Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
To freeze or not to freeze: Satoshi and the $440 billion in Bitcoin at risk from quantum computing
As quantum computing approaches its potential, approximately 7 million bitcoin, which includes Satoshi Nakamoto’s 1 million coins, face possible jeopardy.
Nearly 7 million BTC could be at risk as quantum computing progresses. Photo: Olivier Acuna/Modified by CoinDesk)
What to know:
- Quantum computers capable of compromising Bitcoin’s cryptography may put approximately 7 million coins at risk, including around 1 million linked to Satoshi Nakamoto, valued at an estimated $440 billion based on current market prices.
- The Bitcoin community is divided between maintaining strict neutrality and immutability—allowing quantum assailants to seize vulnerable coins—and taking action through protocol alterations such as burning or transferring at-risk coins to quantum-resistant addresses.
- While some experts caution that recent findings could hasten the timeline for breaching existing encryption, others contend that the threat remains remote and can be mitigated through engineering enhancements rather than substantial governance modifications.
Should quantum computers eventually achieve the ability to breach Bitcoin’s cryptography, around 1 million BTC attributed to Satoshi Nakamoto, the founder of the Bitcoin network, could be exposed to theft.
At the current rate of about $67,600 per bitcoin, that portion alone would be valued at roughly $67.6 billion.
STORY CONTINUES BELOWDon’t miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newslettersSign me up
However, Satoshi’s coins represent only a portion of the issue.
Estimates shared among analysts indicate that approximately 6.98 million bitcoin could be susceptible to a sufficiently advanced quantum attack, as Ki Young Ju, the founder of CryptoQuant, recently noted on X. At current valuations, the total amount of exposed coins approximates $440 billion.
The inquiry that is increasingly arising within and beyond bitcoin communities is straightforward yet at times quite contentious.
Why some coins are exposed
The susceptibility is not uniform. In Bitcoin’s formative years, pay-to-public-key (P2PK) transactions integrated public keys directly on-chain. Contemporary addresses generally disclose only a hash of the key until coins are utilized, but once a public key is revealed through early mining or address reuse, that exposure is irreversible. In a sufficiently advanced quantum context, those keys could theoretically be reversed.
Neutrality vs. intervention
For some, freezing those coins would compromise bitcoin’s core neutrality.
“Bitcoin’s structure treats all UTXOs equally,” stated Nima Beni, founder of Bitlease. “It does not differentiate based on wallet age, identity, or perceived future risk. This neutrality is fundamental to the protocol’s integrity.”
Creating exceptions, even for security reasons, modifies that architecture, he explained. Once there is authority to freeze coins for protection, it opens the door for other rationales as well.
Georgii Verbitskii, founder of the crypto investor app TYMIO, raised a pertinent issue: the network lacks a reliable means of determining which coins are lost versus those that are merely inactive.
“Differentiating between coins that are genuinely lost and coins that are simply dormant is nearly impossible,” Verbitskii remarked. “From a protocol standpoint, there is no dependable way to discern the difference.”
For this group, the answer lies in enhancing cryptography and facilitating voluntary transition to quantum-resistant signatures, rather than altering ownership stipulations at the protocol level.
Let the math decide
Related Posts
Others contend that intervention would contravene Bitcoin’s fundamental principle: private keys govern coins.
Paolo Ardoino, CEO of Tether, proposed that permitting old coins to reenter circulation, even via quantum advancements, may be preferable to modifying consensus regulations.
"Any bitcoin in lost wallets, including Satoshi (if not alive), will be hacked and reintroduced into circulation," he added. "Any inflationary impact from lost coins returning would be temporary, the reasoning goes, and the market would eventually accommodate it.”
Under this perspective, “code is law”: if cryptography progresses, coins shift.
Roya Mahboob, CEO and founder of Digital Citizen Fund, expressed a similar firm stance. “No, freezing old Satoshi-era addresses would breach immutability and property rights,” she stated to CoinDesk. “Even coins from 2009 are safeguarded by the same regulations as coins mined today.”
If quantum systems ultimately crack exposed keys, she remarked, “whoever first solves them should claim the coins.”
Nonetheless, Mahboob indicated her expectation for upgrades driven by ongoing research from Bitcoin Core developers to enhance the protocol before any significant threat arises.
The case for burning
Jameson Lopp noted that allowing quantum attackers to seize vulnerable coins would result in a substantial redistribution of wealth to whoever first acquires advanced quantum technology.
In his essay Against Allowing Quantum Recovery of Bitcoin, Lopp dismisses the term “confiscation” when discussing a defensive soft fork. “I don’t think ‘confiscation’ is the most accurate description,” Lopp wrote. “Instead, what we’re really talking about would be better characterized as ‘burning’ rather than making the funds inaccessible to everyone.”
This action would likely necessitate a soft fork, rendering vulnerable outputs unspendable unless transitioned to upgraded quantum-resistant addresses by a certain deadline — a modification that would require widespread social consensus.
Permitting quantum recovery, he adds, would reward technological superiority rather than constructive engagement in the network. “Quantum miners don’t contribute anything,” Lopp contended. “They are parasites preying on the system.”
How close is the threat?
As the philosophical discussion deepens, the technical timeline continues to be debated.
Zeynep Koruturk, managing partner at Firgun Ventures, stated that the quantum community was “astonished” when recent studies indicated that fewer physical qubits than previously thought might be needed to compromise commonly used encryption systems like RSA-2048.
“If this can be validated in the lab and substantiated, the timeline for decrypting RSA-2048 could, in theory, be reduced to two to three years,” she added, pointing out that advancements in large-scale fault-tolerant systems would ultimately apply to elliptic curve cryptography as well.
Others advocate for caution.
Aerie Trouw, co-founder and CTO of XYO, believes “we’re still far enough away that there’s no practical reason to panic.”
Frederic Fosco, co-founder of OP_NET, was more straightforward. Even if such a machine were to appear, “you upgrade the cryptography. That’s all. This isn’t a philosophical issue: it’s an engineering challenge with a known solution.”
Ultimately, the matter revolves around governance, timing, and philosophy — and whether the Bitcoin community can achieve consensus before quantum computing becomes an imminent threat.
Freezing vulnerable coins would question Bitcoin’s assertion of immutability. Allowing them to be taken would challenge its dedication to fairness.
