Quantum risk does exist in crypto. But it doesn't hit all wallets the same way. This is the central point of Galaxy Digital's new observation: the real dividing line does not run between Bitcoin and the rest, but between funds whose public key is already exposed on-chain and those which still remain hidden behind a hashed address.
In brief
- Quantum risk in crypto is not a myth.
- Not all wallets are exposed in the same way.
- The real battle is now being fought over technical preparation.
The real danger does not concern all crypto wallets
The heart of the problem is simple. A sufficiently powerful quantum computer could, in theory, find a private key from a public key and sign a fraudulent crypto transaction. In other words, he could steal funds without knowing the seed phrase. Galaxy reminds, however, that this scenario does not uniformly concern all wallets today.
For what ? Because many users confuse address and public key. On bitcoin, a large portion of funds still remain protected as long as the public key has not been revealed during a spend. It’s this nuance that changes everything. It reduces the immediate exposure of part of the network.
On the other hand, some bitcoins are already more fragile. This mainly targets old address formats, reused addresses, as well as certain deposits managed by exchanges or custodians who have favored operational simplicity to the detriment of cryptographic hygiene.
Bitcoin is not out of danger, but it has a structural advantage
This is where the debate becomes more subtle. Bitcoin is not “quantum proof”. But its UTXO model gives it a little safety cushion that account-based blockchains don't always have. On Bitcoin, the public key is often only visible when funds are spent. On networks like Ethereum or Solana, the public key is usually exposed at the account level.
This difference does not eliminate the risk. She shifts it. In an extreme scenario, a quantum attacker could target coins whose public key has already been visible for a long time. For others, he would have to act very quickly during the confirmation window of a transaction still in the mempool.
Galaxy also cites an estimate from Project Eleven according to which around 7 million BTC could fall into a so-called “long exposure” category, that is to say coins whose public key is already exposed on-chain. This figure is impressive. But it does not mean that plunder is possible today with known public quantum capabilities.
The crypto market is not standing still, developers are already working
The idea that Bitcoin developers would ignore the subject no longer really holds up. Galaxy says on the contrary, the pace of proposals has accelerated since the end of 2025. The subject is no longer marginal. It has become a concrete, technical and increasingly visible project.
The BIP 360 proposal is the most cited example. It introduces Pay-to-Merkle-Root, or P2MR, a new type of output designed to remove Taproot's “key path spend”, which precisely constitutes a surface of vulnerability in the face of a future quantum attacker. The idea is not magical, but it shows that the ecosystem is already seeking to reduce exposure even before the arrival of a real machine capable of breaking these signatures.
This movement goes beyond Bitcoin alone. In August 2024, NIST finalized its first three post-quantum cryptography standards, then continued to advance standardization in 2025. Clearly, global cybersecurity is already preparing for this transition. Crypto therefore does not live in a separate bubble.
The biggest challenge may not be technical
The real headache could come from governance. Bitcoin has no CEO, no board of directors, no red button capable of forcing an emergency update. Even when technical consensus emerges, network-wide adoption takes time. And time is precisely the fuzziest variable in the entire quantum issue.
Galaxy points out that estimates for the arrival of a truly dangerous quantum computer range from a few years to several decades, with no solid consensus. This vagueness fuels two opposing errors. The first is to deny the risk. The second is to announce the apocalypse for tomorrow morning. Neither position really helps investors.
Good reading is colder. Quantum risk is real, but it does not justify blind panic on all crypto wallets. What it does require, however, is better technical discipline: avoiding address reuse, understanding where the public key is exposed, and closely monitoring future post-quantum solutions. In this case, inaction is more dangerous than lucidity.
Maximize your Tremplin.io experience with our 'Read to Earn' program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.
