What if quantum computers target Satoshi Nakamoto's Bitcoin?

The biggest risk to Bitcoin may not be the Federal Reserve, regulation, or even quantum computers themselves.

It’s a person who has been gone for over a decade.

Because if the quantum era truly arrives, the hardest thing to handle won’t be ordinary users’ wallets, but the batch of Bitcoin left by Satoshi Nakamoto. Public keys are permanently inscribed on the chain, the holders’ lives and deaths are unknown, and the whereabouts of private keys are unknowable. Valued at hundreds of billions of dollars, sleeping for seventeen years, never moved a Satoshi.

What’s more troublesome is: whether these coins move or not, Bitcoin will face a question no one wants to answer. And, part of this question cannot be solved by technology.

The real danger isn’t all addresses

Many people mistakenly believe that once quantum computers appear, all Bitcoin will immediately become invalid.

That’s not true. The security of Bitcoin private keys is based on the assumption that “it’s computationally infeasible to derive the private key from the public key.” The threat of quantum computers is to break this assumption using Shor’s algorithm. But the key point is— to run Shor’s algorithm, an attacker must first obtain the public key.

And Bitcoin addresses are essentially hashes of public keys. Under normal circumstances, public keys do not appear directly on the chain; they are only exposed when a user initiates a transaction and submits a signature.

So, the real danger lies in addresses whose public keys have already been revealed.

The highest risk is associated with early Bitcoin outputs widely used in the P2PK format. In this structure, the full public key is permanently written into the blockchain from the moment of creation. Attackers don’t need to wait for the holder to initiate a transaction; they can directly attempt to reverse-engineer the private key—without any buffer period.

By 2026, researchers from Google, Stanford, and the Ethereum Foundation estimate that over 1.7 million Bitcoins are still locked with P2PK addresses.

And the most sensitive part of these are assets held by the early mining addresses—often referred to as “suspected Satoshi / Patoshi miner” holdings.

According to analysis, under cautious estimates, the early dominant miner accumulated about 600,000 to 700k BTC; with some uncertain attributions, a broader estimate approaches 1 million BTC. A significant portion of these assets use the P2PK format, with public keys fully exposed on the chain over a decade ago.

Thus, a seemingly cryptographic problem ultimately becomes a question about Satoshi.

Dilemma

Is the biggest risk of Satoshi’s addresses that they will never move? Actually, quite the opposite: moving or not moving both pose problems.

If these seventeen-year-sleeping Bitcoins suddenly move, the market will first face an unanswerable question: who is moving these coins? The real Satoshi? An authorized heir? Or the first successful large-scale quantum attack in history?

If these coins remain static, as quantum computing capabilities grow, they will become the most valuable targets for attackers.

Technically, the protocol still follows the rules: whoever obtains the private key can use the assets. But on the market and belief levels, the impact far exceeds the value of the assets themselves. The core narrative of Bitcoin’s “immutability and absolute ownership” will face its most direct test at this moment.

Why no one can “move” for Satoshi

Many’s first reaction is: since old algorithms are risky, why not upgrade to quantum-resistant algorithms?

The problem is, Bitcoin has no “system upgrade button.”

The U.S. National Institute of Standards and Technology (NIST) officially released the first post-quantum cryptography standards in 2024. The Bitcoin community also has proposed technical solutions—such as QRAMP (Quantum-Resistant Address Migration Protocol)—which aim to set migration windows for users to transfer assets from old addresses to new post-quantum addresses.

For ordinary users, this logic is straightforward: as long as the private key remains, they can proactively complete the migration.

But Bitcoin assets are not stored in “accounts,” but are locked in UTXO scripts. To move these assets, the only way is to provide signatures with the corresponding private keys.

Network nodes do not know your private key. Core developers do not know your private key. Miners do not know. Any automated program does not know.

This isn’t a matter of engineering capability; it’s the fundamental logic of cryptography—this “only the private key holder can use the assets” design makes Bitcoin what it is. Now, the same logic also prevents anyone from migrating Satoshi’s holdings.

For addresses where the public key has not yet been exposed, there is a theoretical path to migrate to a quantum-resistant address, but it requires a hard fork and high community coordination. For P2PK addresses where the public key has already been revealed, this route is impossible.

The assets suspected to belong to Satoshi are precisely in this most difficult-to-handle zone: the public key is fully exposed, but the holder is most likely permanently absent.

Three options for the Bitcoin community

If quantum computing truly becomes a threat, these sleeping assets will eventually need to be addressed. In theory, there are only three options.

Each path demands the Bitcoin community to pay a price it has never paid before.

More than just a technical issue, it’s a business challenge

The impact of quantum threats on Bitcoin will ultimately manifest in very concrete business terms.

For institutional holders, this is a tail risk pricing issue.

In recent years, many publicly listed companies and sovereign wealth funds have begun to include Bitcoin in their balance sheets. One of their core reasons is the narrative of “absolute scarcity, absolute ownership, protocol immutability.” If quantum threats force the community to choose between “modifying the protocol” and “accepting asset theft,” regardless of the outcome, this narrative will be damaged to varying degrees. This risk has almost never been seriously quantified in institutional holdings reports—it’s not like interest rate or liquidity risks that can be hedged; it’s more like a structural hidden risk that the market as a whole tends to overlook.

For exchanges and custodians, this is an infrastructure upgrade that’s inevitable sooner or later.

For mining companies and infrastructure investors, it’s a long-term variable affecting valuation assumptions.

Bitcoin mining’s business model relies on the premise of “protocol stability and predictable rewards.” Once the community initiates major protocol upgrades to counter quantum threats, mining hardware, algorithms, and block rules may all be adjusted. Even if the upgrade is ultimately successful, the uncertainty during the transition period alone can impact the financing costs and long-term returns of mining operations.

And the deepest business question is: who will lead this upgrade?

Bitcoin has no CEO, no board of directors, and no legal entity that can be held accountable or authorized. This design has allowed it to withstand countless political and regulatory pressures over the past fifteen years. But it also means that when tough collective decisions are needed, no one can make the call, and no one is responsible.

A protocol upgrade involving trillions of dollars in assets depends on a consensus formed by globally dispersed developers, miners, and node operators—without legal constraints. This governance structure is almost impossible in traditional business logic—but Bitcoin has operated on this model for fifteen years.

Can it work again?

How to handle the legacy of a system without an owner

Apple wouldn’t face this problem. After Jobs’ departure, there’s still a board.

Tencent wouldn’t face this problem. After the founder’s retirement, there’s still management.

But Bitcoin is different. It has a founder. And this founder left behind assets worth hundreds of billions of dollars, then disappeared entirely. No will, no heirs, no legal procedures, and no one even knows if he’s still alive.

Satoshi Nakamoto designed a trustless system—his greatest legacy to the world.

But perhaps even he didn’t expect: seventeen years later, the hardest problem in this system will be the key he left behind.

Bitcoin’s quantum-resistant migration is never about “whether it can be done.” The real question is: when technology, property rights, and commercial beliefs collide, how will a system without an owner handle its owner’s legacy?

The answer may be more worth paying attention to than quantum computers themselves.

What do you think? If the quantum era truly arrives, which path do you believe the Bitcoin community will ultimately choose? Share your judgment in the comments.