Galaxy Warns Quantum Leap Could Expose 7M BTC, Developers Race to Deploy Protections - Crypto Economy

TL;DR:

• A Galaxy report reveals that approximately 7 million BTC, around $470 billion, remain vulnerable to future quantum attacks.
• Exposed public keys on-chain, belonging to early users and those who reuse addresses, face the greatest risk.
• Developers are working on solutions such as BIP 360, SPHINCS+ signatures and the “hourglass” mechanism to mitigate a potential quantum threat to Bitcoin.

The research firm Galaxy published a report updating the status of the quantum threat to Bitcoin and detailing the technical defenses that developers are actively building. Although the threat is not imminent, the document warns that a cryptographically relevant quantum computer (CRQC) running Shor’s algorithm could derive a user’s private key from their exposed public key, allowing an attacker to forge signatures and steal funds.

The report acknowledges criticism from some sectors of the industry toward Bitcoin Core developers for moving too slowly in the face of advancing quantum computing. Nevertheless, it argues that defensive strategies are already in active development.


The Most Exposed Funds

Bitcoin’s architecture offers a natural defense for most users: public keys remain hidden behind hashed addresses until the exact moment the coins are spent. The problem lies with funds where that key has already been revealed on-chain.

According to estimates from the security group Project Eleven, approximately 7 million BTC, equivalent to around $470 billion at current prices, sit in wallets with already-exposed public keys. These funds belong primarily to early adopters and users who reused addresses, a practice that leaves the public key visible ahead of any future spending.


Galaxy: A Technical Arsenal Under Construction

The Galaxy report details four proposals advancing within the Bitcoin development pipeline. The first is BIP 360, also known as Pay-to-Merkle-Root, a soft fork proposal that introduces quantum-resistant P2MR outputs. The second is the “hourglass” proposal, designed to limit the spending rate of legacy P2PK outputs—for example, to 1 BTC per block—with the goal of preventing a supply shock that could collapse the market if a malicious actor gained mass access to those funds.

The other two initiatives are SPHINCS+, a hash-based post-quantum signature scheme recently standardized by NIST, and the “reveal emergency backstop” mechanism, which would require users to publish a compact hash commitment before broadcasting their actual spend, adding a layer of preventive protection.

The consensus emerging from the Galaxy report is clear: the risk exists, the oldest funds are the most exposed, and the tools to neutralize the threat are being forged before that threat materializes.