as a theoretical threat to Bitcoin. But with accelerating technological progress, this threat is no longer just academic discussion. Data shows that about 6.71 million BTC (worth over $600 billion) are directly exposed to the risk of quantum cracking, with the most concerning being the 1.7 million BTC belonging to Satoshi and early miners’ P2PK addresses.

Why are these assets particularly vulnerable? The reason lies in the fact that early Bitcoin addresses expose the full public key directly on the blockchain during transactions. In theory, quantum computers could reverse-engineer private keys from public keys, enabling asset theft. Most of these 1.7 million BTC are in a “permanently lost” state, unclaimed for a long time, and even after Bitcoin upgrades, these “zombie coins” cannot be migrated.

In contrast, newer types of Bitcoin addresses are less susceptible to quantum attacks because they do not expose the full public key on-chain. This means most ordinary users face lower short-term risks, but if the market crashes due to quantum panic, systemic risks will be amplified.

The Time Race: Where Experts Disagree

There is a clear divergence within the industry regarding when the quantum threat will truly materialize. Nic Carter, co-founder of Castle Island Ventures, warns that quantum computing is only “an engineering challenge” away from cracking Bitcoin. Charles Hoskinson, founder of Cardano, added that assessing whether quantum risk has entered a usable stage should reference DARPA’s quantum benchmarking project, which is expected to evaluate feasibility by 2033.

But there are also optimistic voices. Grayscale explicitly states in its “2026 Digital Asset Outlook” that, although the quantum threat is real, it is just a “false alarm” for the short-term market and will not affect short-term valuations. Wang Chun, co-founder of F2Pool, bluntly said that quantum computing is still a “bubble,” and even following Moore’s Law, it would take 30 to 50 years to substantially crack Bitcoin’s encryption standards. Adam Back, CEO of Blockstream, also stated that Bitcoin will be safe for at least 20 to 40 years.

However, Charles Edwards, founder of crypto asset management firm Capriole Investment, issued a more urgent warning, urging the community to build defenses before 2026, or latecomers might see Bitcoin “go to zero.” The differing time judgments reflect varying assessments of the speed of quantum technology development.

The Upgrade Dilemma: Why Is It So Difficult to Address

In theory, Bitcoin can adopt post-quantum signature schemes through a soft fork upgrade. The US National Institute of Standards and Technology (NIST) completed approval of post-quantum cryptography standards in 2024, including hash-based and lattice-based schemes. However, translating theory into practice is far more difficult than expected.

The first challenge is time. Based on the upgrade histories of SegWit and Taproot, completing discussions, development, and consensus on quantum defenses could take up to ten years. During this window, the 1.7 million exposed P2PK addresses face irreversible risks.

The second challenge is proactive migration. Bitcoin upgrades cannot be passively completed; users must actively transfer assets to new addresses. It is estimated that a large number of dormant coins will lose protection, making them vulnerable to quantum attacks and possibly abandoned, totaling millions of bitcoins worth hundreds of billions of dollars at current market prices.

The third challenge is governance efficiency. Bitcoin Core developer Jameson Lopp admits that adapting Bitcoin for the post-quantum era will be very tricky. The reasons are varied, but at the core is the community’s extreme caution toward any protocol changes. MicroStrategy founder Michael Saylor pointed out, “Modifying the Bitcoin protocol must be extremely conservative and ensure global consensus.” This cautious approach protects Bitcoin but could also hinder responses to quantum threats.

Defense Strategies of Public Blockchains: Progress and Strategic Differences

Compared to Bitcoin’s cautious stance, other public chains have begun to take proactive steps.

Ethereum has incorporated post-quantum cryptography into its long-term roadmap, especially as a key goal during the Splurge phase. The strategy involves layered upgrades, using second-layer (L2) solutions as testing grounds for quantum-resistant algorithms. Ethereum co-founder Vitalik Buterin warned that quantum computers could crack Ethereum’s elliptic curve encryption by 2028, urging the community to upgrade to quantum-resistant cryptography within four years.

Aptos recently proposed an improvement plan AIP-137, aiming to support quantum-resistant digital signatures at the account level in an optional manner, without affecting existing accounts. This scheme will support hash-based signatures standardized as FIPS 205, such as SLH-DSA.

Solana Foundation announced a collaboration with post-quantum security firm Project Eleven. The company has conducted a comprehensive quantum threat assessment of the Solana ecosystem, covering core protocols, user wallets, validator security, and long-term cryptographic assumptions. They successfully prototyped transactions using post-quantum digital signatures on the Solana testnet, demonstrating feasibility and scalability.

Cardano adopts a more gradual approach. Through the Mithril protocol, it establishes post-quantum checkpoints for the blockchain, adding redundancy without affecting current mainnet performance. Once hardware acceleration matures, post-quantum schemes will be gradually integrated into the main chain. Hoskinson noted that acting too early would only waste scarce on-chain resources on immature technology.

Zcash has developed a quantum-recovery mechanism, allowing users to migrate old assets to more secure post-quantum modes.

Blockstream research team recently published a revised paper suggesting that hash-based signature techniques could be the key solution to protecting the $1.8 trillion Bitcoin blockchain. This scheme has undergone extensive cryptanalysis during NIST’s post-quantum standardization process, enhancing its robustness and credibility.

Investor Insights: The True Meaning Behind 1.7 Million BTC

In the face of the quantum threat to 1.7 million BTC, investors need to understand several core facts. First, short-term risks are manageable. According to mainstream consensus, the quantum threat is unlikely to materially impact the market before 2026, so investors need not panic immediately. Second, risk distribution is uneven. P2PK addresses are the most vulnerable, but modern address types are relatively secure. Finally, risks could also present opportunities. If the market crashes due to quantum panic, seasoned investors might seize the opportunity to buy in.

The core of defense strategies is not about perfect technical solutions but about timing. Each public chain is racing against the pace of quantum computing development. Although the quantum storm has not yet arrived at the gates, building a defense system has become an unavoidable reality for crypto projects. In the coming period, more public chains are expected to join this battle of offense and defense, and the fate of the 1.7 million BTC will serve as a key indicator of the entire industry’s defensive capacity.