Treasury Quantum Exposure

How quantum-exposed are public Bitcoin treasury companies?

A per-ticker breakdown of how each company's stack maps to three exposure buckets: keys already visible on-chain, keys periodically exposed by operational rotation, and hash-only outputs that stay protected until first spend.

Companies covered

Methodology

Each company's disclosed BTC holdings are split across three buckets:

• Structural (25%): Taproot and reused legacy outputs. Public key is on-chain.
• Operational (5%): Hot-wallet rotation patterns that periodically expose keys.
• Protected (70%): Hash-only outputs. Public key is not on-chain until first spend.

bucket_btc = holdings × bucket_share

The 25 / 5 / 70 split is the project-wide distribution used by Galaxy, Deloitte, and Project Eleven for Bitcoin supply analysis. It is applied here as a fallback because no covered company publishes address-level proof of reserves. Where a company publishes an address audit in the future, the basis will switch from SUPPLY ESTIMATE to ADDRESS AUDIT and bucket shares will be recomputed from on-chain data.

What this leaves out

No working quantum computer can break secp256k1. This tool is not a vulnerability scan. It is a sizing exercise for the migration problem each treasury will eventually face. Estimates assume each company's coins are distributed across script types in line with the network at large, which is rarely exactly true. Custodian-specific concentration in any one script type, especially Taproot or reused legacy, can shift the structural bucket by tens of percentage points. The estimates do not account for cold-storage rotation cadence, multisig quorum exposure, or pending migration plans that have not been publicly disclosed.

FAQ

Related tools

• Quantum Exposure Checker, per-address
• mNAV premium stress test
• Harvest-now-decrypt-later timeline
• Can a Bitcoin treasury company go to zero?