Taproot (P2TR) addresses have 100% of their public keys exposed.
Taproot accounted for 21.68% of all Bitcoin transactions in 2025, according to Nagar.
Eli Nagar, CEO of the Braiins mining pool, described the 2021 Taproot update as a setback from the point of view of quantum security in an analysis published on April 12.
Nagar based his statement on what was exposed by the recent Google Quantum AI study, which, as CriptoNoticias reported, reduced the resources necessary to compromise the cryptography that protects the signatures of Bitcoin transactions by up to 20 times.
Bitcoin’s most recent update, Taproot, actually made things worse from a quantum perspective. It exposes key information publicly, giving a quantum attacker unlimited time to work.
Eli Nagar, CEO of Braiins.
He paper Google classifies Pay to Taproot (P2TR) addresses, the format introduced with Taproot, in the same category of quantum vulnerability as the Payment to Public Key (P2PK) formatthe oldest on the network.
Why is Taproot vulnerable?
The technical reason is design. P2TR addresses store the public key directly on-chain from the moment funds are received. That means that any actor observing the network has access to that public key permanentlywithout having to wait for the user to make a transaction.
That exposure is relevant to the quantum threat because the algorithm Shorexecutable on a sufficiently powerful quantum computer, could use that public key to derive the corresponding private key and access the funds.
Unlike other formats where the key is only exposed at the time of spending,in P2TR the potential attacker has unlimited time to work. This also enables “store today, decrypt later” attacks, where actors could capture vulnerable information today, to decrypt it in the future.
As reported by CriptoNoticias, data from the on-chain analysis platform of the developer known as Wicked shows that the P2TR addresses have 100% of their 205,581 BTC exposedjust like the P2PK addresses of the Satoshi era with their 1,716,320 BTC. In total, approximately 6.9 million BTC (34.58% of the supply and almost $500 billion) have public keys visible on-chain.
Taproot Address Adoption in Bitcoin
Nagar pointed out besides that Taproot accounted for 21.68% of all Bitcoin transactions in 2025pointing out that a growth in adoption of using Taproot addresses would further expand the amount of potentially vulnerable BTC.
However, that figure contrasts with the current use of the format. According to data from the Clark Moody platform from the last 30 days, Taproot barely represents 10.83% of transaction volume and 4,558,390 outputs, compared to more than 20 million for the SegWit v0 format, the most used on the network.
Taproot addresses peaked in adoption following the launch of the Ordinals protocol in 2023, which used them to enroll arbitrary data on-chain. Once that boom cooled, the format fell into disuse and today it is one of the least used in the ecosystem.
This drop in use does not eliminate the quantum problem that Nagar poses, but rather qualifies it, given that the vulnerability does exist. For this reason, and as reported by CriptoNoticias, the CTO of Lightning Labs, Olaoluwa Osuntokun, published on April 8 a proof of concept that seeks precisely to protect the vulnerability of Taproot wallets and convert them into post-quantum ones.
In this context, the debate about the quantum threat to Bitcoin remains open and without a unified answer. While some actors in the ecosystem consider that the risk is decades away, others point out that the deadlines are shortening faster than expected and that the window to prepare is narrower than the community assumes.