XRP may be less exposed to quantum threats than bitcoin, experts say
XRP’s design leaves a smaller share of its supply exposed to future quantum attacks than Bitcoin’s, experts said, pointing to additional XRPL features that stand out.
XRP may be less exposed to quantum threats than bitcoin, experts say
XRP’s design leaves a smaller share of its supply exposed to future quantum attacks than Bitcoin’s, experts said, pointing to additional XRPL features that stand out.
XRP may be less exposed to quantum threats than bitcoin
What to know:
Experts say XRP’s design leaves a smaller share of its supply exposed to future quantum attacks than Bitcoin’s, largely because of how public keys are revealed on each network.
XRP’s built-in key-rotation and escrow time-lock features offer additional defenses that bitcoin lacks natively.
Let’s discuss in detail, one step at a time.
The threat
Every major blockchain shares the same fundamental cryptographic features that include a private key, which is the secret password that you never share but use to sign and execute transactions on the distributed ledger.
For this, a public key is mathematically derived, and from that, your wallet address is generated, which you share with others to receive funds.
The quantum vulnerability that everyone is talking about is that a sufficiently powerful machine running the so-called Shor’s algorithm could theoretically reverse-engineer your private key from the exposed public key, draining your funds.
Typically, your public key is exposed to the network when you send a transaction, and when you receive funds, only your address is on-chain. This is why your account activity, whether you have sent funds, makes you quantum vulnerable, not your balance or how long you have held the address.
XRP’s exposure
This week, XRP Ledger’s validator Vet, ran a quantum vulnerability audit of the entire ledger and found that around 300,000 XRP accounts holding 2.4 billion XRP have never sent any funds. They have so far received only funds, meaning their public keys have never been exposed to the network.
These accounts are therefore quantum-safe by default.
However, there are dormant whale accounts that have transacted before and exposed their public keys, but this happened at least 5 years ago. They are essentially exposed and not active. If a quantum computer comes into existence tomorrow, these whales would be in trouble.
Vet found two such accounts on the entire XRP Ledger, and together they hold 21 million XRP. While that sounds a lot, it’s just 0.03% of the circulating supply.
Note that the vulnerability is based on the assumption that they are dormant and not around for “key rotation” – an XRPL feature that lets you swap your signing key without moving funds at all. Think of it this way: You can change the lock on your house (account) without having to move house. This way, your funds stay safe, no send transaction occurs, and anyone holding your old key is locked out of your account.
“The XRP Ledger is account based and allows for signing key rotation. so you can rotate keys that sign on behalf of an account without switching the account. this is obviously not a perfect solution at all and actual quantum resistant algorithms will eventuell be adopted,” Vet said on X.
Technically, this feature is available for everyone, but the problem arises when people are not around to use it – the so-called long dormant accounts, who may have lost keys, passed away, or simply aren’t paying attention. That is what makes them vulnerable.
Mayukha Vadari, staff software engineer at Ripple, pointed to the “escrow feature” as another defense against quantum risk.
He said that funds locked in escrow with a time lock are safe not because of cryptography, but because of logic — a time lock simply prevents withdrawal until a specified time has passed.
“Time locks aren’t hash based either, you just can’t get in until that time has passed (at least not via quantum – you’d need some other bug for that). Yeah that’s true, can’t stop a blackholing – but the attacker is less incentivized to do that because they don’t get the funds,” Vadari said.
How Bitcoin compares
The quantum threat to Bitcoin appears worse than that to XRP for two reasons.
First, the sheer scale. A significant portion of early bitcoin was mined using a format called P2PK, which exposed public keys directly in the transaction output – no spend transaction required. This includes Satoshi Nakamoto’s 1 million BTC, which has never moved. Broadly speaking, estimates of quantum-vulnerable dormant bitcoin range from 2.3 million BTC to as high as 7.8 million BTC. This represents between 11% and 37% of bitcoin’s circulating supply.
All of these are sitting ducks for a potential quantum attacker.
Even holders who recognize the threat and want to protect face a structural problem that XRP holders do not. That’s because Bitcoin’s blockchain lacks a key rotation feature, leaving holders with only one option: move funds to a new address whose public key has never been seen. Funds at that new address are quantum-safe.
However, when you move funds from old to new, the transaction sits in the memory pool (a temporary waiting room) for about 10 minutes. During this time, the public key of the old address is exposed. A sufficiently strong quantum machine can exploit this public key within ten minutes. This risk is still largely theoretical, but it points to bitcoin holders’ relative structural vulnerability.
Most crypto privacy models weaken as blockchain data grows. Encryption-based models like Zcash strengthen. CoinDesk Research maps the five privacy approaches and examines the widening gap.
Why it matters:
As blockchain adoption scales, the metadata available to machine learning models scales with it. Obfuscation-based privacy approaches are structurally degrading as a result. This report provides a comprehensive comparison of all five major crypto privacy architectures and a framework for evaluating which models remain durable as AI capabilities improve.
Lightning Labs CTO Olaoluwa Osuntokun demos a prototype that could prevent millions of wallets from being frozen under a future quantum-defense upgrade
What to know:
Olaoluwa “Roasbeef” Osuntokun, chief technology officer at Lightning Labs, has built a prototype tool meant to rescue ordinary Bitcoin wallets if the network ever activates an emergency quantum-defense upgrade.
The system would let users of vulnerable Taproot and other modern wallets prove they created a wallet using its secret seed,…
