Why Satoshi’s wallet is a prime quantum target
Satoshi’s 1.1-million-BTC wallet is increasingly viewed as a potential quantum vulnerability as researchers assess how advancing computing power could affect early Bitcoin addresses.
Satoshi Nakamoto’s estimated 1.1 million Bitcoin (BTC) is often described as the crypto world’s ultimate “lost treasure.” It sits on the blockchain like a dormant volcano, a digital ghost ship that has not seen an onchain transaction since its creation. This massive stash, worth approximately $67 billion-$124 billion at current market rates, has become a legend.
But for a growing number of cryptographers and physicists, it is also viewed as a multibillion-dollar security risk. The threat is not a hacker, a server breach or a lost password; it is the emergence of an entirely new form of computation: quantum computing.
As quantum machines move from theoretical research labs to powerful working prototypes, they pose a potential threat to existing cryptographic systems. This includes the encryption that protects Satoshi’s coins, the wider Bitcoin network and parts of the global financial infrastructure.
This is not a distant “what if.” The race to build both a quantum computer and a quantum-resistant defense is one of the most critical and well-funded technological efforts of our time. Here is what you need to know.
Why Satoshi’s early wallets are easy quantum targets
Most modern Bitcoin wallets hide the public key until a transaction occurs. Satoshi’s legacy pay-to-public-key (P2PK) addresses do not, and their public keys are permanently exposed onchain.
To understand the threat, it is important to recognize that not all Bitcoin addresses are created equal. The vulnerability lies in the type of address Satoshi used in 2009 and 2010.
Most Bitcoin today is held in pay-to-public-key-hash (P2PKH) addresses, which start with “1,” or in newer SegWit addresses that begin with “bc1.” In these address types, the blockchain does not store the full public key when coins are received; it stores only a hash of the public key, and the actual public key is revealed only when the coins are spent.
Think of it like a bank’s drop box. The address hash is the mail slot; anyone can see it and drop money in. The public key is the locked metal door behind the slot. No one can see the lock or its mechanism. The public key (the “lock”) is only revealed to the network at the one and only moment you decide to spend the coins, at which point your private key “unlocks” it.
Satoshi’s coins, however, are stored in much older P2PK addresses. In this legacy format, there is no hash. The public key itself, the lock in our analogy, is visibly and permanently recorded on the blockchain for everyone to see.
For a classical computer, this does not matter. It is still practically impossible to reverse-engineer a public key to find the corresponding private key. But for a quantum computer, that exposed public key is a detailed blueprint. It is an open invitation to come and pick the lock.
How Shor’s algorithm lets quantum machines break Bitcoin
Bitcoin’s security, Elliptic Curve Digital Signature Algorithm (ECDSA), relies on math that is computationally infeasible for classical computers to reverse. Shor’s algorithm, if run on a sufficiently powerful quantum computer, is designed to break that math.
Bitcoin’s security model is built on ECDSA. Its strength comes from a one-way mathematical assumption. It is easy to multiply a private key by a point on a curve to derive a public key, but it is essentially impossible to take that public key and reverse the process to find the private key. This is known as the Elliptic Curve Discrete Logarithm Problem.
A classical computer has no known way to “divide” this operation. Its only option is brute force, guessing every possible key. The number of possible keys is 2256, a number so vast it exceeds the number of atoms in the known universe. This is why Bitcoin is safe from all classical supercomputers on Earth, now and in the future.
A quantum computer would not guess. It would calculate.
The tool for this is Shor’s algorithm, a theoretical process developed in 1994. On a sufficiently powerful quantum computer, the algorithm can use quantum superposition to find the mathematical patterns, specifically the period, hidden within the elliptic curve problem. It can take an exposed public key and, in a matter of hours or days, reverse-engineer it to find the single private key that created it.
An attacker would not need to hack a server. They could simply harvest the exposed P2PK public keys from the blockchain, feed them into a quantum machine, and wait for the private keys to be returned. Then they could sign a transaction and move Satoshi’s 1.1 million coins.
Did you know? It is estimated that breaking Bitcoin’s encryption would require a machine with about 2,330 stable logical qubits. Because current qubits are noisy and…
cointelegraph.com