A controversial new proposal to protect Bitcoin from future quantum computer attacks is dividing the cryptocurrency community. Draft Bitcoin Improvement Proposal (BIP) 361, authored by cypherpunk Jameson Lopp and five collaborators, suggests a mechanism to effectively freeze roughly 1.7 million BTC held in early, vulnerable addresses. This staggering sum includes the legendary stash belonging to Bitcoin’s pseudonymous creator, Satoshi Nakamoto, valued at approximately $74 billion. The plan, described by its authors as a “defensive” move, would render these coins unspendable if their owners fail to migrate them to new, quantum-resistant addresses within a set timeframe.
The Quantum Threat to Bitcoin’s Foundation
For years, experts have warned that sufficiently powerful quantum computers could one day break the cryptographic algorithms securing digital assets. Bitcoin’s specific vulnerability lies in its early pay-to-public-key (P2PK) addresses. These addresses, used prominently in Bitcoin’s first years, expose the public key on the blockchain once funds are spent from them. A future quantum computer could theoretically use Shor’s algorithm to derive the private key from that public key, allowing an attacker to steal any remaining funds. According to analysis cited in BIP-361, about 34% of Bitcoin’s total supply—nearly 1.7 million BTC—remains locked in these P2PK and other vulnerable legacy formats. The sheer scale of this potential target represents a systemic risk. A successful quantum attack on Satoshi’s coins or other large, dormant stashes could crash the market and destroy trust in the network’s foundational security model.
Also read: Ether Open Interest Jumps 26% in Market Rally, But Trader Skepticism Looms
BIP-361’s Three-Phase “Sunset” Plan
BIP-361, titled “Post Quantum Migration and Legacy Signature Sunset,” is the second part of a broader strategy. It builds on BIP-360, proposed in February 2026, which introduced a new, quantum-resistant output type called pay-to-Merkle-root (P2MR). However, BIP-360 only secures new transactions. BIP-361 tackles the existing vulnerable coins through a forced migration schedule.
The proposal outlines three distinct phases following a network activation:
Also read: EIP-8105: Ethereum's Bold New Plan for an Encrypted Mempool
- Phase A (3 years after activation): The network would prevent any new BTC from being sent to old-style, vulnerable addresses. This pushes all active users onto quantum-resistant address types.
- Phase B (5 years after activation): This is the core controversial step. The network would invalidate signatures from the old vulnerable addresses. Any Bitcoin still sitting in those addresses at this deadline would become permanently frozen and unspendable.
- Phase C: This phase offers a potential lifeline. It proposes a rescue mechanism using zero-knowledge proofs. This would allow individuals who missed the deadline but still possess their original seed phrase to prove ownership and recover their frozen funds, though through a more complex process.
The authors frame this not as a confiscation but as a “private incentive to upgrade.” Their logic is economic: coins that are lost or frozen increase the value of remaining coins by reducing the effective supply. Conversely, if a malicious quantum actor stole those coins and dumped them on the market, the value of everyone else’s holdings would drop.
A Philosophical Fault Line Exposed
The backlash was swift and severe. When Bitcoin protocol developer Mark Erhardt shared the BIP-361 draft on social media platform X, it ignited a firestorm of criticism. Critics argue the plan represents a profound betrayal of Bitcoin’s core ethos of individual sovereignty and immutable ownership.
“This quantum proposal is highly authoritarian and confiscatory,” wrote one respondent. “There is no good rationale for forcing the upgrade and rendering old spends invalid.” Bitcoin Magazine editor Brian Trollz rejected the proposal outright. Marty Bent, founder of TFTC, called it “laughable.” Phil Geiger, head of business development at the investment firm Metaplanet, offered a succinct critique: “We have to steal people’s money to prevent their money from being stolen.”
This opposition highlights a deep philosophical rift. On one side are those prioritizing the network’s long-term survival against an existential technological threat. On the other are proponents of absolute protocol neutrality and user autonomy, who view any forced action, even for security, as a dangerous precedent.
Weighing the Risks: Inaction Versus Intervention
Proponents of BIP-361 argue the community faces a stark choice. They contend that doing nothing is the riskier path. A quantum attack on such a large portion of the supply would be a catastrophic event, likely causing irreparable damage to Bitcoin’s reputation and price. The proposal’s defensive framing is central to their argument. “This is not an offensive attack,” the authors write. “Our thesis is that the Bitcoin ecosystem wishes to defend itself and its interests against those who would prefer to do nothing and allow a malicious actor to destroy both value and trust.”
However, skeptics question both the urgency and the method. Some researchers, like those referenced in the original content, argue Bitcoin could be made quantum-safe without a protocol upgrade that freezes funds. Others point out that the quantum computers capable of this feat likely remain decades away, providing ample time for less drastic solutions. The more immediate concern for critics is the precedent. Implementing BIP-361 would mean the Bitcoin network, for the first time, actively invalidates a specific class of legitimate unspent transaction outputs (UTXOs) based on a perceived future threat. This could open the door to future arguments for confiscating or freezing coins for other reasons, eroding the “hard money” property many holders cherish most.
The Road Ahead for BIP-361
As a draft posted to GitHub, BIP-361 is far from becoming Bitcoin law. Its path forward is exceptionally difficult. For it to activate, it would need to be formalized, undergo extensive peer review, and ultimately achieve overwhelming consensus among the network’s users, miners, and node operators. The intense early criticism suggests that consensus is currently absent.
The debate itself is valuable. It forces the Bitcoin community to confront a complex, long-term security challenge. It also tests the limits of its governance principles. Whether BIP-361 evolves, is abandoned, or inspires an alternative, the conversation it has started about protecting Bitcoin’s past from the technology of the future is now unavoidable. The proposal underscores a critical tension between preserving the integrity of existing holdings and ensuring the network’s survival for the next generation of users.
Conclusion
The BIP-361 proposal to freeze quantum-vulnerable Bitcoin coins represents a watershed moment in cryptocurrency governance. It pits urgent, collective security concerns against foundational principles of individual ownership and network neutrality. While the technical rationale for defending against a future quantum attack is clear, the method of forcibly migrating or freezing billions in assets has sparked legitimate outrage. This debate will likely define how Bitcoin approaches other systemic risks. The outcome will signal whether the network’s ultimate priority is the absolute preservation of every satoshi ever created or the adaptive preservation of the system as a whole. For now, BIP-361 remains a provocative draft, but the profound questions it raises about security, sovereignty, and sacrifice are now permanently on the table.
FAQs
Q1: What is the main goal of BIP-361?
The primary goal of BIP-361 is to protect the Bitcoin network from a future attack by quantum computers. It proposes a forced migration of coins held in vulnerable, older address formats to new, quantum-resistant addresses. Coins not moved within a five-year deadline would become frozen and unspendable.
Q2: Why is Satoshi Nakamoto’s Bitcoin stash a target in this proposal?
Satoshi’s estimated 1.1 million BTC is held in early P2PK addresses, which are quantum-vulnerable. This makes it the single largest potential target for a quantum attack. Stealing or destabilizing this stash could severely impact the entire network’s value and trust.
Q3: Is a quantum computer attack on Bitcoin imminent?
No. Most experts believe the quantum computers powerful enough to break Bitcoin’s cryptography are likely decades away. BIP-361 is a preemptive, long-term defense strategy, not a response to an immediate threat.
Q4: What happens to frozen coins under BIP-361?
Coins frozen in Phase B would be permanently unspendable on the blockchain. However, Phase C outlines a potential recovery mechanism using zero-knowledge proofs, allowing rightful owners who still have their seed phrase to reclaim them through a special process.
Q5: Has the Bitcoin community accepted BIP-361?
Absolutely not. The proposal has faced fierce criticism from prominent community figures who view it as a form of confiscation and a violation of Bitcoin’s core principles. It remains a draft document and faces significant hurdles to ever achieving the consensus needed for activation.
This article was produced with AI assistance and reviewed by our editorial team for accuracy and quality.
Be the first to comment