March 11, 2026 — New analysis from leading cryptography researchers reveals a sobering reality for Bitcoin holders worldwide. Contrary to previous estimates suggesting only 25-30% of Bitcoin faces quantum computing threats, emerging research indicates the entire 21 million Bitcoin supply — excluding lost coins in quantum-secure addresses — remains theoretically vulnerable to sufficiently advanced quantum computers. The critical vulnerability window occurs during transaction processing, when public keys briefly expose themselves in the mempool. This development comes as construction begins on Chicago’s million-qubit quantum computing facility, targeting 2027 completion and signaling accelerated quantum advancement timelines.
Beyond the Risq List: The Full Scope of Quantum Vulnerability
Project 11’s Bitcoin Risq List currently identifies 6,887,180 Bitcoin worth over $450 billion as “at risk,” focusing on addresses with exposed public keys. Approximately 3-4 million of these coins are considered permanently lost and cannot upgrade to quantum-secure protocols. However, this assessment represents only the initial attack surface. “That’s not the whole story,” explains Yoon Auh, CEO of BOLTS, which is developing quantum-proof signature technology for blockchain networks. “If you want to spend your Bitcoin, you have to reveal the public key. You can’t get around that.”
Also read: Contentos Rally Strengthens Amid Whale Accumulation
This revelation fundamentally changes the risk calculus. While “long exposure” addresses — those with public keys visible for years, including Satoshi Nakamoto’s original coins — represent low-hanging fruit for quantum attackers, the remaining Bitcoin supply faces “short exposure” risks. Every transaction creates a 10-60 minute window where public keys become visible in the mempool, potentially exposing them to quantum attacks capable of deriving private keys within that timeframe.
Short-Exposure Attacks: The Emerging Threat Field
The recently updated BIP-360 proposal explicitly outlines this danger. While creating new Pay To Merkle Root (P2MR) addresses to protect against long-exposure attacks, the proposal cautions that “P2MR outputs are only resistant to ‘long exposure attacks’ on elliptic curve cryptography.” BIP-360 co-author Ethan Heilman tells Cointelegraph Magazine that short-exposure attacks represent a different class of threat. “With short-exposure attacks, the attacker only learns the public key after the output is spent,” Heilman explains. “This means the attacker is in a race to break the public key and double-spend the transaction before the honest transaction is confirmed by a miner.”
Also read: Ripple's $750M Buyback Boosts XRP Outlook
- Transaction Window Vulnerability: 10-60 minute exposure during blockchain confirmation
- Attack Sophistication: Requires faster quantum computation than long-exposure attacks
- Economic Viability: May become feasible as quantum computing power increases
- Network-Level Threat: Could undermine trust in Bitcoin’s fundamental security model
Expert Perspectives on the Quantum Timeline
Charles Edwards from Capriole Investments has been advocating for Bitcoin’s post-quantum security upgrade. He notes the technical challenges of short-range attacks while acknowledging their theoretical possibility. “The difference, I suppose, why that’s not probably discussed as much at the moment, is because the technical capability to do that is much more advanced,” Edwards states. “You have to be able to move and solve and decrypt very quickly to do what that is, which is to basically steal coins in the mempool, and effectively hack every single Bitcoin.”
Meanwhile, quantum computing advances accelerate. A February 2026 preprint scientific paper titled ‘The Pinnacle Architecture’ suggested 2048-bit RSA encryption could be broken in approximately one month with “less than one hundred thousand physical qubits.” While Bitcoin uses elliptic curve cryptography rather than RSA, quantum computing expert Professor Scott Aaronson notes that “Shor’s algorithm mostly just cares about the key size,” suggesting Bitcoin’s 256-bit keys might be even more vulnerable than RSA’s 2048-bit keys.
Quantum Computing Progress vs. Bitcoin Security
The timeline for practical quantum attacks remains uncertain but appears to be shortening. Deloitte partner Marc Verdonk’s research report “Quantum computers and the Bitcoin blockchain” estimates current scientific predictions suggest a quantum computer could break an RSA key in about 8 hours, with Bitcoin signatures potentially vulnerable within 30 minutes. “It is unclear how fast such a quantum computer will become in the future,” Verdonk cautions. “If a quantum computer will ever get closer to the 10 minutes mark to derive a private key from its public key, then the Bitcoin blockchain will be inherently broken.”
| Quantum Milestone | Estimated Qubits Required | Potential Impact on Bitcoin |
|---|---|---|
| Break RSA-2048 in 1 month | <100,000 physical qubits | Theoretical vulnerability demonstrated |
| Break Bitcoin signature in 30 minutes | Unknown, but fewer than RSA | Short-exposure attacks become feasible |
| Break Bitcoin signature in 10 minutes | Advanced quantum architecture needed | Fundamental security breach |
| PsiQuantum’s 2027 target | 1,000,000+ physical qubits | Accelerated threat timeline |
The Road to Post-Quantum Bitcoin
Transitioning Bitcoin to post-quantum security presents significant technical and governance challenges. BIP-360 represents one approach, creating new address types resistant to long-exposure attacks. However, as Heilman notes, “Protection against more sophisticated quantum attacks, including protection against private key recovery from public keys exposed in the mempool while a transaction is waiting to be confirmed (a.k.a. ‘short exposure attacks’), may require the introduction of post-quantum signatures in Bitcoin.”
This upgrade process could take years. The Bitcoin community must reach consensus on technical implementation, coordinate a network-wide upgrade, and manage the transition of existing coins to quantum-secure addresses. Meanwhile, quantum computing research advances with substantial investment — PsiQuantum recently raised $1 billion from funds affiliated with BlackRock, indicating serious institutional belief in near-term quantum progress.
Skeptical Perspectives and Counterarguments
Not all analysts share the urgent concern. CoinShares’ Christopher Bendiksen recently argued that only about 10,200 Bitcoin could realistically be stolen by quantum computers. His report suggests breaking most original miners’ coins would require millennia “even in the most outlandishly optimistic scenarios of technical progression in quantum computing.” Bendiksen estimates that breaking Bitcoin within a day would require a quantum computer with 13 million physical qubits — orders of magnitude beyond current capabilities.
Ethereum researcher Justin Drake offers nuanced perspective on Unchained, noting that different quantum computing modalities affect attack timelines. “There’s different quantum computing modalities,” Drake points out. “You know, there’s the fast computers, the superconducting and photonics, and then the slow ones, the trapped ions and the neutral atoms. If you have the fast flavor, so for example, you have Google working on the superconducting stuff, then the estimate for the time it takes to crack a key is on the order of minutes, like roughly ten minutes.”
Conclusion
The quantum computing threat to Bitcoin has evolved from a theoretical concern about exposed addresses to a comprehensive vulnerability affecting the entire supply. While long-exposure addresses remain the most immediate target, the emerging risk of short-exposure attacks during transaction processing expands the threat sector significantly. The accelerating pace of quantum computing research, evidenced by Chicago’s million-qubit facility and substantial investment in quantum technologies, suggests the timeline for practical attacks may be shorter than previously estimated. Bitcoin’s transition to post-quantum security through proposals like BIP-360 represents a critical but complex challenge requiring coordinated community action. As Edwards summarizes, “If we want this network to thrive and go much higher, like we all would like to see, then we need to upgrade the network. Like, no action is just not an option at all anymore.” The coming years will determine whether Bitcoin can maintain its security promises in the quantum era.
Frequently Asked Questions
Q1: What percentage of Bitcoin is currently vulnerable to quantum computers?
While Project 11’s Risq List identifies about 6.9 million Bitcoin (25-30% of supply) as immediately vulnerable due to exposed public keys, new analysis suggests all 21 million Bitcoin could become vulnerable during transaction processing if quantum computers advance sufficiently.
Q2: How soon could quantum computers threaten Bitcoin transactions?
Estimates vary widely. Some research suggests Bitcoin signatures could be vulnerable within 30 minutes using future quantum computers, while other analyses indicate such capabilities remain years or decades away. The construction of million-qubit facilities targeting 2027 completion suggests accelerated timelines.
Q3: What is BIP-360 and how does it address quantum threats?
BIP-360 proposes new Pay To Merkle Root (P2MR) addresses resistant to “long exposure” quantum attacks on coins with publicly visible keys. However, it explicitly notes that protection against “short exposure” attacks during transactions may require additional post-quantum signature implementations.
Q4: Can I protect my Bitcoin from quantum attacks today?
Users can move coins from legacy addresses (P2PKH) to newer address types (P2SH, P2WPKH) that don’t expose public keys until spending. However, complete protection requires network-level upgrades to post-quantum cryptography, which remains in development.
Q5: How does quantum computing threaten Bitcoin differently than traditional hacking?
Quantum computers using Shor’s algorithm could theoretically derive private keys from public keys, fundamentally breaking the cryptographic security underlying Bitcoin. This differs from traditional hacking that targets individual wallets, exchanges, or user errors.
Q6: What happens to Bitcoin’s price if quantum vulnerability becomes immediate?
As Charles Edwards notes, “Obviously, that wouldn’t happen in reality because once the capability got there, then probably no one would even hold Bitcoin or the value would be next to zero, so no one would bother.” This underscores the urgency of preemptive security upgrades.
This article was produced with AI assistance and reviewed by our editorial team for accuracy and quality.
Be the first to comment