The greatest risk to Bitcoin may not be the Federal Reserve, regulation, or even quantum computers themselves.
But rather a person who disappeared over a decade ago.
Because if the quantum era truly arrives, the most challenging issue won't be ordinary users' wallets, but the bitcoins left by Satoshi Nakamoto. The public key is permanently etched on the blockchain, the owner's status is unknown, and the private key's whereabouts remain entirely undisclosed. Valued at tens of billions of dollars, it has lain dormant for seventeen years without moving a single satoshi.
Even more problematic: whether these coins move or not, Bitcoin faces a question that no one is willing to answer—and part of this question cannot be solved by technology alone.
What's truly dangerous is not all addresses
Many people mistakenly believe that as soon as quantum computers emerge, all Bitcoin will immediately become invalid.
That’s not true. The security of Bitcoin private keys relies on the assumption that it is computationally infeasible to derive the private key from the public key. The threat posed by quantum computers is that Shor’s algorithm could break this assumption. But the key point is—before an attacker can run Shor’s algorithm, they must first obtain the public key.
A Bitcoin address is essentially a hash of the public key. Under normal circumstances, the public key does not appear directly on the blockchain; it is only revealed when a user initiates a transaction and submits a signature.
So the real danger lies in addresses whose public keys have already been made public.
The highest-risk type is the P2PK output format, widely used in the early Bitcoin network. Under this structure, the full public key is permanently written to the blockchain from the moment it is generated. Attackers do not need to wait for the holder to initiate a transaction—they can immediately attempt to reverse-engineer the private key, with no buffer period whatsoever.
In 2026, researchers from Google, Stanford, and the Ethereum Foundation estimated that over 1.7 million bitcoins remain locked in P2PK outputs.
The most sensitive portion among these is the assets held by the early mining addresses familiar to the public—commonly referred to as the assets left behind by the suspected Satoshi/Patoshi miner.
Analysis suggests that, under a conservative estimate, this early dominant miner accumulated between 600,000 and 700,000 bitcoins; when including the uncertainly attributed portion, a broader estimate may approach 1 million bitcoins. A significant portion of these assets are in P2PK format, with the public keys fully exposed on the blockchain over a decade ago.
Thus, what initially appeared to be a cryptography issue ultimately became a question about Satoshi Nakamoto.
Caught between a rock and a hard place
The greatest risk with Satoshi's address is never moving it? Actually, the opposite is true: both moving and not moving it are problematic.
If these seventeen-year-old dormant bitcoins suddenly move, the market will first be confronted with an unanswered question: Who moved them? Is it the real Satoshi Nakamoto? A legal heir? Or the world’s first successful large-scale quantum attack?
If these coins remain untouched, they will become the most valuable targets for attackers as quantum computing power gradually increases.
Technically, the protocol still adheres to the rule: whoever holds the private key can control the assets. But at the market and belief level, the impact far exceeds the intrinsic value of the assets themselves. The core narrative of Bitcoin—“immutable and absolute ownership”—faces its most direct test at this moment.
Why no one can move Satoshi's coins
Many people’s first reaction is: If the old algorithm is risky, why not just upgrade to a quantum-resistant algorithm?
The problem is that Bitcoin doesn't have a "system upgrade button."
The U.S. National Institute of Standards and Technology officially released its first post-quantum cryptography standards in 2024. In response, the Bitcoin community has proposed technical solutions such as QRAMP (Quantum-Resistant Address Migration Protocol), which center on providing users with a migration window to transfer assets from old addresses to new post-quantum addresses.
For regular users, the logic is clear: as long as the private key is still available, you can proactively complete the migration.
However, Bitcoin assets are not stored in an "account"; instead, they are locked by scripting conditions in UTXOs. The only way to move these assets is by providing a signature from the corresponding private key.
No network node knows your private key. Core developers don’t know it. Miners don’t know it. No automated program knows it.
This is not an issue of engineering capability, but of the fundamental logic of cryptography—this very design, where only the private key holder can access assets, is what makes Bitcoin Bitcoin. Now, the same logic prevents anyone from completing the migration on behalf of Satoshi Nakamoto.
For addresses whose public keys have not been exposed, there is theoretically a technical pathway to migrate to quantum-resistant new addresses, but this requires a community hard fork and high coordination. For P2PK addresses with exposed public keys, this pathway is not feasible.
Those assets suspected to belong to Satoshi Nakamoto fall precisely within the most difficult range: the public key is fully exposed, and the holder is almost certainly permanently absent.
Three options for the Bitcoin community
If quantum computing truly becomes a threat, these dormant assets will eventually need to be addressed. Theoretically, there are only three possible options.
Three paths, each requiring the Bitcoin community to pay a price it has never paid before.
It's not just a technical issue, but a business one.
The quantum threat to Bitcoin will ultimately manifest in very specific commercial forms.
For institutional holders, this is a tail risk pricing issue. Over the past few years, numerous public companies and sovereign wealth funds have begun adding Bitcoin to their balance sheets. One of their core justifications for purchasing was the narrative of "absolute scarcity, absolute ownership, and protocol immutability." If a quantum threat forces the community to choose between "modifying the protocol" and "accepting asset theft," either outcome would不同程度地 damage this narrative.
This risk has rarely been rigorously quantified in any institutional positioning reports—it cannot be hedged like interest rate risk or liquidity risk, and is more akin to a structural issue selectively ignored by the broader market.
This is an inevitable infrastructure upgrade for exchanges and custodians. The National Institute of Standards and Technology (NIST), the UK’s National Cyber Security Centre, and the U.S. National Security Agency have all released timelines for post-quantum cryptography migration, requiring critical systems to complete the transition between 2031 and 2035.
This means that compliant cryptocurrency custodians will need to demonstrate that their signing systems, key management processes, and cold wallet solutions meet post-quantum security standards. This represents tangible engineering and compliance costs, which will ultimately be reflected in custodial fees and institutional entry barriers.
For mining companies and infrastructure investors, this is a long-term factor that impacts valuation assumptions. The business model of Bitcoin mining is predicated on the assumptions of protocol stability and predictable rewards. If the community initiates a major protocol upgrade to address quantum threats, mining hardware, algorithms, and block production rules may all need to be adjusted. Even if the upgrade is ultimately completed successfully, the uncertainty during the transition period alone could be sufficient to affect mining companies’ financing costs and long-term rates of return.
The deepest business question is: who will lead this upgrade? Bitcoin has no CEO, no board of directors, and no legal entity that can be held accountable or authorized. This design has protected it from countless political and regulatory pressures over the past fifteen years. But it also means that when difficult collective decisions are needed, no one has the authority to decide—and no one is responsible.
A protocol upgrade involving trillions of dollars in assets relies on global, decentralized developers, miners, and node operators reaching consensus without legal enforcement. This is nearly an impossible governance structure by conventional business logic—yet Bitcoin has operated successfully on this model for fifteen years.
Can it work again?
How can a system without an owner handle the owner's estate?
Apple won't encounter this issue. After Jobs left, there was still a board of directors.
Tencent won't encounter this issue. Even after the founders retire, there is still management in place.
But Bitcoin is different. It has a founder—who left behind a fortune worth tens of billions of dollars, then vanished completely. There is no will, no heirs, no legal process, and no one even knows if he is still alive.
Satoshi Nakamoto designed a system that doesn't require trusting anyone—this is his greatest legacy to the world.
But perhaps he never imagined that seventeen years later, the hardest problem for this system would be the key he himself had left behind.
Bitcoin’s quantum resistance migration has never been a question of “whether it can be done.” The real question is: when technology, property rights, and commercial beliefs collide simultaneously, how will a system without an owner handle its owner’s legacy?
This answer may be more worth noting than the quantum computer itself.
What do you think the Bitcoin community will ultimately choose if the quantum era truly arrives? Share your thoughts in the comments.
The content of this article is for reference only and does not constitute any investment advice. The market carries risks; investments should be made with caution.