A technical debate erupted around X after on-chain analyst Willy Wu published what he called a “dummy guide to quantum security,” urging Bitcoin holders to migrate their coins from tap root addresses (bc1p) to SegWit bc1q or older P2PKH/P2SH formats and avoid spending until post-quantum protection is available.
How to make Bitcoin “quantum secure”
“In the past, it was important to protect the private key (seed phrase). In the coming age of scary quantum computers (BSQC), the public key must also be protected. Basically, BSQC can figure out the private key from the public key. Current taproot addresses (in the latest format) are not secure. These are addresses that start with ‘bc1p’ and have the public key embedded in the address, which is bad,” Wu wrote on November 11th. 11.
His argument hinges on the well-understood distinction between Bitcoin script types. Taproot (P2TR) encodes the public key directly into the output and address, while traditional formats such as P2PKH/P2SH and SegWit P2WPKH hash the public key and only expose it when the coin is spent. This architectural difference will be important in the future when sufficiently powerful quantum computers can derive private keys from published public keys. According to an independent reference, P2TR actually keeps the public key in the output, while P2PKH hides the public key until some time passes.
Woo’s preliminary playbook is straightforward. Move your UTXO to the bc1q (or “1”/”3″) address and continue receiving to that address, but “never send BTC from there” until Bitcoin ships a quantum-resistant upgrade. At that point the owner should move to a time of low congestion to minimize the window in which the public key is exposed in the memory pool. “Send your BTC to a new quantum-secure address when the network is not congested. Doing so will expose your private key for a short period of time, but it is unlikely that BSQC will steal your coins within that short period of time.”
He also warned that P2PK’s “Satoshi-era” output is most at risk, suggesting lost coins with past spending history could be vulnerable. “Satoshi’s 1 million coins using ancient P2PK addresses will be stolen (unless frozen by a future soft fork),” he wrote, adding that cold storage in ETFs, government bonds, and exchanges “could be quantum-resistant if administrators take action” well before a soft fork.
While Woo characterized the industry’s expectations for the arrival of “Q-Day” as “2030 and beyond,” he emphasized that quantum-resistant standards are already being rolled out into the broader crypto space.
Former Bitcoin Core maintainer Jonas Schnelli agreed with the hygiene, but opposed the framework. He called Wu’s plan a smart mitigation plan for unspent coins, saying, “P2PKH provides years of protection, while Taproot releases public keys instantly,” but dismissed the term “quantum secure.”
In Schnelli’s view, the moment any spend is broadcast, “your public key hits the memory pool. A quantum attacker could crack your key and RBF could double spend before the transaction is confirmed (~10 minutes).” Schnelli concluded, “This is a prudent precaution, not a permanent solution.”
At the time of writing, BTC was trading at $104,693.
Featured image created with DALL.E, chart on TradingView.com
editing process for is focused on providing thoroughly researched, accurate, and unbiased content. We adhere to strict sourcing standards, and each page is carefully reviewed by our team of top technology experts and experienced editors. This process ensures the integrity, relevance, and value of your content to your readers.
