Bitcoin’s Dormant Wallets Could Be the Weakest Link in a Quantum Era

Why dormant Bitcoin addresses are vulnerable to quantum threats

The common narrative surrounding the impact of quantum computing on Bitcoin focuses on a doomsday scenario in which the entire network collapses at once. However, this perspective overlooks a critical distinction in how the risk is actually distributed.

Bitcoin’s quantum vulnerability is not a blanket threat. It is concentrated in dormant addresses with exposed public keys. This includes many of the oldest coins from the “Satoshi era” and lost wallets.

While modern Bitcoin (BTC) addresses use stronger security layers, these legacy holdings could become the primary targets of the first generation of powerful quantum machines. These wallets offer attackers time, scale and minimal resistance. That combination makes them the most likely starting point for any future quantum-driven disruption.

Ultimately, this does not point to a sudden networkwide failure. Instead, it suggests a tiered risk model in which a specific segment of the supply is far more exposed than the rest.

The quantum debate is not just about how powerful computers become. It is also about which parts of Bitcoin are already structurally exposed and which can still adapt in time.

Did you know? Dormant Bitcoin wallets may hold coins secured by older cryptographic methods, making them potential targets if quantum computers ever break current encryption standards.

What quantum computers could actually attack in Bitcoin

Bitcoin relies on two broad cryptographic components: hash functions (SHA-256) for mining and block security and public-key cryptography (ECDSA/Schnorr) for transaction signatures.

Quantum computers affect these components differently.

Hash functions are relatively resilient. While Grover’s algorithm could theoretically weaken them, it would not render them useless. It would only reduce their effective security level.

Public-key cryptography is a different story. Using Shor’s algorithm, a powerful quantum computer could derive a private key from a known public key. In Bitcoin’s context, that means any coin with an exposed public key could be spent by an attacker.

The key distinction: On-spend vs. at-rest attacks

To understand why dormant wallets matter, it is important to distinguish between two types of quantum attacks:

On-spend attacks

• They occur when a user broadcasts a transaction.

• The public key becomes visible during the transaction process.

• The attacker must derive the private key within a short window, roughly one block interval, or about 10 minutes.

At-rest attacks

• They target coins whose public keys are already exposed on-chain.

• The attacker has extended time, potentially days, weeks or longer, to compute the private key.

• No immediate transaction trigger is required.

This timing difference is crucial. On-spend attacks are constrained by speed, while at-rest attacks are constrained only by computational capability.

Why dormant wallets could be more exposed than active ones

Dormant wallets combine three characteristics that make them uniquely vulnerable: no defensive action, long exposure windows and high-value concentration.

• No defensive action: Active wallets can move funds to new addresses, adopt better practices or migrate to future quantum-resistant formats. Dormant wallets cannot. If the owner has lost access or is no longer active, those coins remain permanently exposed.

• Long exposure windows: If a wallet’s public key is already visible, attackers can work offline without time pressure. This removes one of Bitcoin’s natural defenses: the short transaction confirmation window.

• High-value concentration: Many dormant wallets belong to early Bitcoin users who mined or accumulated coins when they had little value. Today, some of these wallets may hold BTC worth tens of thousands of dollars. This creates a high-value, low-resistance target profile.

Did you know? Coins in inactive wallets cannot upgrade their security, which means quantum-resistant fixes may protect only active users, not untouched early Bitcoin holdings.

Which Bitcoin wallets are most exposed

Not all Bitcoin addresses are equally vulnerable. The most exposed categories include the following:

Old P2PK (Pay-to-Public-Key) outputs

• They were common in Bitcoin’s early years.

• Public keys are directly visible on-chain.

• They have no additional layer of protection.

Address reuse

• This happens when a user spends from an address and continues using it.

• The public key becomes visible after the first spend.

• Any remaining funds become vulnerable.

Certain modern script types

• Some newer formats, such as Taproot outputs, include public keys directly.

• While they were designed for efficiency and privacy, they may still fall into “at-rest” exposure under quantum assumptions.

Even relatively safer formats can lose that advantage if users reuse addresses.

The scale of the problem: Dormant coins dominate the risk

Quantum risk is not just theoretical. It is also measurable in terms of exposure.

Estimates suggest the following:

• Bitcoin worth millions of dollars remains in addresses with exposed public keys.

• A significant portion of these holdings comes from early-era mining rewards.

• Many of these coins have not moved for more than a decade.

A large share of these holdings consists of 50 BTC block rewards from Bitcoin’s early days, often associated with miners who are no longer active.

This creates a structural imbalance:

In other words, the largest quantum targets are also among the largest Bitcoin holdings.

Did you know? Some of the largest Bitcoin holdings have not moved in more than a decade, creating a silent pool of assets that could be exposed to future quantum attacks.

A deeper challenge: Dormant wallets and network governance

Dormant wallets introduce more than a technical problem. They also raise governance and policy questions.

If quantum attackers begin targeting these coins, the Bitcoin ecosystem could face difficult choices:

• Should such coins be claimable if the cryptographic conditions are met?

• Should protocol changes attempt to freeze or protect long-dormant funds?

• How should the network treat assets that are likely lost but still technically spendable?

This raises broader debates around property rights, immutability and digital salvage. Unlike active users, dormant wallets cannot participate in any migration or upgrade process, which makes them a unique edge case in protocol design.

Why this doesn’t mean Bitcoin is broken

It is important to distinguish between Bitcoin’s long-term structural risk and any immediate threat.

There is currently no widely accepted evidence that quantum computers capable of breaking Bitcoin’s cryptography exist today. The development of such systems is expected to take years, and possibly decades, of engineering progress.

Moreover:

• The risk is expected to develop gradually.

• The ecosystem has time to research and deploy mitigation strategies.

• Active users can adapt more quickly than dormant wallets.

This means the first effects of quantum advances, if and when they arrive, may be selective rather than universal.

What can be done in the meantime

To reduce the vulnerability of dormant Bitcoin wallets to quantum attacks, holders can take a few steps:

• Minimizing public-key exposure: Reducing address reuse and limiting when public keys are revealed remains a foundational practice.

• Migration readiness: Developing pathways for users to move funds into future quantum-resistant formats will be critical.

• Protocol research: Ongoing work is exploring how Bitcoin could integrate quantum-resistant cryptography without compromising its core properties.

These measures primarily benefit active participants, which reinforces the gap between movable and immovable coins.