Satoshi's Bitcoin Could Be Stolen – Developer Proposes Emergency Solution

TL;DR

Quantum Computers in Sight – and a Billion-Dollar Fortune at Risk

The discussion about the threat of quantum computers to Bitcoin has long been theoretical. But with faster developments in quantum technology, the tone in the crypto community has become more serious. According to research from the source material, approximately 25 percent of all Bitcoin in circulation is considered potentially vulnerable – around four million BTC. The Human Rights Foundation estimates that 1.72 million BTC in very early address types are particularly susceptible to what are called «long-range quantum attacks,» where the public key is already permanently exposed on the blockchain.

The core of the problem is that older address formats of the Pay-to-Public-Key (P2PK) type – which were used by Bitcoin's anonymous creator Satoshi Nakamoto – store the public key directly on the blockchain. A sufficiently powerful quantum computer could, in principle, use Shor's algorithm to derive the corresponding private key, and thus spend the funds without the owner's consent.

Hourglass V2: One Bitcoin Per Block as a Brake

Bitcoin developer Hunter Beast has presented a proposal called Hourglass V2 in response to this scenario, according to Bitcoinist. The proposal is a further development of an earlier concept and specifically targets P2PK outputs in case quantum attacks compromise them.

The mechanism is concrete: if P2PK addresses are compromised, Hourglass V2 will limit withdrawals from such addresses to a maximum of 1 BTC per block. This equates to approximately 144 BTC per day – significantly lower than the 450 Bitcoin currently supplied to the market daily through block rewards. There are an estimated 45,700 P2PK outputs, and the proponents argue that this approach would spread what could otherwise amount to a week's global trading volume – around 1.7 million BTC – over a minimum of eight months, allowing the market time to absorb the pressure.

Strong Professional Opposition

The proposal is not without criticism. Several prominent voices in the Bitcoin community question both its principles and practical effects.

Undermining the permissionless principle: Perhaps the most fundamental objection is that introducing spending restrictions on specific UTXOs violates Bitcoin's core principle: that whoever possesses a private key has an unconditional right to spend the funds associated with it.

Could give attackers more time: Another point of criticism is that the limit of one Bitcoin per block is estimated to take over 32 years to drain all vulnerable P2PK outputs. Critics argue that this paradoxically gives a quantum actor ample time to systematically attack all remaining P2PK UTXOs, instead of encouraging users to migrate quickly.

Arbitrary limit: The 1 BTC per block limit itself is characterized by several as arbitrary. Alternative proposals include linking the limit to the block reward halving cycle.

Precedent argument in principle: Some warn against the precedent it sets to decide which coins should be «locked,» using the term «in-protocol plunge protection mechanism» – a circuit breaker built into the protocol.

Broader Solution Landscape: From NIST to Three-Phase Migration

Hourglass V2 is far from the only initiative. The American standardization organization NIST finalized three post-quantum algorithms (FIPS 203, 204, and 205) in August 2024 as a basis for future cryptographic standards. For Bitcoin specifically, parallel efforts are underway:

• BIP-360 proposes a three-phase migration where new transactions after three years can only use quantum-resistant address types (P2QRH), with a freezing of unmigrated coins five years after that.
• Blockstream researchers Mikhail Kudinov and Jonas Nick have proposed replacing ECDSA with hash-based signatures.
• BTQ Technologies demonstrated a quantum-resistant Bitcoin implementation with NIST-approved ML-DSA signatures in 2025 and plans a mainnet launch with migration tools in the second quarter of 2026.

Adam Back, CEO of Blockstream, considers the quantum threat 20–40 years away but clarifies to several media outlets that Bitcoin «can adopt post-quantum signatures» and «continue to evolve defensively.» Coinbase analyst David Duong, for his part, has warned that 32.7 percent of the total Bitcoin supply is at risk.

«The time to start thinking about this is now. An even better time would have been yesterday.» – Scott Aaronson, quantum researcher and scientific advisor at StarkWare

Consensus is the Bottleneck Itself

Regardless of which technical solution is chosen, the political and coordination challenge is significant. Bitcoin's decentralized nature requires broad consensus for any protocol change – a process that has historically proven time-consuming and contentious. Introducing restrictions on specific UTXOs, as Hourglass V2 proposes, will require exceptionally strong professional and political support in an environment traditionally very skeptical of any form of centralized intervention in the monetary layer's rules.

The matter is by no means settled, and the debate about what should happen to Satoshi's coins – and millions of other potentially vulnerable Bitcoin – will likely escalate in step with the performance development of quantum computers.