1) The report: what it actually says

On June 13, 2026, an advisory board convened by Coinbase — composed of professors from UT Austin, Stanford, UCSB, Eigen Labs, University of Washington, Bar-Ilan University, alongside representatives from the Ethereum Foundation and Coinbase — published an analysis on Bitcoin's quantum risk. The conclusion: today's quantum computers CANNOT break Bitcoin's cryptography, but preparation needs to start now, regardless of the exact timeline for such machines.

2) Where the problem is: mining vs signatures

The board draws a clear distinction: Bitcoin's mining and hash functions are considered quantum-resistant for the foreseeable future. The problem lies elsewhere — in wallet-level digital signatures. When a Bitcoin address is used to send funds, the public key is revealed on the blockchain. A quantum computer could, in theory, derive the corresponding private key from that public key — and drain the wallet without ever needing the original private key.

3) The number: ~7M BTC, with 1.7M at the center

The analysis identified roughly 7 million BTC as particularly vulnerable to a future quantum attack — due to public key exposure and address reuse. Within that total, roughly 1.7 million BTC sit in ~20,000 old ‘Pay-to-Public-Key’ addresses — the format used in Bitcoin's earliest days. Many of these are tied to early mining activity or belong to wallets whose private keys have been permanently lost. These coins can't ‘migrate’ to quantum-safe formats — because there's no one around to move them.

4) How close is this risk, really

Today's quantum computers have fewer than 1,000 logical qubits. Estimates suggest several thousand high-quality logical qubits would be needed to break Bitcoin's elliptic curve cryptography — with error correction and stability remaining significant technical hurdles. Some researchers predict a ‘cryptographically relevant’ quantum computer could emerge within 10–20 years — a highly uncertain estimate, but one that means the risk isn't ‘current’, just ‘not infinitely far away’.

The dilemma: what to do about Satoshi's coins

This is where the board declined to take a position. Some members argued for a proactive freeze: ‘freeze’ the most vulnerable/dormant coins now, before a bad actor gets there first — a security-first stance. Others pushed back hard: ‘freezing’ coins at the protocol level means deciding that certain Bitcoin is no longer spendable — something that cuts against core Bitcoin principles (no central authority, no one confiscates funds). The board noted the two approaches (post-quantum addresses + potential restrictions on vulnerable coins) are ‘compatible’ and could be combined — but no central authority can mandate such a change. The decision belongs to the Bitcoin community.

6) What this means for you

Practically, for the average Bitcoin holder: the board emphasized that avoiding address reuse (using a new address for every transaction — something most modern wallets already do by default) significantly reduces public key exposure. The risk is concentrated mainly in old, dormant, or address-reused holdings — not in modern, well-managed wallets.

Second, this is a reminder that Bitcoin — despite its reputation as ‘immutable’ — has gone through contentious upgrades before, and a quantum-resistant migration would likely be the most complex one yet. It's not just a ‘technical’ issue — it's a governance issue: who decides, how, and what happens to those who can't (or are no longer around to) react.

Finally, unlike our previous articles (which covered short-term market moves), this is a tail risk on a decades-long horizon — not something affecting your position this week. But it's the kind of risk that, when it happens (if it happens), won't give a ‘few days’ warning — so preparing at the protocol level now is the opposite of panic: it's risk management at network scale.