Bitcoin BIP-361: Developers Propose Freezing 34% of Vulnerable Supply to Stop Quantum Threats

Bitcoin developers proposed BIP-361 on April 15, 2026 — a three-phase plan to freeze all quantum-vulnerable legacy addresses and force the Bitcoin network to migrate toward post-quantum cryptographic standards before the threat of quantum computing becomes an operational reality. The proposal, put forward by Jameson Lopp and five co-authors, represents the most concrete and timeline-specific response yet to one of the most significant long-term security challenges facing the world's leading cryptocurrency. Understanding what bid coin holders and traders need to know about BIP-361, why approximately 34% of Bitcoin's circulating supply is currently exposed to quantum vulnerability, and what the proposed migration timeline means for ordinary Bitcoin holders is essential for anyone with meaningful Bitcoin exposure in 2026.

The urgency behind BIP-361 stems from industry projections that place quantum computers capable of breaking Bitcoin's current cryptographic protections as early as 2027 to 2030. This timeline is not certain, but it is close enough that waiting for the threat to become immediate — as some have argued — would leave the network with insufficient time to execute a safe, orderly migration. The proposal reflects a growing consensus among Bitcoin's core developer community that proactive action now, while the quantum threat is still theoretical, is far preferable to reactive scrambling once a credible quantum attack capability has actually been demonstrated.

What BIP-361 Proposes: A Three-Phase Quantum Migration

BIP-361 builds on earlier work introduced in BIP-360 in February 2026, which proposed a soft fork to introduce a new output type called Pay-to-Merkle-Root (P2MR). This new address format removes the original key path found in legacy Bitcoin addresses that makes public keys vulnerable to quantum computer attacks — specifically, the exposure of public keys in transactions that allows a sufficiently powerful quantum computer to derive the corresponding private key through Shor's algorithm.

The BIP-361 proposal adds a concrete migration timeline with three sequential phases. The first phase prevents users from sending bid coin to older address types deemed quantum-vulnerable. This is not a freeze on existing holdings — it simply means that the network will no longer accept new transactions directed at the vulnerable address formats. The intent is to stop the accumulation of new value in vulnerable addresses while existing holders have time to migrate to the newer, secure P2MR format.

The second phase, proposed to take effect approximately two years after the first, introduces a stricter cutoff. At this point, any wallet still using the old signature style will lose the ability to send Bitcoin at all. This is the most consequential part of the proposal: if exchanges, institutional holders, and individual users have not migrated their holdings to the new wallet format by this deadline, their Bitcoin will become effectively stuck — unable to be moved until the third phase mechanism, if implemented, provides a recovery path.

The third phase — which is not yet confirmed and requires further research and community consensus — would provide a mechanism for holders who missed the second-phase deadline to recover their funds. Without a recovery mechanism, BIP-361 would effectively freeze the Bitcoin holdings of anyone who failed to complete the migration on schedule, raising profound philosophical questions about Bitcoin's property rights guarantees.

Why 34% of Bitcoin's Supply Is Quantum-Vulnerable

The scale of the quantum vulnerability in Bitcoin's existing address infrastructure is more significant than many holders realize. Industry estimates indicate that approximately 34% of Bitcoin's total circulating supply is currently stored in addresses whose security depends on cryptographic assumptions that a sufficiently powerful quantum computer could defeat. This exposure arises from the way legacy Bitcoin address types handle public key disclosure.

In Bitcoin's original design, the public key corresponding to a private key is exposed when a transaction is signed and broadcast to the network. Once the public key is visible on-chain — which happens the first time any Bitcoin is sent from an address — a quantum computer running Shor's algorithm could theoretically derive the private key from the public key, gaining the ability to steal all funds at that address. This vulnerability applies to Pay-to-Public-Key addresses used in Bitcoin's earliest days, including addresses associated with Satoshi Nakamoto's original mining rewards, and to any address from which funds have already been spent.

The 34% figure includes early mining addresses, addresses controlled by long-term holders who have spent from them at least once, and addresses associated with exchanges and institutional custodians using legacy address formats. The proposal's warning that a quantum attack may not be obvious right away adds another dimension of urgency: unlike a visible hack that triggers immediate alarm, a quantum attacker could drain vulnerable addresses gradually and quietly, with enormous quantities of Bitcoin gone before the attack pattern was detected.

The Bitcoin Developer Community's Response

The BIP-361 proposal represents a significant escalation in the formal response to the quantum threat, but it is not the first action taken by the bid coin developer community on this issue. Blockstream Research has already deployed the first transactions on a live Bitcoin sidechain protected by post-quantum cryptography — a demonstration that the technical infrastructure for quantum-resistant Bitcoin transactions already exists and has been validated in a production environment, even if not yet deployed on the Bitcoin mainnet.

Bitcoin governance moves slowly and deliberately by design. Any proposal as consequential as BIP-361 will require extensive community discussion, technical review, and eventual broad consensus among miners, developers, exchanges, and large holders before it can be implemented. The proposal's publication on GitHub is the beginning of a multi-year process, not an imminent deadline. However, the deliberateness of Bitcoin governance is precisely why developers are proposing action now — if the quantum threat materializes in the 2027-2030 timeframe and Bitcoin's slow consensus process requires two to three years to finalize a response, the window for an orderly migration could be very tight or nonexistent.

A clear timeline established years in advance gives all ecosystem participants — wallets, exchanges, institutions, and individual holders — the time to prepare systematically rather than scrambling under crisis conditions. The developers argue that a network-wide upgrade would also make the whole ecosystem more resilient against future attacks and reduce uncertainty over Bitcoin's long-term security, while a clear timeline would align everyone in the ecosystem to prepare in advance rather than reacting during a crisis.

What Bitcoin Holders Need to Do Now

For ordinary bid coin holders, BIP-361 creates a clear and time-sensitive action item: migrate any Bitcoin holdings from legacy address formats to newer, quantum-resistant address types before the Phase 2 deadline. The practical implications depend significantly on where and how your Bitcoin is stored.

Bitcoin held on major exchanges is the most straightforward case. Exchanges are responsible for the security and address format of the custodial wallets they use for client funds. Once BIP-361 implementation moves forward, major exchanges will face strong incentives to migrate their infrastructure — both to protect customers' holdings and to avoid the reputational and legal consequences of being responsible for BTC that becomes locked due to delayed migration. Holders on custodial exchanges should monitor platform communications about quantum migration plans.

Bitcoin held in self-custody requires more active management. If your Bitcoin is stored in a legacy wallet format — particularly an older wallet created using P2PK or similar early address types — the prudent action is to move those funds to a modern wallet that supports quantum-resistant address formats as they become available. The migration does not need to happen immediately, but establishing a plan and tracking the BIP-361 implementation timeline is the responsible approach for any holder with significant Bitcoin in legacy addresses.

BYDFi's Role in the Bitcoin Ecosystem

For traders and investors who access Bitcoin through an exchange, BYDFi's spot market provides direct bid coin exposure with deep liquidity and competitive fees, giving traders the ability to build and manage Bitcoin positions with precision. Whether you are accumulating Bitcoin in anticipation of the scarcity increase that would result from permanently locking quantum-vulnerable addresses — a potential long-term supply shock that would reduce effective circulating supply substantially — or trading the near-term price volatility that BIP-361 news creates as the community debates its implementation, BYDFi's trading infrastructure supports both approaches.

For traders who want leveraged exposure to Bitcoin's quantum migration narrative, BYDFi's perpetual futures market provides positions with up to 200x leverage and full stop-loss and take-profit functionality. BIP-361 is a fundamentally bullish long-term catalyst: increased scarcity from locked addresses combined with improved security from post-quantum cryptography strengthens the asset's value proposition for institutional investors who require confidence in long-term security guarantees.

The philosophical dimension of BIP-361 also raises fundamental questions about Bitcoin's property rights guarantees that will shape the community's governance dynamics for years to come. Bitcoin's resilience as an asset class has always derived from its ability to adapt its implementation while maintaining its core properties — fixed supply, censorship resistance, and self-sovereign custody. BIP-361 represents the latest test of that adaptability. For investors and traders who care about Bitcoin's long-term trajectory, following this debate closely is one of the most important ways to stay informed about the fundamental forces shaping the future of the world's leading cryptocurrency. Create a free account today and trade Bitcoin with the security, liquidity, and platform reliability that BYDFi's institutional-grade infrastructure provides.

FAQ

What is Bitcoin BIP-361 and what does it do?

BIP-361 is a Bitcoin Improvement Proposal published in April 2026 by Jameson Lopp and five co-authors that proposes a three-phase migration away from quantum-vulnerable legacy Bitcoin addresses. The first phase would prevent new transactions from being sent to older address formats. The second phase, proposed approximately two years later, would freeze the ability to send Bitcoin from any wallet still using legacy signature formats. A potential third phase under discussion would provide a recovery mechanism for holders who missed the migration deadline. The proposal builds on BIP-360's introduction of the Pay-to-Merkle-Root address format, which removes the public key exposure that makes legacy addresses vulnerable to quantum computer attacks.

How much Bitcoin is at risk from quantum computers?

Industry estimates indicate that approximately 34% of Bitcoin's circulating supply is stored in addresses that are vulnerable to quantum computer attacks. These are primarily Pay-to-Public-Key addresses from Bitcoin's early days — including addresses associated with Satoshi Nakamoto's original mining rewards — and addresses from which funds have been previously spent, which exposed the corresponding public key in the spending transaction. Once a public key is visible on-chain, a sufficiently powerful quantum computer running Shor's algorithm could theoretically derive the private key and steal the funds. Addresses in SegWit format where public keys are not exposed until spending are less immediately vulnerable.

When could quantum computers break Bitcoin's security?

Industry projections place quantum computers capable of breaking Bitcoin's current cryptographic protections as early as 2027 to 2030, though significant uncertainty remains around these timelines. The projections are based on estimates of quantum hardware development trajectories from major research programs. The Bitcoin developer community's concern is that waiting until a credible quantum attack capability has been demonstrated before beginning a migration would leave insufficient time for an orderly transition, which is why BIP-361 proposes a proactive timeline established well in advance of the threat becoming operational.

What is Pay-to-Merkle-Root and why does it protect against quantum attacks?

Pay-to-Merkle-Root (P2MR) is a new Bitcoin address type proposed in BIP-360 that eliminates the original key path found in legacy Bitcoin addresses. The key path in legacy addresses allows the underlying public key to be derived from on-chain data, which is the vulnerability that quantum computers could exploit using Shor's algorithm to derive private keys from public keys. P2MR removes this exposure by using a Merkle tree structure that conceals the underlying cryptographic material. Transactions signed with P2MR use post-quantum cryptographic algorithms designed to be computationally infeasible for quantum computers to break, even with the cryptographic capabilities that quantum hardware is projected to achieve by 2030.

What should Bitcoin holders do about BIP-361?

The immediate practical step for Bitcoin holders is to understand what address formats their Bitcoin is currently stored in and whether those formats are in the quantum-vulnerable category. Bitcoin held in major exchanges is managed by the exchange's custody infrastructure, and holders should monitor their exchange's communications about plans to migrate to quantum-resistant address formats. Bitcoin held in self-custody should be reviewed to determine whether the wallet software supports P2MR or other quantum-resistant address types. The BIP-361 proposal is in early discussion stages and not yet an imminent implementation, but establishing a migration plan now — rather than waiting until deadlines approach — is the prudent approach for any holder with significant Bitcoin in legacy addresses.