A new analysis from blockchain data firm Glassnode estimates that over 30% of all Bitcoin ever issued is exposed to quantum computing risk. That's 6.04 million BTC—split between 1.92 million from structural vulnerabilities like legacy P2PK outputs and a far larger 4.12 million from operational habits, chiefly address reuse and poor key management.
Operational risk dwarfs legacy code
The dominant source of quantum vulnerability isn't old software—it's how people handle their keys. Glassnode's data shows that 4.12 million BTC are at risk from operational exposure. That happens when a holder spends from a P2PKH or P2WPKH address: the public key gets written on-chain. If that same address was ever reused, the remaining coins are toast. A quantum computer running Shor's algorithm can derive the private key from a public key in polynomial time. The numbers are sobering.
Why P2TR coins are in the crosshairs
Structural exposure—1.92 million BTC—includes the obvious ancient P2PK outputs (where the public key was always visible), but it also covers Taproot (P2TR) outputs. That surprised some observers. P2TR was supposed to be more private, but its design still exposes the public key on first spend if certain conditions are met. The data lumps it in with bare multisig and other legacy formats. So the risk isn't just from coins mined in 2010.
What quantum computers can and cannot do
Shor's algorithm is devastating against ECDSA public keys—it can compute the private key fast. But it can't reverse a hash to discover a public key in the first place. That's a critical limitation. Coins sitting in addresses that have never been spent (and therefore never revealed the public key on-chain) are safe—until the owner tries to move them. That's why address reuse is the real ticking bomb. A single spend from a reused address exposes all remaining funds to anyone with a powerful enough quantum machine.
The clock isn't ticking yet—large-scale quantum computers remain theoretical, and no one knows exactly when they'll arrive. But the data suggests a meaningful chunk of Bitcoin's supply is already prepped for exploitation once they do. For now, the fix is simple: don't reuse addresses. Move coins to fresh ones after each transaction. The onus is on users to manage their key hygiene before the technology catches up.
