NASDAQ:MSTR · Strategy (formerly MicroStrategy Incorporated)
Is Strategy Bitcoin quantum-exposed?
Strategy holds 214,246 BTC as of Q1 2025, the largest corporate Bitcoin position by an order of magnitude. The company does not publish address-level proof of reserves, so quantum exposure here is an estimate based on the project-wide distribution of script types and key reuse.
214,246 BTC · AS OF 2025-03-31 · SOURCE: Strategy Q1 2025 10-Q
Three-bucket breakdown
Key visible on-chain (Taproot, reused legacy)
Periodic key exposure via hot-wallet rotation
Hash-only outputs, key hidden until first spend
Custodians
- Coinbase Prime, No public post-quantum migration roadmap as of 2025.
- Fidelity Digital Assets, No public post-quantum migration roadmap as of 2025.
The three-bucket model applied below assumes Strategy's coins are split across script types in roughly the same proportions as the network at large. That puts about 54,000 BTC in the structural bucket, where keys are already visible on-chain, and another 11,000 BTC in the operational bucket, where rotation patterns periodically expose keys. The remaining 150,000 BTC sit in hash-only outputs and are not key-exposed today.
This is not a defect in Strategy's custody. It is the consequence of holding coins at scale through institutional custodians who use a mix of script types, including Taproot, which is exposed by design. Until either Strategy publishes addresses or Coinbase Prime and Fidelity Digital Assets disclose script-type breakdowns, the numbers below are the most honest estimate available.
For investors evaluating mNAV premium, the relevant question is not whether the coins are safe today, secp256k1 is unbroken, but whether the custody stack has a credible path to post-quantum migration before a cryptographically relevant quantum computer arrives. Neither custodian has published one.
FAQ
Is Strategy's Bitcoin at immediate risk?
No. secp256k1 has not been broken and no current computer can do so. The estimate flags the size of the eventual migration problem, not a present-day vulnerability.
Why use a supply-wide estimate instead of real addresses?
Strategy does not publish a proof-of-reserves address list. The supply-wide distribution is the standard fallback, used by Galaxy, Deloitte, and Project Eleven. We label it as an estimate because that is what it is.
What would change the numbers?
Strategy publishing addresses, or its custodians disclosing script-type breakdowns, or a confirmed migration to post-quantum signature schemes for the relevant custody UTXOs.
What this leaves out
secp256k1 is unbroken. This page is about long-horizon migration sizing, not present-day vulnerability. The three-bucket split assumes the company's coins follow the project-wide script-type distribution, which is an approximation. Custodian-specific concentration in Taproot, reused legacy, or hash-only outputs can move the structural bucket by tens of percentage points. The model does not account for multisig quorum exposure, cold-storage rotation cadence, or non-public migration plans.