Bitcoin’s quantum risk has been a topic of discussion in the cryptocurrency community, with a focus on exposed public keys and signature security. Recently, BTQ Technologies launched a Bitcoin Quantum testnet, a Bitcoin-like network designed to test post-quantum signatures without touching Bitcoin mainnet governance. The testnet replaces Bitcoin’s current signature scheme with ML-DSA, the module-lattice signature standard for post-quantum security assumptions formalized by the National Institute of Standards and Technology (NIST) as Federal Information Processing Standard (FIPS) 204.
In most Bitcoin quantum threat models, public key disclosure is the key requirement. If a public key is already visible on-chain, a sufficiently powerful future quantum computer could theoretically attempt to recover the corresponding private key offline. This is a concern because a cryptographically relevant quantum computer (CRQC) could run Shor’s algorithm to solve the discrete logarithm problem efficiently enough to derive a private key from a known public key, undermining both the Elliptic Curve Digital Signature Algorithm (ECDSA) and Schnorr-based signing.
BTQ’s Bitcoin Quantum testnet is essentially a fork based on Bitcoin Core that swaps one of Bitcoin’s most important primitives, signatures. The testnet increases the block size limit to 64 mebibytes (MiB) to accommodate the additional transaction data required by ML-DSA signatures, which are approximately 38-72 times larger than ECDSA. The company views the network as a full lifecycle testing ground, supporting wallet creation, transaction signing and verification, and mining, along with basic infrastructure such as a block explorer and mining pool.
The practical value of the testnet is that it turns post-quantum Bitcoin into a performance and coordination experiment. The testnet allows engineers to observe the operational costs of post-quantum signatures, including larger data sets and different limits, in a Bitcoin-like environment, without claiming that Bitcoin is immediately fragile. The testnet is a sandbox for measuring costs and constraints and should not be viewed as evidence that Bitcoin is immediately fragile.
When analysts talk about “legacy BTC risk” in the post-quantum context, they are usually referring to public keys that are already exposed on-chain. A future CRQC capable of running Shor’s algorithm could theoretically use these public keys to derive the corresponding private keys and then generate valid outputs. There are three output types that are immediately vulnerable to widespread attacks, particularly because they place public keys with elliptic curves directly in the locking script (ScriptPubKey): Pay-to-Public-Key (P2PK), Pay-to-Multi-Signature (P2MS), and Pay-to-Taproot (P2TR).
The distribution of these output types is uneven, with P2PK accounting for a tiny portion of today’s unspent transaction outputs (UTXOs), about 0.025%, but locking a disproportionate share of BTC value, about 8.68% or 1,720,747 Bitcoin (BTC). P2MS accounts for about 1,037% of UTXOs, but reportedly only secures about 57 BTC. P2TR is numerically common, about 32.5% of UTXOs, but is small in value, about 0.74% or 146,715 BTC.
Address reuse can also result in what would otherwise be a “spending” disclosure becoming a widespread disclosure, because once a public key appears on the chain, it remains visible. BTQ’s own messaging uses this exposed key frame to argue that the potentially affected pool is large, listing 6.26 million BTC as disclosed. This is one of the reasons the company says it is now worth testing post-quantum signatures in a Bitcoin-like environment.
In the short term, the most concrete work is observability and preparation. Discussions often focus on how Bitcoin’s existing wallet and scripting practices either expose public keys early, as with some older script types, or reduce disclosure by default, as with common wallet behavior that avoids reuse. The second, more practical limitation is capacity, as post-quantum migration would still be a block space and coordination problem.
BTQ’s testnet fits into this area, allowing engineers to observe the operational costs of post-quantum signatures, including larger data sets and different limits, in a Bitcoin-like environment. The testnet is a sandbox for measuring costs and constraints and should not be viewed as evidence that Bitcoin is immediately fragile. For more information, visit https://cointelegraph.com/news/what-btq-s-bitcoin-quantum-testnet-reveals-about-old-btc-risk?utm_source=rss_feed&utm_medium=rss_category_analysis&utm_campaign=rss_partner_inbound
