More than $2 trillion in digital assets use vulnerable crypto, according to Quantus.
BIP-360 exists as a proposal for Bitcoin, but does not yet have an activation consensus.
Bitcoin faces the most difficult post-quantum migration problem in the cryptoasset ecosystem, due to the combination of its governance model, the permanent exposure of public keys on the chain and the existence of millions of BTC in addresses that no one can migrate, according to a report published by the Quantus Network team on May 27.
The report, based on the paper of Google Quantum AI, also highlights two relevant points: the first is that more than USD 2 trillion in digital assets are secured by elliptic curve cryptography (ECC), vulnerable to Shor’s algorithm, which a sufficiently powerful quantum computer could run to derive private keys from public keys.
And secondly, that the United States National Institute of Standards and Technology (NIST) aims to discourage RSA schemes (used in banks for example) and ECC-256 (used in networks such as Bitcoin, Ethereum, among others) by 2030 and ban them completely by 2035.
The Bitcoin knot against quantum computing
For Bitcoin, change moves forward only when there is rough consensus within the community, with no party having the authority to mandate it.
The Quantus study frames it this way:
Bitcoin’s governance structure is deliberately conservative. Changes move forward only when there is rough consensus among miners, Bitcoin Core developers, node operators, exchanges, and users, with no party having the power to mandate a change. This structure is a fortress against hasty decisions. It is a severe restriction when the network needs to execute a cryptographic transition against a schedule.
Quantus Network Report.
Joe Mattia, COO of Quantus, said that “the migration itself will take years. Wallets and exchanges require infrastructure upgrades, and each user will need to move their funds individually. “That can only begin once the implementation details are decided by a governance process that itself will take time.”
ARK Invest agreed with this reading in a study published in March, as reported by CriptoNoticias, since the firm pointed out that the decentralized governance of Bitcoin is simultaneously its greatest strength and its main obstacle to implementing changes on time.
In this context, the Quantus team highlighted that the BIP-360 proposal, formally incorporated into the official Bitcoin repository on February 11, is the most developed initiative to initiate this migration. The proposal introduces a new type of address that hides the public key even at the time of paymentneutralizing attacks at rest.
However, at the beginning of 2026 it does not have an activation consensus: «The proposal exists, but the political and social coordination required to implement it has not taken shape»holds up the Quantus document.
The problem of Bitcoin coins that cannot migrate
A successful migration from Bitcoin to post-quantum crypto forces a decision on funds that no one can move. Between 2.3 and 3.7 million BTC are at addresses whose owners lost access to their private keys, according to Chainalysis estimates cited in the Quantus report. These currencies cannot migrate to post-quantum addresses because there is no one to control them.
The most visible point is around a million BTC mined in the first months of the network, in the original Payment to Public Key (P2PK) format, where the public key is exposed directly on the chain, says the Quantus team. Those funds They would be the first targets of a quantum attack against funds at rest: they do not require intercepting any transactions, because the material the attacker needs is already public.
Regarding these currencies, the Quantus report presents two unresolved positions:
- Do not intervene: leave them vulnerable and treat the eventual quantum theft as the loss of the first occupant.
- Set a migration deadline and freeze or burn what doesn’t migrate: This would be tantamount to confiscating funds from those who simply did not act in time or lost access years ago. “This is a political problem, and Bitcoin’s governance structure (which relies on rough consensus among miners, developers, and users with no formal decision-making authority) is ill-equipped to solve it,” the Quantus paper maintains.
Ethereum and quantum: an advantage and several disadvantages
On the other hand, “a post-quantum hard fork is politically conceivable within the Ethereum model in a way that it is not within that of Bitcoin,” the Quantus report maintains.
Ethereum has a structural advantage over Bitcoin: its history of hard forks coordinated (for example the DAO fork and the change to PoS) shows that can make profound changes when the Foundation, developers and validators align.
However, This advantage coexists with a larger attack surfacesince, unlike Bitcoin, Ethereum is vulnerable not only in transaction signatures but also in its consensus mechanism and in the smart contracts of its ecosystem.
The exhibition reaches the entire cryptocurrency ecosystem
The Quantus paper warns that public debate about the quantum threat has undervalued the true extent of the exposure. Decentralized finance (DeFi) protocols that hold billions in assets, managing keys for stablecoins like USDC and USDT, cross-chain bridges (cross-chain), price oracles and on-chain governance systems they depend on the same elliptic curve signature scheme.
An attacker who, for example, compromised the minting key of a main stablecoin could issue unlimited supply, collapse its parity and trigger cascading liquidations in all protocols that use it as collateral, they point out from Quantus Network.
Finally, regarding deadlines, the report cites data from Scott Aaronson, a computational complexity theorist at the University of Texas at Austin. This specialist, according to Quantus, between November and December 2025 published a series of studies in which he warned that those who trust that Bitcoin will be safe for the next five years They make the same mistake as the physicists of 1938, who dismissed nuclear weapons as a distant threat.
In a later entry he was more direct: if the pace of advancement of quantum hardware continues, Aaronson estimates that there will be fault-tolerant quantum computers. within the next decade.
Thus, while some actors consider that quantum would arrive before 2030 and others postpone that danger a decade into the future, the community continues to debate the potential risk that this technology may imply for digital systems, for traditional banking and for Bitcoin and other cryptoasset networks.