Quantum computers might soon derive private keys from public Bitcoin addresses, turning “lost” coins into spendable funds. The greatest risk falls on old wallets and reused addresses whose public keys have long sat on the blockchain, leaving company treasuries, custody services and long-term holders exposed. Reports gathered by place the likely danger window between two and eight years, meaning checks and fixes need to start now.
Bitcoin relies on ECDSA, a cryptographic lock that a large quantum computer running Shor’s algorithm could break far faster than today’s machines. Once a private key is computed from a public address, anyone can move the coins tied to that key.
Multiple voices warn the break could come within a few years, including Google teams, analyst Charles Edwards and Solana co‑founder Anatoly Yakovenko, while the United States Federal Reserve lists the danger as a systemic threat. Any wallet that exposed its public key long ago is the clearest target.
Old wallets and reused addresses are most at risk because their public keys have been visible on the blockchain for years, giving attackers a stable target if quantum capability arrives.
What happens next and how to respond
Coins currently deemed “lost” could be unlocked and moved, altering the liquid supply and raising questions about the ownership of long‑dormant balances. Treasuries and custodians must protect reserves that still use the old lock and prepare clear migration plans to stronger schemes. Traders and derivatives markets could face surprise selling pressure if large dormant stashes re‑enter circulation, and early access to quantum machines could concentrate power in a few hands.
Switch to post‑quantum cryptography as it becomes standardized and available. Adopt a soft fork to add quantum‑safe locks at the protocol level when consensus allows. Follow simple operational habits: generate a new address for every payment and avoid exposing a public key until the moment you spend.
The discussion has moved beyond theory, and both technical groups and regulators are calling for action. Any institution holding Bitcoin should inventory every old unspent output, assess exposure, and schedule migration to quantum‑resistant tools. Watch two markers: the pace of quantum hardware progress and the final release of post‑quantum standards; the day those standards go live will mark the shift from danger to defense.
The prudent course is to audit holdings now, rotate away from exposed keys, and prepare quantum‑safe paths before attackers gain the capability. Early preparation reduces systemic risk and preserves market stability.
