The case for why quantum computing may not be an existential threat to bitcoin

A new report from CoinShares is challenging the idea that bitcoin faces an imminent threat from quantum computing, arguing that only a narrow slice of supply is exposed in a way that could realistically move markets.

According to the digital asset manager, the risk is often overstated because potentially vulnerable bitcoin is not concentrated in a handful of large wallets. Instead, it is dispersed across tens of thousands of smaller holdings, sharply reducing the economic appeal and practical feasibility of a large-scale quantum attack.

CoinShares, the fourth-largest global issuer of crypto exchange-traded products behind BlackRock, Grayscale and Fidelity, reported more than $10 billion in assets under management as of September 2025 and controls roughly 34% of the EMEA market.

In a report released Saturday, the firm pushed back against claims that 20% to 50% of bitcoin supply could eventually be vulnerable to quantum-enabled key extraction. CoinShares said such estimates blur the distinction between theoretical cryptographic exposure and coins that could actually be compromised in a coordinated, market-moving event.

The analysis focused on legacy Pay-to-Public-Key (P2PK) addresses, where public keys are permanently visible on-chain and therefore more susceptible if sufficiently advanced quantum computers were to emerge. CoinShares estimates that about 1.6 million BTC — roughly 8% of total supply — remains in these older address formats.

Even within that subset, the amount of bitcoin capable of causing “appreciable market disruption” if stolen is far smaller. CoinShares estimates that just 10,200 BTC sits in addresses large enough to matter at a systemic level. The remainder is fragmented across more than 32,000 unspent transaction outputs (UTXOs), each averaging roughly 50 BTC.

This fragmentation significantly raises the difficulty for any attacker. Rather than breaching a single wallet and extracting a market-moving sum, a quantum adversary would need to compromise thousands of individual keys one by one — a process that would be slower, more visible and far less profitable, even under optimistic assumptions about quantum capability.

The report also emphasized the technological distance between today’s quantum systems and those required to threaten bitcoin’s cryptography. CoinShares estimates that fault-tolerant quantum computers roughly 100,000 times more powerful than current machines would be needed, placing any credible threat at least a decade away. Ledger CTO Charles Guillemet, cited in the report, noted that Google’s Willow system operates at 105 qubits, while key extraction would require machines with millions of qubits.

Rather than framing quantum computing as an emergency, CoinShares described it as a long-term engineering challenge that bitcoin can address gradually. The firm supports a phased transition to post-quantum signature schemes, allowing the network to adapt over time without disruption.

Concerns about quantum risk have resurfaced amid recent market volatility, as investors search for deeper structural explanations for price weakness. In December, CoinDesk reported that most bitcoin developers view quantum computing as a distant concern, with machines capable of breaking bitcoin’s cryptography unlikely to arrive for decades.

Skeptics argue that the greater risk lies not in the timeline, but in the lack of visible preparation, particularly as governments and major technology firms begin deploying quantum-resistant systems. Proposals such as BIP-360, which would introduce new wallet formats enabling gradual migration, highlight that tension and point to a widening gap between developer caution and institutional investors seeking clearer long-term assurances.