Ark Invest and Unchained say that around 34.6% of Bitcoin – mostly early, reused and Taproot addresses – could be vulnerable if future quantum computers break today’s cryptography.
Conclusion
- The report estimates that 34.6% of BTC, including 5 million coins in reused addresses, 1.7 million in legacy P2PK, and 200K in Taproot, could be wiped out if the elliptic curve crypto breaks.
- Quantum is designed as a long-term threat, not an immediate one, giving Bitcoin time to introduce quantum-safe address types, migration incentives, and strict anti-spending criteria.
- For investors, Ark calls this structural tail risk: long-lived and “lost” coins can rise in value as quantum milestones approach, especially for institutional holdings.
According to a new joint report by Ark Invest and Unchained, nearly a third of all Bitcoin (BTC) in circulation could still be vulnerable if future quantum computers break today’s basic cryptography.
Arch warns of quantum risk to BTC legacy
The report estimates that approximately 34.6% of the BTC supply remains at potential risk in a plausible quantum breakthrough scenario. This chunk consists of about 5 million BTC (about 25% of the total supply) exposed through address reuse, about 1.7 million BTC (8.6%) in early payment-to-public key (P2PK) addresses, and about 200,000 BTC (about 1%) linked to the Taproot P2TR address type. In each of these cases, the public keys have been exposed on the chain, meaning a quantum adversary who could break Elliptic Curve Cryptography (ECC) could in theory obtain the private keys and mine the funds.
Ark and Unchained point out that most existing Bitcoin is already immune to quantum threats in the short term, as modern usage patterns minimize the impact of unnecessary keys. However, legacy buckets—early coins, reused addresses, and some advanced script types—represent a structurally trapped group that never fully moves, especially where the owners are lost, dead, or offline. This creates a long-term attack surface that could disrupt supply expectations if quantum capacity is achieved earlier than expected.
Long term problem, slow fix
More importantly, the report describes quantum as a “long-term risk”: the industry still expects that it will be years before any machine can actually crack Bitcoin’s ECC in real time. It will then allow the Bitcoin community to develop quantum-resistant schemes, including new address types, migration incentives, and protocol-level signals to prevent key reuse.
For investors, deleveraging is not inevitable death, but a structural tail risk that needs to be priced in and managed. If and when there are credible quantum attacks near capacity, pressure on long-dormant coins will increase, and legends about “lost” supply, Satoshi-era wallets, and institutional custody standards will likely re-emerge. Ark’s message is clear: Bitcoin cryptography doesn’t need to change tomorrow, but serious work on quantization needs to be done before mathematical breaks.
