Coinbase’s Quantum Advisory Council has put a number on one of crypto’s most abstract fears. Between 6.9 and 7 million BTC, roughly a third of all Bitcoin that will ever exist, are sitting in addresses where corresponding public keys are already exposed on-chain. That means once quantum computers become powerful enough to crack existing cryptographic signatures, those coins are up for grabs.
The council’s report, published in June 2026 as a follow-up to an April position paper, draws a clear line between what’s safe and what isn’t. Bitcoin mining and hash functions? Quantum-resistant for the foreseeable future. Wallet-level digital signatures? That’s where the problem lives.
The 1.7 million BTC problem nobody controls
Within the broader pool of exposed coins, roughly 1.7 million BTC sit in legacy Pay-to-Public-Key addresses, the format used in Bitcoin’s earliest days. Many of these are tied to early mining activity or belong to wallets whose private keys have been permanently lost.
These coins can’t be migrated to quantum-safe formats because nobody is around to move them. And that creates a governance headache that goes well beyond cryptography.
The vulnerability isn’t limited to ancient wallets, either. Address reuse in more modern transaction formats also contributes to the exposure. Every time a Bitcoin address is reused after spending, its public key becomes visible on the blockchain, widening the attack surface.
Freeze them or lose them
The council’s proposed solutions venture into politically radioactive territory for Bitcoin. Among the governance strategies outlined: setting migration deadlines that would require users to move their coins to post-quantum-safe addresses, and then freezing funds in vulnerable addresses that fail to migrate by the cutoff.
The council is advocating for proactive measures now, while quantum computers remain far too weak to break existing cryptography. Current quantum hardware cannot crack the elliptic curve cryptography that secures Bitcoin wallets.
Who’s sounding the alarm
The Quantum Advisory Council’s members include cryptographers from Stanford, UT Austin, and the Ethereum Foundation, lending institutional weight to the findings.
The council’s core message is that Bitcoin’s protocol layer is fundamentally sound against quantum threats. The mining algorithm and hash functions that secure block production don’t need emergency intervention. The vulnerability is narrower than doomsday headlines might suggest, but it’s concentrated in an area, wallet security, that directly affects holders’ assets.
What this means for investors
For investors holding Bitcoin in modern wallet formats who avoid address reuse, the immediate risk is negligible. The exposure is concentrated in legacy addresses and reused keys.
Any proposal to freeze or restrict access to vulnerable coins would require broad consensus across Bitcoin’s notoriously fractious community. Miners, node operators, developers, and exchanges would all need to agree on a path forward.
The 6.9 to 7 million BTC figure gives the market something concrete to price. Investors have time before this becomes an actionable threat, but the governance groundwork needs to happen now, because retrofitting security on a decentralized network takes a very long time.