A new on-chain analysis has quantified the portion of Bitcoin (BTC) currently exposed to potential quantum computing risks while sitting at rest on the blockchain.
In this case, approximately 6.04 million BTC, or 30.2% of Bitcoin’s issued supply, has publicly visible keys on-chain, making those coins theoretically vulnerable to future quantum attacks.
The remaining 13.99 million BTC, or 69.8%, has no public-key exposure at rest, according to data published by Glassnode on May 20.
The study identified two exposure categories, including structural and operational. Structural exposure accounts for 1.92 million BTC, or 9.6% of supply, covering coins inherently exposed by design, including early Pay-to-Public-Key outputs, bare multisig structures, and Taproot outputs.
Operational exposure totals 4.12 million BTC, or 20.6% of supply, stemming from practices such as address reuse, partial UTXO spending, and certain custody setups that unnecessarily reveal public keys.
At the same time, cryptocurrency exchanges account for a large share of this exposure, holding roughly 1.63 million to 1.66 million BTC of the operationally exposed supply.
Bitcoin quantum operational exposure
Exposure levels vary across custodians, with some sovereign holdings, including those of the United States, the United Kingdom, and El Salvador, showing near-zero exposure.
Glassnode also noted that the risk applies only to coins with publicly visible keys. While current cryptography remains secure, a sufficiently advanced quantum computer using Shor’s algorithm could theoretically derive private keys from known public keys.
Coins without visible public keys are not considered exposed under the at-rest model. This distinction matters because at-rest exposure reflects Bitcoin that could be targeted without waiting for a transaction, while on-spend exposure occurs only when coins are moved.
Glassnode said operational exposure can be reduced through better wallet practices, including avoiding address reuse, rotating change addresses, and improving custodial reserve management. However, structural exposure tied to older inactive coins may persist.
Meanwhile, the research did not predict when quantum attacks on Bitcoin could become practical or assess the security of any exchange or custodian.
Instead, it provided a data-driven snapshot of current public-key exposure across Bitcoin’s supply and highlights how improved wallet hygiene and future protocol upgrades could reduce risks.
