Kripto Haberlerine Dön
LatestBitcoin

Top cryptographers can't agree on Bitcoin's biggest quantum question

CB
CoinDesk: Bitcoin, Ethereum, Crypto News and Price Data
June 13, 2026
Paylaş Twitter LinkedIn Telegram
Top cryptographers can't agree on Bitcoin's biggest quantum question

Jun 13, 2026, 6:07 a.m.

3 min read

Bitcoin hero image (CoinDesk)

Summary

  • A Coinbase advisory council of leading cryptographers says quantum computers are not yet a threat to Bitcoin but urges the community to begin technical planning for post-quantum signatures now.
  • Roughly 6.7 million bitcoin are considered vulnerable to a future quantum attack, including about 1.7 million in early addresses likely tied to Satoshi Nakamoto and lost keys, fueling debate over whether to let those coins remain spendable.
  • The council declines to choose between proposals that could freeze or constrain vulnerable coins, instead stressing that compatible solutions can be combined and that users need clear communication and timely action from the Bitcoin community.

A Coinbase-convened advisory board of some of the most prominent cryptographers in the world has laid out what Bitcoin should do about the millions of coins a future quantum computer could steal, and on the hardest question, it refuses to answer.

The board, which shared the report with CoinDesk earlier this week, includes Scott Aaronson of the University of Texas at Austin, Dan Boneh of Stanford and Justin Drake of the Ethereum Foundation. Its starting point is that quantum computers are not a threat to blockchains today and that nobody knows when they will be, so the debate should not wait on a timeline.

The exposure is concentrated in Bitcoin, however. About 1.7 million bitcoin sit in roughly 20,000 early pay-to-public-key addresses, a format that publishes the owner's public key directly on the blockchain and leaves it open to a quantum attacker.

Many are assumed to belong to Bitcoin's pseudonymous creator Satoshi Nakamoto and other owners who lost their keys, which means they can never be moved to safety. Another 5 million or so are exposed through address reuse, according to Project11, a research group tracking the issue, though most of those are thought to be active holdings in exchange wallets.

Swapping in quantum-resistant signatures is the easy part, but the fight is over the coins nobody moves. One camp argues for a hard deadline, after which the signature schemes Bitcoin uses today, ECDSA and Schnorr, stop being accepted and any unmigrated coins become unspendable. Leaving them live, this side says, hands a future attacker, potentially a sanctioned state like North Korea, a stash of bitcoin large enough to crash the price and taint the network's legitimacy.

The other camp calls that confiscation, a violation of the absolute property rights Bitcoin was built on, and warns it sets a precedent for freezing coins under government pressure later.

Between them sit the several proposals CoinDesk has tracked over the past two months.

Hourglass would cap how many vulnerable coins can be spent per block to prevent a supply flood. BIP-361, from developer Jameson Lopp and others, would let migrated holders prove ownership after the cutoff with a quantum-resistant proof that exposes no key. PACTs, from Paradigm's Dan Robinson, would let owners timestamp a private claim now and move funds later without revealing anything today.

The Coinbase board, however, notes these are compatible and could be adopted together.

What the board will not do is choose. It writes that there is no correct answer and that the Bitcoin community has to decide. It commits to only two things, that the technical migration planning should start now because it is separate from the abandoned-coins question, and that holders need clarity so the issue does not fester.

"While the council takes no position on the abandoned coins debate, that's for the community to decide, they are direct about two things: Start the technical migration work now. The engineering work to support post-quantum signatures is independent of the governance debate and shouldn't wait for it."

"Communicate clearly. Users need to know this problem is being taken seriously. Uncertainty is its own risk," it adds.

The proposals multiply and the names attached to them get more serious. The instruction every version shares, move now, is the one Bitcoin has yet to act on while Ethereum has spent years preparing.

  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7
  8. 8
  9. 9
  10. 10
Paylaş Twitter LinkedIn Telegram