Glassnode, the on-chain analytics firm, says some key Bitcoin holders are far more exposed than others to a future quantum-computer risk, with Bitfinex showing 100% of its labeled BTC in addresses where public keys are already visible.
The analytics firm said in a May 19 post on X that 6.04 million BTC, or 30.2% of all issued Bitcoin, already has public keys visible on-chain. In Glassnode's model, those coins are exposed "at rest," meaning the risk exists while the coins are sitting in place, not only when they are being moved.
- Today, exposing a public key isn't enough to steal BTC because normal computers can't realistically work backward from the public key to the private key.
- But a strong enough quantum computer could, in theory, make that possible. So coins whose public keys are already visible would be in a weaker position if that threat ever becomes real.
Glassnode split the exposed supply into two groups. About 1.92 million BTC, or 9.6% of issued supply, is structurally exposed because the address type reveals the public key by design. Another 4.12 million BTC, or 20.6%, is operationally exposed because of address reuse, partial spending or custody behavior.
Exchanges show big gaps
Exchanges account for a large share of the operationally exposed BTC. Glassnode said exchange-related balances represent about 1.66 million BTC, or roughly 40% of that bucket.
Coinbase, the U.S. crypto exchange, had about 5% of labeled BTC exposed under the model, while Binance, the world's largest crypto exchange by trading volume, showed 85%. Bitfinex, the crypto exchange, showed 100%.
- Other platforms were spread across the range. Kraken showed 62%, OKX 23%, Upbit 47%, Bybit 92%, Bithumb 81% and Bitstamp 33%. Gemini, Coincheck, Deribit, Crypto.com and bitcoin.de also showed 100%, while Bitflyer was near 2%.
Outside exchanges, the same split appeared. Fidelity, the asset manager, and Cash App, Block's payments app, were near 2%. Grayscale, the crypto asset manager, was around 52%. Robinhood, the brokerage app, and WisdomTree, the asset manager, also showed 100%.
Government-labeled wallets looked safer in Glassnode's model. The U.S. government, the UK government and El Salvador all showed 0% public-key exposure.
