Non-profit group Presidio Bitcoin has released a technical report examining the growing quantum computing risk to the Bitcoin network.
The document looks at where quantum capabilities stand today, how much of BTC’s value could be exposed, what mitigations are already feasible, and how the wider ecosystem might coordinate a software update and migration.
Why Upgrades Are Harder In A Decentralized System
Presidio Bitcoin begins from a simple point: Bitcoin is software, and that is both its power and its weakness. Because it is built as a system of code, Bitcoin is relatively easy to move, verify, and hold.
At the same time, it inherits digital risks that come with relying on cryptography. One of the most important of those risks has been discussed since Bitcoin’s early days—cryptographically relevant quantum computers, often shortened to CRQCs.
Related Reading
In theory, a CRQC could break the elliptic curve cryptography that underpins Bitcoin by enabling the derivation of private keys from public keys. The report emphasizes that this would primarily enable quantum-enabled theft of coins tied to exposed public keys.
The report argues that Bitcoin’s mitigation toolkit is broad and technically achievable today, but the path is less straightforward than it is for more centralized systems.
In centralized environments, coordination can be directed more easily. With Bitcoin, coordinating upgrades across developers, users, wallets, custodians, and infrastructure is inherently more complex.
There is also the risk of making changes too early, too quickly, or in a way that creates new vulnerabilities. Presidio also notes that post-quantum schemes come with meaningful trade-offs, not just technical but practical ones for the ecosystem.
6.5 Million Bitcoin Could Be At Risk
At the center of the vulnerability is Shor’s algorithm. Presidio explains that if a sufficiently powerful quantum computer exists, it could execute Shor’s algorithm to derive private keys from exposed public keys.
The report provides a stark quantitative estimate of what that could mean. If a cryptographically relevant quantum computer existed today, approximately 6.5 million BTC— one-third of the total supply—would be immediately vulnerable to theft.
More than two-thirds of that exposure—about 4.5 million Bitcoin—comes from address reuse. Much of the reuse, the report says, is concentrated among a small group of large custodians that use the practice for simplicity.
While that concentration increases the risk profile, Presidio also points out that this portion is reducible without any protocol change. The mitigation is straightforward in concept: rotate to fresh addresses.
The remaining structural exposure is different in nature. Presidio estimates 1.72 million BTC sits in legacy pay-to-pubkey (P2PK) outputs, and the report notes that most of those are presumed lost.
It also distinguishes another category: addresses that have never been spent and where only a hash of the public key is visible on-chain are not vulnerable at rest under current understanding.
The Uncertain Clock For CRQCs
A major part of the report is the uncertainty around timing. Presidio stresses that the timeline for CRQCs remains uncertain, with expert surveys placing the probability of cryptographically relevant machines emerging between 2030 and 2035 at about 50%.
Even so, Presidio outlines a concrete strategy for Bitcoin network’s path forward. It involves deploying post-quantum signature schemes via a soft fork, rather than a disruptive hard change.
Related Reading
Activation is where timing matters most. Presidio says the Bitcoin ecosystem will likely complete the post-quantum signature activation well before a CRQC threat materializes.
However, Chaincode’s playbook—referenced in the report—places activation around month 6–7 if it does not happen earlier. After activation, migration would follow.
Featured image from OpenArt, chart from TradingView.com
