Overview
- Citi warned on May 18 that advances in quantum computing have shortened the timeline for a practical attack and that Bitcoin is relatively vulnerable because protocol upgrades require broad consensus.
- Glassnode’s May 20 report quantifies the exposure as roughly 6.04 million BTC, or 30.2% of issued supply, split into 1.92 million BTC structurally exposed and 4.12 million BTC operationally exposed.
- Operational exposure is driven by address reuse and leftover balances after spending, and Glassnode ties about 1.63–1.66 million BTC of that exposure to exchange custody.
- Custody practices vary widely: labeled data show Coinbase with about 5% exposed balances while Binance and Bitfinex appear highly exposed under Glassnode’s methodology, indicating address hygiene can cut risk now.
- Industry and standards responses are beginning but incomplete: NIST post-quantum standards exist, banks and wallet projects are piloting quantum-safe approaches, and Bitcoin BIPs for migration remain under development and would take years to deploy.