On-chain reports suggest that almost 6.7 million Bitcoin are currently sitting in quantum-vulnerable addresses. These tokens have not moved in years, and some have not moved for over a decade. A portion of these coins is also believed to belong to Satoshi Nakamoto.
Currently, these coins are the most valuable target in the history of financial crime.
The Bitcoin Exposure Nobody Fixed
A new whitepaper from Google Quantum AI, published on March 30, 2026, maps the precise scale of Bitcoin’s quantum vulnerability for the first time.
The research identifies 100,000 Bitcoin addresses that are exposed to so-called at-rest attacks, meaning a sufficiently powerful quantum computer could derive their private keys without the owner ever initiating a transaction.
In total, these addresses hold approximately 6.7 million BTC.
Resource Estimates and Mitigations
Why Old Bitcoin Addresses Are the Most Vulnerable
The most exposed coins are those locked in Pay-to-Public-Key scripts from Bitcoin’s earliest mining era, the so-called Satoshi era of 2009 and 2010. These scripts store the public key directly on the blockchain, permanently visible to anyone.
A quantum computer equipped with Shor’s algorithm can use that public key to derive the corresponding private key and drain the address.
Around address rank 6,000, a concentration of 50 BTC addresses emerges, each holding exactly one early mining reward, many of which are untouched since Bitcoin’s earliest years.
“Progress on quantum from Bitcoin core developers is important, because there are parts of the Bitcoin community — whether they should be or not — that are worried about quantum and want to see it taken seriously and addressed. As more information comes out and people see it being worked on, that will be positive, ” said Matt Hougan, Chief Investment Officer at Bitwise, BeInCrypto Expert Council.
The Problem That Cannot Be Patched
Unlike active wallets, dormant addresses cannot be upgraded. They cannot migrate to post-quantum cryptography. They represent a fixed, permanently visible target that will grow more dangerous as quantum hardware advances.
Google’s researchers estimate that roughly 1.7 million BTC are locked in P2PK scripts, and that the total quantum-vulnerable supply across all script types may reach 6.9 million BTC when address reuse is factored in.
Google’s paper argues that the community and regulators will soon face an unprecedented question: what happens to these coins when a quantum computer can simply take them?
Options being discussed range from protocol-level destruction of vulnerable coins to legal frameworks for regulated recovery: a concept the paper calls digital salvage. There are no easy answers, but the window to prepare is closing.
