Glassnode estimates 6.04 million Bitcoin—30% of total supply—faces quantum computing risk, split between coins with exposed public keys (structural vulnerability: 1.92M BTC) and coins where address reuse or custody behavior revealed keys while funds remained locked (operational vulnerability: 4.12M BTC). At current prices near $77,000, the at-risk supply represents roughly $465 billion in potential exposure.
How Bitcoin’s Cryptography Becomes Vulnerable
Quantum computing poses a theoretical threat to Bitcoin’s underlying cryptographic security. The vulnerability hinges on a single factor: whether a wallet’s public key is already visible on-chain. Glassnode defines the distinction clearly. Structural exposure applies to outputs whose script type reveals the public key by design—primarily coins from Bitcoin’s early years when wallet standards were less mature. Operational exposure covers coins protected initially but where address reuse, partial spending, or custody behavior has since exposed the public key while BTC remains tied to that address. Of the 20 million Bitcoin currently in existence, 13.99 million remain cryptographically safe under current threat models.
Vulnerability Breakdown and Supply Distribution
Glassnode’s analysis divides quantum risk across two categories. Structurally unsafe supply accounts for 9.6% of current Bitcoin circulation (1.92M BTC)—predominantly holdings from 2009 to 2011, when fewer users understood key reuse risks. Operationally unsafe supply represents 20.6% of circulation (4.12M BTC), a larger cohort reflecting modern behaviors: address reuse across multiple transactions, partial coin spending, and centralized exchange custody practices that expose keys before settlement. The remaining 69.4% (13.99M BTC) shows no visible public key on-chain, maintaining theoretical resistance to quantum attacks under existing cryptographic assumptions.
Implications for Bitcoin Infrastructure and Security Standards
The growth of operational exposure signals a divergence between theory and practice in Bitcoin custody. While modern wallet software implements single-use addresses and hierarchical deterministic (HD) key derivation, real-world behavior—particularly among exchanges and long-term holders—continues to expose keys through address reuse. This gap underscores a broader security challenge: technical standards alone cannot prevent vulnerability if users and custodians do not follow them. The data also highlights why early Bitcoin adoption created structural risk; those wallets lacked the cryptographic tooling available today.
Timeline and Unresolved Questions
Glassnode provides no timeline for when quantum computing capability becomes practical enough to threaten Bitcoin’s security. Current quantum systems remain theoretical threats to cryptographic systems at Bitcoin’s scale. Bitcoin’s developer community has not published a formal mitigation roadmap, leaving open questions about protocol-level defenses, key migration strategies, or timeline urgency. The analysis serves as a security baseline—not a prediction of imminent risk.
