Coinbase Quantum Advisory Council: Post-Quantum Migration and Abandoned Coins
TL;DR: Coinbase's Independent Advisory Board on Quantum Computing and Blockchain has published a new short report examining one of the hardest questions that blockchain communities face when considering a post-quantum future: what should happen to vulnerable or abandoned crypto assets that are never migrated to quantum-safe addresses? The report does not advocate for a specific outcome, but outlines the tradeoffs between competing approaches, from burning vulnerable assets to preserving existing ownership rights, and highlights the need for the crypto ecosystem to begin technical planning and governance discussions now, well before quantum computers become a practical threat.
Our independent Quantum Advisory Council, made up of leading cryptographers and computer scientists from Stanford, UT Austin, the Ethereum Foundation, and beyond, has published a new report analyzing the dilemma regarding what blockchains should do about coins that never get moved to quantum-safe addresses after post-quantum migration. Read the full report here.
Here's what you need to know.
Quantum computers aren't a threat today, but preparation can't wait
No quantum computer can break blockchain cryptography right now. But timelines are uncertain, and the crypto community needs to start preparing now rather than debating exactly when the threat will arrive.
Bitcoin has a unique exposure problem
Roughly 1.7 million Bitcoin sit in old-style addresses (P2PK) where public keys are fully visible, making them directly vulnerable to a future quantum attack. Many of these are believed to be Satoshi's coins or funds whose owners have long since lost their keys. Factor in address reuse across other address types, and approximately 7 million Bitcoin total are currently considered quantum-vulnerable.
The hardest question isn't technical, it's governance
Adding quantum-safe signatures to a blockchain is a solvable engineering problem. The harder question is: what happens to coins that nobody moves before a migration deadline?
The report breaks down the core positions:
Burn them: Set a deadline, and after it passes, quantum-vulnerable coins are permanently frozen. Proponents argue that once the underlying cryptography is broken, those coins no longer have a valid proof of ownership anyway, and leaving them exposed creates real risk of market disruption or exploitation by bad actors
Do nothing: Let owners decide for themselves. Forcing coins to be burned overrides property rights and sets a precedent for network-level interference that conflicts with Bitcoin's core principles
Intermediate approaches: The report outlines several proposals that try to find middle ground, including rate-limiting how many vulnerable coins can move per block, allowing special cryptographic proofs in place of legacy signatures, and letting users pre-commit to migrations without publicly moving funds yet
Two clear recommendations
While the council takes no position on the abandoned coins debate, that's for the community to decide, they are direct about two things:
Start the technical migration work now. The engineering work to support post-quantum signatures is independent of the governance debate and shouldn't wait for it.
Communicate clearly. Users need to know this problem is being taken seriously. Uncertainty is its own risk.
Read the full report here.
- About Yehuda LindellCoinbase
Yehuda Lindell leads the cryptography team at Coinbase and is a professor of Computer Science at Bar-Ilan University (on leave). At Coinbase, Yehuda is responsible for the company’s cryptography design and its strategy around secure multiparty computation (MPC). Yehuda obtained his PhD from the Weizmann Institute of Science in 2002 and spent two years at the IBM T.J. Watson research lab as a postdoctoral fellow in the cryptography research group. Yehuda has carried out extensive research in cryptography, published over 100 scientific articles, and co-authored one of the most widely used textbooks on modern cryptography. Prior to joining Coinbase, Yehuda was the co-founder and CEO of Unbound Security, a company that provided key management and protection solutions based on MPC. Unbound was acquired by Coinbase at the end of 2021.
