Experts warn that quantum computing threatens the cryptography protecting Bitcoin, potentially enabling the recovery of millions of inactive coins — a scenario that collides directly with the network’s consensus and security assumptions. The danger mixes a hard technical problem with a political one: whether the community would freeze old balances or allow a massive reintroduction of supply.
The Coming Quantum Stress Test for Bitcoin
Analysts estimate a practical threat window between 2028 and 2040, with IBM’s roadmap pointing to fault-tolerant quantum machines by 2029 and large-scale systems around 2030. Technical estimates suggest that tens to hundreds of millions of error-corrected qubits would be required to crack Bitcoin’s ECDSA signatures, with one calculation raising the threshold to 317 million physical qubits to break a signature in under an hour. While Grover’s algorithm could weaken SHA-256, the most immediate danger remains the attack vector on public-key signatures.
You allow the old coins to come back to market.
Since there is no chance we come to consensus to freeze them, focus on the tech side of quantum safe wallets, and let the market sort out the rest. https://t.co/7xOZRVYl5r
— _Checkmate 🟠🔑⚡☢️🛢️ (@_Checkmatey_) November 23, 2025
ECDSA is the elliptic-curve scheme proving that a Bitcoin transaction comes from the rightful private-key owner. The most plausible threat is “harvest now, decrypt later”, where attackers collect public keys today to crack them once quantum capability arrives. According to cited estimates, nearly one quarter of Bitcoin’s supply — around 4 million BTC — sits in addresses with exposed public keys, and broader ranges place vulnerable inactive coins between 3.5 and 7 million BTC, including roughly 1.1 million BTC attributed to Satoshi Nakamoto.
But the real challenge isn’t only technical. Bitcoin’s decentralized governance makes rapid cryptographic migration extremely difficult, creating what James Check calls a “political gridlock”. Any quantum-resistant upgrade might require a hard or soft fork and overwhelming consensus among miners and nodes, something far from guaranteed.
The economic fallout could be immense. A sudden reintroduction of millions of coins would shatter assumptions about Bitcoin’s circulating supply, triggering extreme volatility. Yoon Auh of BOLTS Technologies warns that even a false alarm could cause a “chain reaction” of panic selling and massive losses. Nic Carter has described quantum computing as “the greatest risk to Bitcoin,” emphasizing that confidence can collapse long before cryptography actually breaks. Institutions including the Federal Reserve, BlackRock, and Tether’s Paolo Ardoino have also stressed the need for preparation.
The quantum threat blends a real cryptographic vulnerability with a deep governance dilemma, and how the community handles this tension could determine whether Bitcoin undergoes an orderly evolution — or faces a disorderly liquidity crisis.