14:05 ▪
5
min read ▪ by
Quantum risk in cryptocurrencies does exist. But it does not apply to all wallets equally. This is the central point of Galaxy Digital’s new observation: the real fault line is not between Bitcoin and the rest, but between funds whose public key is already exposed on-chain and those still hidden behind a hashed address.
In short
- Quantum risk in cryptocurrencies is not a myth.
- Not all wallets are issued in the same way.
- The real battle is already being waged during the technical preparation.
The real danger does not apply to all crypto wallets
The crux of the problem is simple. A sufficiently powerful quantum computer could theoretically find the private key from the public key and sign the fraudulent crypto transaction. In other words, it could steal funds without knowing the initial phrase. However, Galaxy reminds that this scenario does not uniformly affect all wallets today.
Why? Because many users confuse the address and the public key. With Bitcoin, much of the funds remain protected until the public key is exposed during spending. It is this nuance that changes everything. It reduces the immediate exposure of part of the network.
On the other hand, some bitcoins are already more fragile. This mainly concerns old address formats, re-used addresses and also some deposits managed by exchanges or administrators who prioritized operational simplicity at the expense of cryptographic hygiene.
Bitcoin is not out of danger, but it has a structural advantage
This is where the debate becomes more nuanced. Bitcoin is not “quantum proof”. But its UTXO model gives it a small safety cushion that account-based blockchains don’t always have. On Bitcoin, the public key is often only visible when funds are spent. In networks like Ethereum or Solana, the public key is generally exposed at the account level.
This difference does not eliminate the risk. It moves it. In an extreme scenario, a quantum attacker could target coins whose public key has been visible for a long time. For others, they would have to act very quickly during the commit window of a transaction still in the mempool.
Galaxy also cites an estimate from Project Eleven that about 7 million BTC could fall into a category called “long exposure,” meaning coins whose public key is already exposed on-chain. This number is impressive. But that doesn’t mean a raid is possible today with known public quantum capabilities.
The cryptocurrency market is not stagnant; developers are already working
The idea that Bitcoin developers are ignoring this topic is not really true anymore. Galaxy, on the other hand, claims that the pace of proposals has accelerated since the end of 2025. The topic is no longer marginal. It became a concrete, technical and increasingly visible project.
The BIP 360 proposal is the most cited example. It introduces Pay-to-Merkle-Root or P2MR, a new type of output designed to remove the “key spend path” from Taproot, which precisely represents a vulnerable surface against a future quantum attacker. The idea isn’t magical, but it does show that the ecosystem is already trying to limit exposure even before the arrival of a real machine capable of cracking these signatures.
This movement goes beyond Bitcoin itself. In August 2024, NIST completed its first three post-quantum cryptographic standards and continued standardization in 2025. In short, global cybersecurity is already preparing for this transition. So cryptocurrency does not live in a separate bubble.
The biggest problem may not be technical
A real headache can come from governing. Bitcoin has neither a CEO, nor a board of directors, nor a red button capable of forcing an emergency update. Even when a technical consensus emerges, it takes time to be adopted at network scale. And time is precisely the most vague variable in the whole quantum case.
Galaxy points out that estimates of the arrival of a truly dangerous quantum computer range from a few years to a few decades, with no firm consensus. This uncertainty prompts two opposing errors. The first is to deny the risk. The second is the announcement of the apocalypse for tomorrow morning. Neither position really helps investors.
The correct reading is cooler. Quantum risk is real, but it doesn’t justify blind panic over all cryptocurrencies. But it requires better technical discipline: avoiding address reuse, understanding where the public key is exposed, and keeping a close eye on post-quantum solutions. In this case, inaction is more dangerous than clarity.
Maximize your Cointribune experience with our “Read and Earn” program! Earn points for every article you read and get access to exclusive rewards. Register now and start reaping the benefits.
Lydia, a teacher and IT engineer, discovers Bitcoin in 2022 and dives into the world of cryptocurrencies. It popularizes complex topics, deciphers Web3 challenges and defends the vision of an open, inclusive and decentralized digital future.
DISCLAIMER OF LIABILITY
The views, thoughts and opinions expressed in this article are solely those of the author and should not be taken as investment advice. Before making any investment decision, do your own research.
