The quantum threat to Bitcoin isn't waiting for some future breakthrough—it's already baked into how 6 million coins are stored today.
The Summary
- Glassnode analysis reveals 6.04 million BTC (nearly 30% of supply) are quantum-exposed, with 4.12 million coins vulnerable due to user behavior like address reuse and partial spending, not protocol flaws.
- Only 1.92 million BTC face "structural" exposure from Bitcoin's older script types—meaning behavioral risk is more than double the code risk.
- The split matters: one category can be fixed by upgrading wallets and custody practices, the other requires protocol-level changes like BIP-360.
- This exposure exists right now, before any quantum computer breaks ECDSA—the countdown started when those public keys got exposed.
The Signal
Glassnode's breakdown cuts through the quantum FUD by separating what Bitcoin users are doing wrong from what Bitcoin itself does wrong. The 4.12 million BTC exposed through behavior comes from three things: reusing addresses after spending from them (which exposes the public key), making partial spends that leave change in quantum-vulnerable outputs, and institutional custody setups that prioritize auditability over quantum safety. That's 68% of the total quantum-exposed supply sitting there because of operational choices, not cryptographic design.
The remaining 1.92 million BTC—roughly 10% of circulating supply—face structural risk from legacy P2PK (pay-to-pubkey) outputs and other older script types where public keys are naked on the blockchain. These include Satoshi's early coins and outputs from Bitcoin's first few years. There's no behavioral fix here. The protocol itself needs an upgrade.
"Behavioral exposure is more than double structural exposure—and only one of these can be fixed by changing how you use Bitcoin today."
Here's what matters for anyone holding BTC:
- Fresh addresses for every receive = quantum-safe until you spend
- Never reuse an address after spending from it
- Full spends to new addresses beat partial spends with change
- Taproot outputs (bc1p addresses) offer better quantum resistance than legacy or SegWit
The urgency framing from Crypto Briefing—"underscores the urgent need for Bitcoin's cryptographic evolution"—misses the point. Half the problem can be solved without touching consensus rules. Exchanges, custodians, and wallet developers can reduce behavioral exposure today by changing default settings and user flows. The 4.12 million behaviorally-exposed BTC aren't waiting on BIP-360 or any other protocol upgrade.
The structural 1.92 million, though? That's where protocol work matters. BIP-360 and similar quantum-resistant proposals would give Bitcoin a post-quantum signature scheme, but implementing that without breaking backward compatibility or fragmenting the network is the hard part. You can't just flip a switch. You need coordination across miners, node operators, wallet providers, and exchanges—the same coordination challenge that makes any Bitcoin upgrade contentious.
The Implication
If you're holding Bitcoin, your first move isn't waiting for a protocol upgrade. It's auditing your own custody setup. Are you reusing addresses? Generating change outputs to the same vulnerable scripts? Your exposure is behavioral, and you can fix it this week. For institutions and exchanges managing large balances, this Glassnode data is a custody wake-up call. The quantum clock is ticking not from some future breakthrough, but from the moment you exposed a public key.
For protocol developers and Bitcoin's governance layer, the 1.92 million structurally-exposed BTC set a deadline. Quantum-resistant cryptography isn't a nice-to-have anymore. It's infrastructure work that needs to happen before the window closes. The longer those legacy outputs sit exposed, the more incentive a sufficiently powerful quantum adversary has to target them. Behavioral fixes buy time. Protocol upgrades buy permanence.