Community Trust ScoreVerified
Quantum computing isn’t here yet. But Coinbase thinks the crypto industry needs to start worrying about it now — seriously, not theoretically.
The company’s Quantum Advisory Council put out a report dated June 11 warning that roughly 7 million Bitcoin could be compromised by future quantum computing advances. The core problem: exposed public keys. When a public key is visible on-chain, a sufficiently powerful quantum machine could theoretically reverse-engineer the private key from it, draining the wallet entirely. It’s not a risk that exists today — no quantum computer currently running can crack the cryptographic systems protecting Bitcoin or any other major network. But the council’s argument is that crypto networks move slowly, coordination takes years, and waiting until the threat is real is basically waiting too long.
Around 1.7 million of those at-risk Bitcoin sit in legacy Pay-to-Public-Key addresses — the old P2PK format from Bitcoin’s earliest days. Some of those coins are early-mined. Some are probably abandoned. Nobody’s actively managing them.
The Abandoned Coin Problem
That last part is where things get genuinely messy. A normal software upgrade is hard enough to coordinate across a decentralized network. But at least with a normal upgrade, you’re asking active users to do something. The quantum migration problem is different because a chunk of the most vulnerable coins may not have active owners at all. The original holders might be gone. The keys might be lost. There’s nobody to click a button or sign a transaction.
The council laid out a range of options for handling this, and none of them are clean. On one end: set a hard deadline for migration, after which unmigrated funds get frozen or burned outright. The logic there is that if you leave vulnerable coins sitting around long enough, a quantum attacker eventually takes them anyway — so burning them preemptively at least prevents theft. But that’s a massive property-rights problem. Who decides? On what authority? What if someone shows up ten years later with a valid claim to coins that were burned?
On the other end: do nothing. Just let the situation ride and hope quantum computing doesn’t advance fast enough to matter. That’s probably not a great plan either, given how fast the hardware has moved in recent years.
The middle-ground ideas are more interesting. Rate-limiting transactions from older, vulnerable addresses would slow any attacker down without destroying anyone’s funds. Zero-knowledge proofs could let a user prove they own a wallet without ever exposing the public key — which is the whole vulnerability in the first place. Neither approach fully solves the abandoned-coin issue, but they buy time and reduce exposure without requiring the community to make irreversible decisions about property rights.
Build the Tech First, Argue Later
The council’s clearest recommendation is basically: separate the engineering from the politics. Don’t wait for the governance debate to resolve before starting technical work. Develop quantum-safe signature schemes now. Test them. Get them ready. The governance conversation — what to do about dormant wallets, whether to burn or freeze unmigrated funds, how to handle property claims — can keep running in parallel without blocking the technical side.
That’s a sensible split. Crypto governance debates are notoriously slow and contentious. Tying technical progress to their resolution would mean nothing gets built until everyone agrees on everything, which is basically never.
It’s worth being clear about the timeline, or rather the lack of one. The report doesn’t claim quantum attacks on Bitcoin are imminent. No existing machine can do it. But the decentralized nature of crypto networks means that even once a quantum-resistant cryptographic standard exists, actually getting it deployed across Bitcoin would take years of coordination — miner signaling, node upgrades, wallet software updates, user action. If the industry waits until quantum computers are genuinely threatening before starting that process, it’s already behind.
The 7 million Bitcoin figure is the number that’ll get attention, and it should. At current prices, that’s an enormous amount of value sitting in addresses that could be cracked by hardware that doesn’t fully exist yet but probably will. Most of those coins are in P2PK addresses or reused P2PKH addresses where the public key has been exposed through prior transactions. Active users can migrate when quantum-safe addresses become available. The abandoned ones can’t.
Coinbase’s council didn’t set a timeline for when quantum computing becomes a real threat. Didn’t specify exactly which signature scheme the industry should adopt. Didn’t say what the right answer is on burning versus freezing abandoned coins. What the report does is put the problem on the table clearly, with a specific number attached — 7 million Bitcoin — and a pretty direct message: the time to start preparing is before the crisis, not during it.
The 1.7 million Bitcoin in legacy P2PK addresses alone would represent a staggering target for any attacker with the right hardware.
Hub: Bitcoin price, news, and analysis
Frequently Asked Questions
How many Bitcoin does Coinbase say are at risk from quantum computing?
Coinbase’s Quantum Advisory Council puts the figure at approximately 7 million Bitcoin, with around 1.7 million sitting in legacy Pay-to-Public-Key addresses considered especially vulnerable due to exposed public keys.
What solutions did the Coinbase Quantum Advisory Council propose?
The council outlined several options including hard migration deadlines with freezing or burning of unmigrated funds, rate-limiting transactions from older addresses, and using zero-knowledge proofs to prove ownership without exposing public keys.
