Coinbase advisory board warns quantum risk to 6.9M BTC

Coinbase’s Independent Advisory Board on Quantum Computing and Blockchain published its first position paper, warning that sufficiently powerful quantum computers could derive private keys and expose digital assets. The paper states current quantum machines do not pose an immediate threat but urges the industry to begin coordinated cryptographic upgrades because decentralized systems take long to change.

The paper identifies wallet-level cryptography as the primary exposure. Digital signatures that link public keys to private keys could be vulnerable if quantum capabilities advance. Core blockchain functions such as mining, hash functions and transaction history are not considered meaningfully at risk by the advisory group.

Coinbase estimates about 6.9 million bitcoins are associated with addresses that have publicly exposed key data. Those holdings and the wallets that control them would face elevated risk if private keys can be derived from public keys.

The report notes proof-of-stake networks add exposure through validator signature schemes. Ethereum has published a structured roadmap for upgrades. Bitcoin developers are exploring improved address formats. Solana, Algorand and Aptos have begun testing or planning quantum-resistant features, and layer-2 platforms such as Optimism have announced transition timelines. Ripple plans cryptographic tests in 2026 and a hybrid approach on the XRP Ledger by 2028.

The advisory board notes quantum-resistant cryptographic methods exist but highlights deployment as the main obstacle. Post-quantum algorithms typically require larger keys and signatures, which can slow transactions and increase storage and bandwidth needs. Migrating millions of users on decentralized networks will require coordinated work by developers, node operators and individual wallet holders.

The paper raises the issue of inactive or lost wallets. Assets controlled by keys that users no longer access would remain exposed unless communities choose to freeze, revoke or leave them unchanged, a decision that could create governance and technical challenges.

The advisory board cites research estimating that roughly 500,000 physical qubits could enable an attacker to derive a private key from a public key in minutes. Coinbase is building systems designed to adapt to new cryptographic standards and is engaging with industry participants to support coordinated upgrades.

The paper concludes that protecting exposed wallets before advanced quantum hardware becomes available will require broad collaboration, early planning and practical migration strategies.