David Duong cited research showing 6.51 million BTC at risk, with address reuse responsible for 70% of vulnerable coins.
By Zoran Spirkovski
Editor Hamza Tariq
Updated
3 mins read
David Duong, Global Head of Investment Research at Coinbase, warned on Jan. 5 that approximately 32.7% of the total Bitcoin BTC $91 846 24h volatility: 1.8% Market cap: $1.83 T Vol. 24h: $61.22 B supply faces potential vulnerability to future quantum computing attacks.
Quantum computers, which use advanced physics to solve problems far faster than traditional machines, could eventually break the math that secures Bitcoin wallets.
Duong’s analysis identified 6.51 million BTC that could be at risk.
Duong cited research from Project 11, a cryptocurrency security research initiative, in his LinkedIn analysis.
According to Project 11 data, almost 70% of vulnerable Bitcoin comes from address reuse. When users spend from the same wallet address multiple times, they reveal security information that quantum computers could exploit.
Nearly 7 million Bitcoin face risks from quantum attacks. | Source: Project 11
Awareness of the issue remains relatively low, but some accounts on X are actively monitoring at-risk coins. The Quantum Vulnerable Bitcoin Tracker Bot continually tracks movements to vulnerable addresses.
💥 6,757 BTC transferred to a quantum-vulnerable address 😬.
Reason: funds transferred to a re-used P2WPKH address. https://t.co/dguGpPSxVP— Quantum Vulnerable Bitcoin Tracker Bot (@quantum_tracker) January 5, 2026
The Coinbase executive described upgrading Bitcoin’s security as the central challenge. Duong noted that quantum mining remains a lower-priority concern given current hardware limitations.
BlackRock added expanded quantum computing risk language to its iShares Bitcoin Trust amended prospectus filed on May 9, 2025.
The disclosure marked the largest spot Bitcoin investment fund acknowledging quantum threats as a risk factor for investors, according to Bloomberg Intelligence analyst James Seyffart. Seyffart characterized the disclosure as standard risk language rather than an imminent warning.
Was also an amended filing for the iShares Bitcoin ETF — $IBIT. It already had similar in-kind like above language added in early February
But one change was a bunch of new language added regarding the risks from Quantum computing. First image is new paragraph. 2nd is old👀 pic.twitter.com/VJszHFtcRi
— James Seyffart (@JSeyff) May 9, 2025
Federal guidance from NIST, the U.S. standards agency, has set 2035 as the deadline for migrating government systems away from quantum-vulnerable security methods, according to NIST documentation.
Industry figures remain divided on urgency. Blockstream CEO Adam Back has described the threat as likely 20 to 40 years away.
Probably not for 20-40 years, if then. And there are quantum secure signatures, NIST standardized SLH-DSA last year. Bitcoin can add over time, as the evaluation continues and be quantum ready, long before cryptographically relevant quantum computers arrive.
— Adam Back (@adam3us) November 15, 2025
In a Jan. 5 post on X, Back suggested thinking about quantum threats similarly to how the community would handle a hypothetical security flaw in existing algorithms.
For post quantum handling, if CRPQ come to be, a useful model would be to think about a security slip in an algorithm like rimemd160+ecdsa and how that would be handled. A problem for a hypothetical future CRPQ in some decades, to be sure, but for the how to handle question.
— Adam Back (@adam3us) January 5, 2026
Casa co-founder Jameson Lopp has stated that preparing Bitcoin for quantum resistance could take five to ten years.
Strategy chairman Michael Saylor has argued that quantum computing will strengthen Bitcoin rather than threaten it, suggesting the network will upgrade and harden its defenses.
Pierre-Luc Dallaire-Demers, a quantum computing researcher at the University of Calgary, provided a more aggressive estimate of approximately five years before the threat materializes.
Current quantum computers operate with roughly 105 units of computing power called qubits. A 2022 study by Universal Quantum and the University of Sussex estimated that breaking a Bitcoin private key would require 13 million qubits, according to AVS Quantum Science research.
Bitcoin developers have responded with a proposed upgrade to add quantum-resistant security. The proposal remains in the draft stage with testing underway. Other blockchain networks are also preparing for quantum threats through privacy upgrades.
Some observers have compared quantum vulnerability to traditional security risks like bank PIN codes.
Bankers: “Quantum computing is a threat to Bitcoin.”
Bitcoin: pic.twitter.com/k1ZpghV0OI
— Bitcoin Teddy (@Bitcoin_Teddy) January 1, 2026
However, this comparison has limitations. Bitcoin operates as a permissionless platform, meaning access cannot be revoked once obtained by an attacker.
Unlike bank PIN codes, which can be changed and require time to process payments, Bitcoin transactions are instant and irrevocable. Once a private key is compromised, there is no recovery mechanism.
Duong’s analysis represents the first installment in a planned series examining quantum threats to cryptocurrency.
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.
As a Web3 marketing strategist and former CMO of DuckDAO, Zoran Spirkovski translates complex crypto concepts into compelling narratives that drive growth. With a background in crypto journalism, he excels in developing go-to-market strategies for DeFi, L2, and GameFi projects.
