BTCQ

Bitcoin address quantum risk checker

Paste a Bitcoin address or txid:vout output reference to see whether its spend history or script type likely exposes key material on-chain. The lookup runs from your browser directly to a public Esplora API, not through this app's backend.

  • Client-side lookup
  • No wallet connection
  • This site does not proxy or store address lookups
Examples

Enter one or more addresses or output references to begin.

Assessment

Waiting for input

No result yet

The checker will classify each entry, inspect public stats, and explain the likely quantum exposure profile.

Tier guide

  • Tier 1–2 P2PK or spent address — key material exposed.
  • Tier 3 Taproot — output key committed on-chain.
  • Tier 4 Receive-only P2PKH/P2WPKH — safer.
  • Tier 5 P2SH or unknown — needs deeper review.

Privacy model

This frontend has no backend. Your browser calls the selected public API directly. The API provider, your browser, and your network path can still observe that request.

Important nuance

Quantum risk depends on script design, whether an address has spent, and future cryptanalytic capability. This app reports a practical, conservative interpretation, not a prediction.

Read the scoring methodology

Why this matters

On March 31, 2026, Google Quantum AI published research showing Bitcoin's elliptic-curve cryptography (ECDSA) could be broken with significantly fewer qubits than previously estimated — around 500,000 physical qubits versus prior estimates of millions. Bitcoin's Taproot upgrade was cited as inadvertently widening the exposed pool by making public keys visible on-chain by default.

Any address where the public key has already appeared on-chain — either because it used P2PK format, or because it has ever sent a transaction — can have its private key derived by a sufficiently powerful quantum computer running Shor's algorithm. No such machine exists today, but the timeline is moving faster than expected.

Scale of exposure

SourceBTC at riskEst. USD
Chaincode Labs 20256.26M BTC~$650–750B
Coinbase analyst6.51M BTC~$435B
Ark Invest / Unchained6.9M BTC (35% of supply)~$461B
CoinDesk / CryptoQuant~7M BTC (incl. Satoshi's 1M)~$468B

Consensus range: 6–7 million BTC, roughly a third of circulating supply.

Historical price impact of large hacks

EventBTC involvedPrice drop
Mt. Gox (Feb 2014)~740,000 BTC−22% day 1, −36% over 6 weeks
Bitfinex (Aug 2016)~120,000 BTC−23%
Bybit (Feb 2025)$1.5B equiv.−2.1% (market matured)

Academic consensus: large-volume thefts produce statistically significant short-term price drops. Mass exploitation of 6M+ BTC has no historical precedent.

Timeline

  • Now (2026): No quantum computer capable of this attack exists. Current hardware has far too many logical errors.
  • March 2026: BIP-360 (post-quantum P2QRH address format) went live on Bitcoin testnet.
  • 2029: Google's internal deadline for its own post-quantum migration — not a prediction that a capable machine will exist, but a planning horizon.
  • 2029–2035: Earliest plausible window cited by most analysts for a cryptographically-relevant quantum computer.
  • 10–40 years: The wider credible range from security researchers. Uncertainty is high.

The core risk is the coordination problem: migrating a decentralized global protocol takes years, and there is no central authority to respond on a short timeline.