A recent report from Coinbase’s Independent Advisory Board on Quantum Computing and Blockchain has highlighted a significant potential vulnerability within the Bitcoin network. The board estimates that approximately 7 million bitcoin could be at risk from future quantum computing attacks. Crucially, a substantial portion of this exposure, estimated at 5 million bitcoin, is linked to address reuse and is believed to be held by active users, including substantial cold wallet reserves belonging to major cryptocurrency exchanges.
Key Takeaways
- Coinbase’s quantum advisory board reports that around 7 million bitcoin are potentially vulnerable to future quantum attacks.
- Approximately 5 million of these vulnerable bitcoin are associated with address reuse, largely held by active users and major exchange cold wallets.
- The report outlines divergent approaches to address the issue, ranging from freezing vulnerable coins to preserving owner rights without intervention.
- The board recommends initiating technical migration work immediately and fostering clear communication within the Bitcoin community.
The report categorizes the quantum threat into two main areas. The first involves around 1.7 million bitcoin located in approximately 20,000 legacy pay-to-public-key (P2PK) addresses. In these addresses, the public key is directly visible on the blockchain, making the associated bitcoin susceptible to exploitation by future quantum algorithms. A portion of these coins is thought to belong to early adopters or individuals who have lost access to their private keys.
The more prominent concern, however, relates to the 5 million bitcoin identified as being at risk due to address reuse. According to the quantum-security firm Project Eleven, the public keys for these bitcoin have already been exposed on-chain. The report posits that these funds are more likely to be actively managed rather than lost, with significant holdings potentially residing in the cold storage of known exchanges or exhibiting recent transaction activity. The report does not name specific exchanges.
A core argument presented in the report suggests that while lost bitcoin requires no special consideration as practical control has already been relinquished, the situation for holders who maintain control but fail to migrate their funds before a potential deadline warrants discussion. This group could encompass the exchanges and active holders associated with the 5 million bitcoin in reused addresses.
The advisory board has detailed two principal, contrasting strategies for mitigating this risk. The first approach advocates for a deadline, after which signatures generated by current quantum-vulnerable algorithms like ECDSA and Schnorr would no longer be recognized. This would effectively freeze any bitcoin not migrated to a quantum-resistant standard. Proponents argue that compromised cryptographic proofs of ownership invalidate claims, that a sudden influx of vulnerable coins post-quantum attack could destabilize the market, and that such measures could prevent malicious actors, such as state-sponsored entities, from seizing large sums.
The alternative perspective supports the enablement of post-quantum address standards while placing the onus of risk management entirely on individual owners. Advocates of this position contend that implementing network-level coin burning constitutes confiscation, undermining Bitcoin’s fundamental ethos of property rights and potentially setting a dangerous precedent for future state interventions. Furthermore, they highlight the difficulty in distinguishing between an owner who is negligent and one who is incapacitated, deceased, or has temporarily lost access to their keys.
The report also discusses intermediate proposals that are considered compatible with either primary approach. The “Hourglass” design aims to limit the volume of P2PK coin movements per block, thereby averting a sudden supply shock. A draft BIP-361 proposal suggests phasing out legacy signatures after a specified period, while allowing users to demonstrate ownership using quantum-resistant zero-knowledge proofs, a feature accessible to wallets generated from seed phrases. Additionally, Provable Address-Control Timestamps (PACTs), initially proposed by Dan Robinson of Paradigm, would enable holders to commit to future quantum-safe transfers without immediate on-chain movements.
The board ultimately abstained from endorsing any specific solution, stating that no single answer is definitive and that the Bitcoin community must collectively reach a consensus. The advisory board comprises notable figures in cryptography and blockchain research, including Yehuda Lindell (Coinbase, Bar-Ilan University), Dan Boneh (Stanford University), Scott Aaronson (UT Austin), Justin Drake (Ethereum Foundation), Sreeram Kannan (Eigen Labs, University of Washington), and Dahlia Malkhi (UCSB).
Despite not recommending a specific technical path, the board issued two key directives. First, it urged the development community to commence the necessary technical work for migration without delay, emphasizing that building post-quantum signature support is a distinct endeavor from resolving the governance debate and should not be postponed. Second, it called for enhanced communication to ensure users are fully informed about potential timelines and planned actions.
The concerns regarding exchange exposure align with prior warnings from financial analysts. In January, Jefferies strategist Christopher Wood cited research highlighting exchange and institutional wallets as particularly susceptible due to address reuse when he adjusted his Bitcoin model portfolio. Separately, Bitcoin developers have explored the gradual deprecation of legacy signatures via BIP-361, and Google has indicated a target of 2029 for its own post-quantum cryptography migration, citing accelerated research in quantum computing.
The advisory board emphasized that current quantum computers lack the capability to break existing blockchain cryptography, and the threat remains speculative. However, their assessment is that the migration process and the requisite governance discussions will likely span several years. Delaying action until a cryptographically relevant quantum computer becomes a reality would be too late to effectively address the vulnerability.
Potential Regulatory Precedent
This report and the ensuing community discussion could set significant precedents for how decentralized networks approach existential technological threats, particularly those with potential systemic implications. While the report focuses on a technical vulnerability, the proposed solutions — particularly those involving network-level intervention like freezing or disabling certain transaction types — touch upon concepts akin to regulatory oversight. If the Bitcoin community adopts measures that involve restricting or modifying ownership rights based on proactive threat mitigation, it could establish a model for how other decentralized systems might engage with future technological shifts or even external regulatory pressures. The debate between preserving owner rights versus network security echoes broader regulatory discussions in traditional finance and emerging technology sectors, where the balance between innovation, user protection, and systemic stability is constantly being negotiated. The way this issue is resolved within the Bitcoin community could influence expectations for compliance and risk management in the broader digital asset space, potentially impacting how future regulatory frameworks are conceptualized and applied to decentralized technologies.
Information compiled from materials : www.theblock.co