Quantum Computing and Bitcoin: Why Your Wallet May Already Be at Risk — and What to Do About It

PUB: 2026-03-26

ETA: [ 5 MIN ]

A future threat to Bitcoin just got a lot more concrete. Galaxy Digital, one of the crypto industry’s leading research firms, released an assessment this month confirming what security experts have quietly worried about for years: quantum computing poses a genuine risk to Bitcoin holdings. The good news? Most wallets are still safe — for now. The bad news? Hundreds of billions of dollars in BTC may not be.

Here’s what you need to understand, and why acting early could matter more than you think.

Not All Bitcoin Wallets Face the Same Risk

Galaxy Digital research analyst Will Owens drew a crucial line that most headlines miss: the quantum threat is not uniform. “Funds are at risk only when public keys are exposed on-chain,” Owens wrote in his March 2026 report.

This distinction comes down to how Bitcoin’s cryptography works. Your Bitcoin address is a hashed version of your public key — but the public key itself only becomes visible on the blockchain when you spend from that address. If you’ve never spent from a wallet, your public key remains hidden, and a quantum computer has nothing to attack.

The danger concentrates in two specific scenarios. First, wallets that reuse addresses — a common habit among early Bitcoin users — expose their public keys permanently on-chain. Second, there’s a theoretical window during any transaction where the public key is briefly visible before the block is confirmed, a gap a sufficiently powerful quantum machine could theoretically exploit in real time.

Security firm Project Eleven estimates roughly 7 million BTC — worth approximately $470 billion at recent prices — falls into the vulnerable category under a broad definition of exposure. That’s not a rounding error. It’s roughly a third of Bitcoin’s entire circulating supply.

How Quantum Computers Actually Break Cryptography

To understand the threat, it helps to know what a quantum computer actually does differently. Classical computers secure Bitcoin through elliptic curve cryptography (ECC), which relies on the mathematical difficulty of deriving a private key from a public key. This problem is so hard that even the fastest supercomputer today would take longer than the age of the universe to crack it.

Quantum computers change that equation entirely. Using an algorithm called Shor’s algorithm, a sufficiently large quantum machine could solve the elliptic curve discrete logarithm problem exponentially faster — potentially in hours or even minutes. IBM’s quantum processors currently operate in the hundreds to low thousands of qubits, but experts estimate that breaking Bitcoin’s 256-bit elliptic curve encryption would require a fault-tolerant machine with millions of stable, error-corrected qubits. We’re not there yet, but the trajectory is moving faster than most anticipated five years ago.

ARK Invest places meaningful quantum risk emerging sometime in the mid-2030s. That gives the Bitcoin ecosystem a window — but not an infinite one.

Bitcoin Developers Are Moving Faster Than Critics Claim

The common criticism is that Bitcoin’s developer community has been asleep at the wheel on quantum preparedness. Owens pushed back directly. “Contrary to some public criticism, our review found substantial developer work addressing the question of quantum vulnerabilities and mitigations,” he stated, noting that “the pace of proposals has accelerated meaningfully since late 2025.”

One of the most discussed proposals is BIP 360, a soft fork that would introduce a new Pay-to-Quantum-Resistant-Hash (P2QRH) address format. This format uses post-quantum cryptographic algorithms — specifically lattice-based and hash-based schemes — that even a large quantum computer cannot efficiently break. NIST finalized its first set of post-quantum cryptographic standards in 2024, giving Bitcoin developers a well-tested foundation to build on.

The challenge isn’t just technical — it’s political. Bitcoin has no CEO, no board, and no ability to mandate upgrades. Changes require broad consensus among miners, node operators, and developers. Yet Owens argues this threat is unusual in one important way: every participant in the network has a direct financial stake in the outcome. That shared incentive, he suggests, makes coordinated action more likely here than in past disputes like the block size wars.

What You Can Do Right Now to Protect Your Holdings

Waiting for a protocol upgrade isn’t your only option. Several practical steps reduce your exposure today.

Bitcoin analyst Willy Woo recommends holding BTC in SegWit wallets (addresses starting with “bc1q”) as a near-term mitigation. SegWit transactions keep public keys less exposed than legacy address formats. More importantly, avoid address reuse — every time you receive funds at the same address after spending from it, your public key remains permanently visible on-chain.

For longer-term protection, hardware wallets are emerging as the front line of defense. Manufacturers including Ledger, Trezor, and newer entrants are actively developing or announcing support for post-quantum key storage, with several models positioned for post-quantum readiness by 2026. These devices store private keys in secure enclaves and, in next-generation versions, generate key pairs using quantum-resistant algorithms from the ground up.

Coinbase CEO Brian Armstrong has described the quantum issue as manageable, and Galaxy’s report frames it similarly — not as an imminent catastrophe, but as a long-term engineering challenge the ecosystem is actively solving.

The Takeaway: Complacency Is the Real Risk

Quantum computers powerful enough to threaten Bitcoin don’t exist today. But the infrastructure to defend against them needs to be built before they do — and that process takes years, not months.

If you hold Bitcoin in old legacy addresses you’ve spent from before, now is the time to migrate those funds to a fresh wallet with a never-exposed public key. If you’re a developer or institutional holder, track the progress of BIP 360 and NIST-aligned proposals closely. The window is open. The question is whether the ecosystem uses it wisely.

Sead Fadilpašić

Contributor

Sead Fadilpašić is a journalist and content writer who covers blockchain, cybersecurity, privacy, technology, and digital business. His work is featured on a wide range of international publications and technology websites, including Cryptonews and Tom's Hardware. His work focuses on cybersecurity threats, data privacy, emerging technologies, and the broader impact of technology on businesses and consumers. Based in Sarajevo, Bosnia and Herzegovina, he has been reporting on technology-related topics for more than a decade.

>_ View output

Menu

Search