According to a CoinShares report, the real threat is limited to a small subset of coins. Analysts estimate that approximately 1.6 million BTC—about 8% of the total supply—could theoretically be compromised from Pay-to-Public-Key (P2PK) addresses. Even so, only around 10.2 thousand BTC, concentrated in a narrow set of addresses, would actually be vulnerable, and rapidly selling them would require enormous computational resources.
In most cases, coins are distributed across more than 32,000 addresses; an attack would require breaking each address individually, making a quantum threat extremely slow and economically inefficient at present.
CoinShares emphasizes that such an attack would require quantum computers with millions of qubits. The first “dangerous” devices are not expected to appear before the 2030s, and some estimates suggest a horizon of 10–20 years. Therefore, the risk should be viewed as a long-term engineering challenge: smooth transitions to post-quantum standards are being planned, along with gradual user migration to new address formats (for example, ideas like BIP-360).
The experts’ conclusion: concerns about quantum attacks on Bitcoin are greatly exaggerated. In the coming years, the issue is more likely to play out as a matter of security and the evolution of cryptography rather than an immediate threat to the market.