--- title: "30% of Bitcoin is exposed to risk. Is your asset safe?" type: "News" locale: "en" url: "https://longbridge.com/en/news/287054906.md" description: "A recent report reveals that 30.2% of issued Bitcoins, approximately 6.04 million coins, have their public keys exposed on-chain, making them vulnerable to potential quantum risks. The risk stems from structural and operational exposures, with some risks being avoidable through better management and technology. Understanding public key exposure is crucial, as it could allow a powerful quantum computer to reverse-engineer private keys, threatening asset security." datetime: "2026-05-20T11:13:47.000Z" locales: - [zh-CN](https://longbridge.com/zh-CN/news/287054906.md) - [en](https://longbridge.com/en/news/287054906.md) - [zh-HK](https://longbridge.com/zh-HK/news/287054906.md) --- # 30% of Bitcoin is exposed to risk. Is your asset safe? **Introduction: A Question You May Never Have Seriously Considered** Bitcoin has always been regarded as the "digital gold" of the digital world, its security built on an unbreakable cryptographic foundation. But have you ever wondered what would happen if a sufficiently powerful quantum computer were to emerge one day? This isn't a scene from a science fiction movie, but a topic that is being seriously discussed by academia and the cryptocurrency field. A recent in-depth research report based on on-chain data has revealed a disturbing reality in the Bitcoin ecosystem: Up to 30.2% of issued Bitcoins (approximately 6.04 million coins) have their public keys exposed on-chain, placing them under potential "quantum risk." And are your assets among them? Key Takeaways: The Risk is Closer Than You Think, But Not Insurmountable. This article will guide you through the fog, revealing three core truths about Bitcoin's quantum risk. 1. The risk has been quantified, not unfounded. Research data shows that the public keys of 6.04 million Bitcoins have been exposed. This is not alarmist, but an objective on-chain fact. 2. The risk is caused by two distinct reasons. It is divided into "structural exposure" (inherent defects) and "operational exposure" (human error). Understanding this is key to solving the problem. 3. Risk is not evenly distributed; some risks are entirely avoidable. The vastly different exposure rates between exchanges and government entities reveal a clear path to reduce risk through optimized management and technological upgrades. Key Question: Is your Bitcoin public key exposed? To understand quantum risk, we need to first understand a core concept: public key exposure. Imagine your Bitcoin address is a "mailbox," and your private key is the only "key" to open that mailbox. In most cases, we only know someone's "mailbox" (address), but we can't see what the "lock" (public key) looks like. However, sometimes when you retrieve something from the mailbox (initiate a transaction), this "lock" is briefly revealed to everyone. The problem is that once this "lock" (public key) is seen, theoretically, a sufficiently powerful quantum computer could use the "Shore algorithm," a universal key, to reverse-engineer your "private key," thereby stealing all the "treasure" in the mailbox. Further Reading: The Shore Algorithm The lock protecting your bank card and WeChat password is called RSA encryption. The key to RSA is the product of two extremely large (tens of thousands of digits) prime numbers. To crack RSA, you need to find these two prime numbers. A traditional computer would need hundreds of millions of years to try all possible prime numbers—more than the universe could ever complete. Therefore, RSA itself is very secure. Scholl's algorithm solves this by not physically breaking down the number (product), but by transforming the problem into "finding the repeating rhythm of the spinning wheel." The process is as follows: 1. Guess any number related to the lock. For example, the lock is "15" (the two prime numbers are 3 and 5), so you guess any number "7". (7 and 15 cannot have a common factor). 2. Find the pattern. We let the number 7 multiply itself repeatedly, then divide it by "15" and find the remainder. You'll find that: 7 to the power of 1 ÷ 15, the remainder is 7; 7 to the power of 2 ÷ 15, the remainder is 4; 7 to the power of 3 ÷ 15, the remainder is 13; 7 to the power of 4 ÷ 15, the remainder is 1; 7 to the power of 5 ÷ 15, the remainder is back to 7... and so on, 7, 4, 13, 1, 7, 4, 13, 1... Infinite loop. The length of this loop is the "repetition rhythm of the lock cylinder." In this example, the loop length is 4. 3. Calculate the password. Knowing that the loop length is 4, divide it by 2 to get 2. Then, using 7 to the power of 2, which is 49, we can do a simple addition and subtraction: 49 + 1 = 50 49 - 1 = 48 Using 50 and 48, we can find the greatest common divisor (GCD) of the lock "15": The GCD of 50 and 15 is 5 The GCD of 48 and 15 is 3 The lock's password, 3 and 5, is thus calculated. You didn't even "try" which two numbers multiplied to equal 15. Most importantly, the Shoer algorithm utilizes quantum superposition in quantum computers, allowing it to simultaneously examine all points on the chain, instantly identifying repetition intervals and thus calculating the password. The key threshold is simple. If your public key is already visible on the chain, your Bitcoin is at risk of being "out of service." Now, let's see how many Bitcoins are in this state. The data is astonishing: A record of 6.04 million Bitcoins "naked." Research institutions have created a "quantum security map" of Bitcoin by analyzing on-chain data. **Safe Zone (69.8%)** Approximately 13.99 million Bitcoins, whose public keys have not yet been exposed on the blockchain, are in a relatively safe "dormant" state. However, this does not mean it is always safe. Once a transaction occurs, it will immediately enter the risk zone. The exposed area (30.2%) has approximately 6.04 million Bitcoins whose public keys have been exposed. This is a huge number, and if maliciously exploited, it could trigger a tsunami in the entire crypto world. The exposed area can be further divided into two distinct parts. **Structural Exposure: 9.6% (1.92 million coins)** This part of Bitcoin is flawed in its design. They use early scripting types (such as P2PK) or modern scripting types (such as Taproot P2TR), which wrote the public key directly on the chain from the beginning of the design. These are like houses with the key hanging outside the door; no matter how careful the owner is, the risk always exists. Among them, the 1.1 million Bitcoins from the Satoshi Nakamoto era are the largest single source of risk. Most of these coins are believed to be lost or held by early whales, making active migration almost impossible, and they may be permanently exposed to risk. The newer Taproot address also has 200,000 exposed Bitcoins, reminding us that even the latest technology is not absolutely secure and requires forward-looking protection solutions (such as BIP-360's P2MR). Operational Exposure: 20.6% (4.12 million Bitcoins) This is a larger source of risk, and one that we can actively control. It stems from an old but fatal problem: address reuse. When you use an address to initiate a transaction, your public key is exposed. If you later transfer Bitcoin to the same address again, those newly transferred Bitcoins are immediately at risk. It's like unlocking a door once and then piling all your valuables behind it. Exchanges are the hardest hit. Of the 4.12 million Bitcoins exposed in the operations, 1.66 million (8.3% of the total supply) were held by exchanges, accounting for 40% of the total exposed supply. \[Image of Bitcoins\] A report card on institutional "quantum security" reveals an interesting phenomenon: the "security awareness" of different entities varies drastically. Among the largest exchanges, Coinbase has only 5% of its balances exposed, while Binance and Bitfinex have relatively higher vulnerable balances, at 85% and 100% respectively, as measured using this method. Besides exchanges, exposure to other well-known entities also exhibits heterogeneity. Fidelity and CashApp have exposures close to 2%, Grayscale is around 50%, while Robinhood and WisdomTree have exposures of 100%. On the other hand, sovereign debt shows almost no public key risk. The quantum risk exposures of the US, UK, and El Salvador are all 0%. The core value of this data lies in refuting the view that "quantum risk is a natural disaster and unavoidable." It proves that operational risk can be significantly reduced through good address management practices and wallet operation standards. The key is not technology, but operational discipline. Action Guide: What to do now? Having read this far, you may feel both worried and hopeful. The following action guide might give you some insight. If you are an individual investor: Please stop reusing addresses immediately! This is the most important and lowest-cost security upgrade you can do. Ensure that the wallet you use automatically generates new addresses (this is a standard feature of modern wallets). Consider cold wallets and multi-signature. Transfer large amounts of assets to hardware wallets and enable multi-signature to increase the difficulty of attacks. Stay informed about industry trends. Follow the progress of standardization proposals such as BIP-360; better solutions may emerge in the future. If you are an exchange or custodian: Audit and migrate immediately. Inventory all addresses and urgently migrate any Bitcoin exposed by operations to secure addresses (such as structurally secure designs like P2WSH+Nested SegWit). Internal training and standardization. The education team adheres to the principle of "addresses never repeating" and has established strict internal operating procedures (SOPs). They explore new technologies such as P2MR. They proactively research and prepare to adopt new standards such as BIP-360 to mitigate structural risks at the code level. In summary, Bitcoin's quantum risk is not a "boy who cried wolf" rumor, but a real problem facing significant investors. However, the risk is not uniform or uncontrollable. For structural problems, we need technological upgrades; for operational problems, we need behavioral changes. The biggest unsolved mystery remains dormant in the cold address containing Satoshi Nakamoto's 1.1 million Bitcoins. The first major challenge of the quantum countdown may not be how to conquer Bitcoin, but rather how to awaken those sleeping whales. Are you ready to embrace the quantum age? ### Related Stocks - [COIN.US](https://longbridge.com/en/quote/COIN.US.md) - [MARA.US](https://longbridge.com/en/quote/MARA.US.md) - [HODL.US](https://longbridge.com/en/quote/HODL.US.md) - [IBIT.US](https://longbridge.com/en/quote/IBIT.US.md) - [ARKB.US](https://longbridge.com/en/quote/ARKB.US.md) - [BTCO.US](https://longbridge.com/en/quote/BTCO.US.md) - [BITO.US](https://longbridge.com/en/quote/BITO.US.md) - [BTCHKD.VAHK](https://longbridge.com/en/quote/BTCHKD.VAHK.md) - [BTCUSD.VAHK](https://longbridge.com/en/quote/BTCUSD.VAHK.md) ## Related News & Research - [Twenty One Capital Outlines Operating Plans to Build the Bitcoin Company | XXI Stock News](https://longbridge.com/en/news/287062741.md) - [Key facts: Zcash Foundation $36.7M; Jain Discloses Stake; Hayes 10% BTC](https://longbridge.com/en/news/287062810.md) - [Moon Inc. Taps BitGo to Scale Bitcoin-Powered Card Products Across Asia | BTGO Stock News](https://longbridge.com/en/news/286482460.md) - [This bitcoin price engine just turned back on](https://longbridge.com/en/news/285977397.md) - [Czech central bank tests Bitcoin in reserve portfolio](https://longbridge.com/en/news/286254225.md)