Coinbase’s independent cryptography advisory group has released a new report stating that Bitcoin is not currently at risk from practical quantum computing threats, but preparations for transitioning to quantum-resistant cryptography should begin as soon as possible, without waiting for the community to reach consensus on all outstanding issues.
The dispute centers on the old address.
The report, authored by multiple cryptography researchers and including Ethereum Foundation researcher Justin Drake, focuses on Bitcoin addresses still protected by ECDSA and Schnorr signatures, and whether a mandatory migration of BTC from these addresses will be necessary in the future.
Some supporters advocate setting a migration deadline after which the old signature scheme will no longer be accepted. This would effectively freeze BTC that has not been migrated to quantum-resistant addresses, reducing the risk that future quantum attackers could gain control over large amounts of Bitcoin.
Should the freeze be handed over to the community?
Opponents argue that rendering such BTC unusable is equivalent to de facto expropriation of property rights and conflicts with Bitcoin’s long-standing principles of immutability and user self-custody of assets.
The Coinbase advisory group does not directly support any side. The report states that the decision on whether BTC in vulnerable addresses should be frozen, destroyed, or left unchanged should be made by the Bitcoin community through a consensus process, not by a small group of researchers alone.
1.7 million BTC have had their public keys exposed
The report states that approximately 1.7 million BTC are held in early pay-to-public-key addresses, whose public keys have already been exposed and could theoretically be more vulnerable to attack if quantum computing capabilities advance significantly in the future.
- The exposed public key address is estimated to hold approximately 1.7 million BTC.
- Project11 estimates the potential exposure scale could reach up to 5 million BTC.
- Some of these assets are still controlled by active users and institutions.
Multiple migration solutions have been proposed.
The report also lists several transition proposals. The Hourglass proposal aims to limit the amount of BTC that can be transferred out of vulnerable addresses per block, to prevent a large volume of old coins from suddenly re-entering the market. BIP-361 seeks to allow users to continue proving ownership of their assets in a quantum-resistant manner after the old signatures are retired.
Another mechanism, PACTs, allows users to commit to future quantum-resistant addresses without immediately transferring funds on-chain. Overall, the core message of this report is not that the risk is imminent, but that Bitcoin should begin preparing migration pathways in advance for potential technological changes.