Bitcoin’s vulnerability to quantum computing is still years off, but according to Bernstein, roughly 1.7 million BTC held in early address types could be among the most exposed if the technology ever advances that far. This includes an estimated 1.1 million BTC linked to Satoshi Nakamoto, though this would only become relevant if quantum machines become powerful enough to crack today’s encryption.
Bernstein’s view is not that Bitcoin faces imminent collapse. The firm’s analysts frame the issue as a “manageable upgrade cycle” rather than an “existential risk,” noting the danger is concentrated in older wallets and addresses that reuse public keys. Newer wallet practices, such as avoiding address reuse, significantly reduce exposure.
The report also distinguishes between wallet risk and mining risk. Bitcoin’s SHA-256 mining process is not considered meaningfully vulnerable to quantum attacks, even if future machines become capable of threatening some wallet signatures. Bernstein identified the most exposed address types as pay-to-public-key, pay-to-multisig, and pay-to-Taproot formats.
The firm pointed to recent Google research as a reason the threat is now being taken more seriously, as it reduced the estimated resources needed to break modern encryption. However, Bernstein still believes building a machine capable of compromising Bitcoin remains years away due to major technical hurdles and high costs. The firm estimates the crypto industry has about three to five years to prepare for post-quantum security upgrades.
This timeline allows the Bitcoin developer community to act through its normal upgrade process. Bernstein expects open-source contributors and core developers would manage any shift toward quantum-resistant standards, with changes proposed and adopted by consensus.
The report aligns with a broader industry perspective. Quantum experts generally project a 10-year timeline for the arrival of cryptographically relevant quantum computers—machines capable of breaking today’s encryption. This gap is part of why Bernstein argues the issue is real but not urgent enough to cause panic.
For now, the pressure is on older holdings, not the network as a whole. Bernstein notes the risk is uneven, with older legacy wallets facing greater exposure because their public keys are already visible on the blockchain. In contrast, modern wallet usage and improved key management practices lower the chance of an attack.
The figure cited by Bernstein—about 1.7 million BTC in early P2PK addresses—illustrates why the topic persists. These coins would not be the first target of any quantum attack, but they represent what could be at stake if hardware advances faster than the network’s response. For now, Bernstein’s message is that Bitcoin has time, though not unlimited time, to prepare.
Frequently Asked Questions
FAQs Bitcoin the Quantum Computing Threat
BeginnerLevel Questions
1 What is the quantum computing threat to Bitcoin
Its the risk that future extremely powerful quantum computers could break the cryptographic codes that secure Bitcoin wallets and transactions potentially allowing someone to steal funds
2 What exactly would a quantum computer attack
Primarily it could attack the public key to derive the corresponding private key If someone has your private key they control your Bitcoin
3 Who is Bernstein and why is this warning important
Bernstein is a major global investment and research firm Their warning carries weight because they have deep expertise in both finance and technology signaling this is a serious credible longterm risk that the market should prepare for
4 Is my Bitcoin in immediate danger
No The capable quantum computers needed for this attack do not exist yet The warning is about preparing for a threat that is likely 35 years away
5 What does upgrade needed mean
It means the Bitcoin networks code would need to be updated to use new quantumresistant cryptographic algorithms that even a quantum computer couldnt easily crack
Advanced Practical Questions
6 Why is the timeline 35 years Is that when quantum computers will be ready
The timeline refers to the urgent need to start the upgrade process Developing testing and deploying a new global cryptographic standard for Bitcoin is a massive slow undertaking We need to begin long before the quantum computers themselves are fully operational
7 Would all Bitcoin be stolen overnight if a quantum computer appeared
Not necessarily The biggest risk is to unspent Bitcoin stored at a public address Bitcoin in cold storage or behind newer more complex scripts might be safer initially but the entire systems security foundation would be compromised
8 What is postquantum cryptography and is it ready
Its a new class of encryption algorithms designed to be secure against both classical and quantum computers Several candidates exist and are being standardized by bodies like NIST but they are not yet battletested at the scale and with the constraints of the Bitcoin network