Bitcoin's security architecture has been based on a foundational assumption that modern cryptographic protections will remain computationally impractical to violate at scale for more than a decade.
Now, with quantum computing transitioning from theoretical research into an emerging engineering reality capable of challenging the mathematical foundations behind digital signatures and blockchain authentication, this assumption is coming under renewed scrutiny.
With the development of quantum technologies, security researchers and blockchain developers are increasingly evaluating the potential exposure of private keys, compromise of wallet integrity, and weakening of transaction trust in decentralised ecosystems as quantum capabilities continue to mature.
While the discussion extends beyond the quantum threat itself, it emphasises the enduring importance of private key protection and the operational limitations of hardware wallets, where computational efficiency, power constraints, and algorithm compatibility are critical factors determining the viability of next-generation cryptographic defences.
It is against this backdrop that a proposal from Avihu Levy has been widely discussed in regard to Bitcoin's post-quantum transition strategy.
Quantum Safe Bitcoin (QSB) is a transaction model proposed by Levy that is designed to preserve cryptographic security even in the presence of an advanced quantum system capable of executing Shor's algorithm against conventional public-key cryptography.
There is particular interest in the proposal within the Bitcoin ecosystem because it does not require consensus-level changes to the Bitcoin protocol itself, thus avoiding the difficult and political process typically associated with network upgrades.
Due to its ability to layer quantum-resistant protections onto existing infrastructure rather than replacing the protocol foundation entirely, the architecture has been widely regarded as an elegant piece of engineering. The emergence of this technology coincides with a general acceleration in industry readiness for post-quantum risks, as governments, semiconductor firms, and major cloud providers intensify migration planning around potential cryptographic risks in the near future.
While QSB has gained significant popularity, security researchers note that the proposal addresses a much narrower segment of the quantum problem than public discussion sometimes implies. In light of the broader operational challenges associated with exposing private keys, implementing wallets, and ensuring long-term cryptographic survival across decentralised networks, this proposal offers a broad perspective on the quantum problem.
Quantum computing is of concern to a larger audience because it could undermine public-key cryptography, which encrypts blockchain ecosystems with public keys, particularly signature schemes like ECDSA, which is used across Bitcoin and Ethereum networks. Using publicly exposed wallet data, an advanced quantum system could theoretically be able to derive private keys, enabling forged transactions and unauthorised transfers of funds.
While researchers generally agree that quantum hardware is not yet capable of executing such attacks at scale, the debate has intensified due to the inherent slowness and operational sensitivity of blockchain migrations across decentralised communities, and the difficulty in coordinating across them. Bitcoin is often viewed as particularly vulnerable in this context due to its conservative governance structure and historically cautious approach towards protocol-level changes.
There is current evidence that approximately 6.5 to 6.9 million bitcoins are at risk of quantum exposure due to their public keys being visible on the blockchain, which represents approximately one-third of the total circulating supply of bitcoins. This includes older pay-to-public-key (P2PK) addresses that were widely used during Bitcoin's early years, and are believed to be linked to Satoshi Nakamoto's dormant wallets.
Blockchain records directly contain the public key of legacy address formats, allowing for the reconstruction of the private key by a future quantum computer using Shor's algorithm, thereby obtaining the funds. As a result of the newer pay-to-public-key-hash (P2PKH) structures, public keys are concealed behind cryptographic hashes until a transaction is initiated, reducing the exposure of public keys.
Once funds are spent from a P2PKH wallet, the public key becomes permanently visible on the blockchain, creating a long-term attack surface if the address is reused in the future. Researchers are also warning against utilising "harvest now, decrypt later" strategies, which involve adversaries collecting encrypted blockchains and transaction data in advance of quantum capabilities.
The implementation of cryptographic upgrades more rapidly may be possible on proof-of-stake networks such as Ethereum, although experts caution that if defensive migration timelines fail to keep pace with computational advances, validator infrastructure and signature keys could eventually face quantum-era risk.
After Google researchers released updated projections in March that indicated that it could take nearly twenty times fewer physical qubits to compromise Bitcoin's elliptic curve cryptography than estimates prepared a year earlier, concerns regarding the timeline of quantum risk intensified further.
Despite the fact that practical quantum attacks against Bitcoin are currently outside of operational capability, the revised calculations confirm an industry understanding that the threat is gradually moving from theoretical modelling to engineering inevitability in the long term. As a result, Bitcoin is challenged by an inseparability between the technical challenge and governance.
A consensus has not been reached on how vulnerable dormant wallets should be handled if quantum-capable systems eventually emerge. The failure to freeze or invalidate those holdings would introduce direct intervention into property ownership within a system designed specifically to resist central control, effectively creating a future race for quantum-enabled theft.
There are also equally controversial implications associated with burning inaccessible balances, which force the network to make unprecedented decisions regarding asset legitimacy and protocol authority.
In spite of all proposed mitigation strategies, the issue of who has the authority to make such decisions for a decentralised monetary system remains fundamentally unresolved.
Although Bitcoin Core developers are permitted to propose code changes, they are not allowed to unilaterally modify ownership records or dormant balances without coordinated consent from miners, exchanges, custodians, node operators, and other stakeholders.
The governance tension represents an aspect of the quantum problem that can not be fully addressed through cryptography alone in proposals such as Quantum Safe Bitcoin.
In decentralised infrastructure, the underlying assumption for many years has been that any architectural limitations can eventually be resolved through upgrades and coordination with enough time and consensus.
Quantum computing is now testing that assumption under an externally imposed technological timeframe driven not by community preference, but by advancements in physics, semiconductor engineering, and computational science.
The process of transitioning Bitcoin toward post-quantum resilience will probably take time, money, and political compromise if it is to be successful.
The network may face the fact that, if coordination fails to keep pace with technological advancement, foundational cryptographic choices made during Bitcoin's earliest design phase will not always remain secure in light of evolving computational power indefinitely.
Quantum Safe Bitcoin has received a great deal of attention, but researchers emphasise that it focuses on only one layer of a much wider structural problem.
By successfully introducing transaction-level quantum resistance, QSB provides a practical defensive mechanism for protecting active holdings against future cryptographic threats by reducing computational overhead.
There is much more to the issue than just protecting individual wallets. The central challenge for Bitcoin is determining whether a decentralised network without a governing authority will be able to realistically move hundreds of millions of addresses toward a new cryptographic standard prior to quantum technologies becoming available.
When considering the dormant wallets and inaccessible coins that cannot voluntarily participate in such a transition, the problem becomes even more complex. In order to execute an extensive migration strategy, developers, miners, exchanges, custodians, infrastructure operators, and long-term holders will need to work together as a consensus-driven governance group with incentives that may not fully align.
While quantum computing advances are achieved through concentrated research and technological breakthroughs, decentralised coordination is generally characterised by a slow and sometimes prolonged period of ideological disagreement.
Many analysts believe this is the real test for Bitcoin in the quantum era, not in the design of stronger cryptography, but in the ability of a globally distributed financial system to collectively adjust to external technological pressures without compromising its principle of decentralisation.
Bitcoin's cryptography is no longer the single focus of the quantum debate, however. Instead, the question is whether decentralised systems are capable of coordinating fast enough to survive the technological transition they cannot control.
Post-quantum research is accelerating across the government and private sectors, resulting in unprecedented scrutiny of long-term security assumptions, dormant asset exposure, and governance resilience within the cryptocurrency industry.
As a result of this challenge, Bitcoin's cryptographic architecture may ultimately be examined in terms of its durability, as well as its practical limits under real-world computational pressures related to decentralised consensus.
