- Nearly a third of all bitcoins mined now have publicly visible keys on-chain, meaning exposure can be measured if quantum computers are able to crack existing encryption.
- Approximately 6.04 million Bitcoins are in the “exposed” category, and approximately 13.99 million Bitcoins are “protected” because their public keys remain hidden.
- Bitcoin’s exposure to quantum is dynamic, and varies widely based on how senior custodians handle quantum wallet cleanliness before quantum technology becomes mature.
According to a new report from On-chain analytics company Glassnoderoughly a third of all bitcoins ever minted are held in wallet structures where the underlying public key is now exposed on the blockchain — exactly the condition that would make them vulnerable if a powerful quantum computer emerged.
This number is divided into two distinct problems with very different treatments.
The 30% number and what it actually means
The first and most important issue is a technical issue. all Bitcoin address He has a special key that ultimately controls him. The public key is the counterpart to this cryptographic element; It enables the network to validate transactions without the secret key. Given current assumptions in computing, it would not be useful to know someone’s public key. It is practically impossible to reconstruct the private key from it.
This changes all that with quantum computing. In theory, Shor’s algorithm could be used to work backwards from a public key to its private key if it was run on a quantum machine with sufficient processing power. So the crucial question in Glassnode analysis is a simple one: Has the public key actually appeared on the chain? If so, the currency is subject to a measurable exposure in this context. If the answer is no, it’s not – at least not yet.
Using the same criteria, no Bitcoin Which is now exposed to 6.04 million. There are also 13.99 million Bitcoins remaining, representing approximately 70% of the total supply, which have no visibility to the public key at rest.
Not all exposure is equal
These 6.04M are divided into two categories: structural exposure and operational exposure, each of which will have a completely different means of resolution or, in some cases, no means of resolution at all.
The structural exposure represents 1.92 million BTC or 9.6% of the total issuance. These are coins in output types where the public key is revealed by design, regardless of how carefully the owner manages his wallet. The oldest layer here is the P2PK output from the Satoshi era, the oldest type of transaction used by Bitcoin, where the public key is only present in the output script. These coins are believed to be minted by Satoshi Nakamoto and early miners. If these coins are lost or become permanently inactive, they cannot be migrated to more secure address types. Until these issues are resolved by the Bitcoin protocol, they will be exposed forever.
Taproot is the latest wrinkle in this category, which was added to Bitcoin in 2021. Taproot is a major technical advancement that has enhanced Bitcoin’s privacy and scripting features and is generally viewed as a positive advancement. But in the Glassnode model, the Taproot output key is structurally exposed because it appears on-chain by default. A proposed new standard, BIP-360, which adds Pay-to-Merkle-Root output, is being developed in part to solve this problem – but it does not automatically protect existing Taproot balances and does not represent a complete solution to the post-quantum problem.
Operating exposure represents the largest portion at 4.12 million BTC or 20.6% of supply, more than double the structural figure. The wallet behavior, not the script design, is the vulnerability. Other output types, such as P2PKH and P2WPKH, still hide the public keys behind cryptographic hashes, but the coins remain intact. The problem is that if the address is used after spending. When you sign a transaction, the public key becomes public. If any balance remains associated with that address after that — or if that key is used again in any subsequent transactions — the public key will now be visible forever. The coin falls into the category of open coins and remains in this category.
Exchanges are the largest source that can be identified
Balances held on the stock exchange constitute the largest disaggregated subgroup in the operational exposure group. According to Glassnode data, the value of Bitcoin linked to the exchange is 1.66 million coins, about 8.3% of the total supply, or about 40% of the total operationally exposed Bitcoin. What’s even more surprising is the relative number: nearly half of all bitcoins registered and held on exchanges fall into the shorted category, compared to less than 30% for non-exchange supply.
This division by exchange is very variable. The percentage of classified balances at Coinbase is only 5%, which indicates systematic address management practices. Binance comes in at 85% exposed. Bitfinex offers 100% exposure across its categorized balances under this methodology. Others include bitFlyer with 2% interest and Robinhood and WisdomTree with 100% interest. Grayscale is about 50%.
This is a different situation for sovereign holders. It serves as a stark reminder of the differences between portfolio hygiene in the US government and exchange-traded facilities, given that the UK government and El Salvador have also demonstrated effective zero-quantity exposure on classified properties.
The direction of the exchanges is visible from the trend line. The percentage of exchanges reporting operating secure structures was about 55% in 2018. This percentage has now fallen to about 45% by 2026. The trend has been consistent and gradual, driven by the compounding effect of address reuse across years of high transaction volume.
Quantitative exposure to Bitcoin remains a dynamic measure
Glassnode is clear that this research does not calculate the probability of an attack, but rather sets a timeline for an attack Quantity Hacking, or determining the security position of any guardian. It maps out what public keys are visible today.
The numbers should also be interpreted with knowledge of the difference between resting exposure and spending exposure. This dataset only includes coins that are already in exposed output. It does not address the distinct problem of seeing the public key when a transaction is broadcast, which falls into another category of risk and another category of mitigation requirements.
The data allows entity-level comparison and trend monitoring. The exposure category is not fixed, but can be reduced. Exchanges and custodians that adopt more stringent address rotation, key changes, and asset migration to less exposed output types can reduce their measurable exposure without any protocol-level change. The structural category is more challenging. They are coins from the Satoshi era and have no owner acting on their behalf, and there is no mechanism on the network to move these coins.
The number will be 6.04 million dynamic. Structural exposure increases gradually with each new adoption of Taproot. Any reuse of address in an active exchange wallet increases operational risk. Whether this number increases or decreases over time depends largely on who is the biggest custodian of the industry’s approach to cleanliness: as infrastructure maintenance or as a secondary priority.
conclusion
The data does not predict a quantum attack: it represents an attack surface that already exists. Nearly a third of the total supply of Bitcoin is exposed with its public key visible, and the majority of this exposure comes from wallet practices that can be easily avoided by active and identifiable institutions. There is no final solution to the structural piece (satoshis and keys that have been put to sleep). The operational widget does that. The question remains whether exchanges will respond before quantum computing makes such action necessary.
