Changpeng Zhao has urged the crypto industry to treat quantum computing as a solvable technical challenge rather than a reason for panic. He argued that the right response is not fear, but a deliberate transition toward post-quantum upgrades that can strengthen protocols and future transactions.
That reassurance, however, comes with an important caveat. While newer systems and active wallets can still be adapted, older Bitcoin addresses from the network’s earliest years remain the most vulnerable because their public keys were permanently exposed on-chain.
Saw some people panicking or asking about quantum computing's impact on crypto.
At a high level, all crypto has to do is to upgrade to Quantum-Resistant (Post-Quantum) Algorithms. So, no need to panic. 😂In practice, there are some execution considerations. It's hard to…
— CZ 🔶 BNB (@cz_binance) March 31, 2026
Why legacy Bitcoin remains the weak point
The scale of that legacy exposure is substantial. Estimates cited in the reporting place the vulnerable pool at roughly one-third of all Bitcoin, or about 6.7 million BTC valued near $470 billion, concentrated in older address formats that cannot easily be shielded after the fact.
Zhao’s message was blunt and technical at the same time. “Don’t Panic,” he said, while calling for “post-quantum upgrades,” framing the problem as an engineering issue that can still be addressed through protocol changes and quantum-resistant cryptography. His emphasis was on preparation and upgrade paths, not emergency intervention.
The key risk comes from how early Bitcoin addresses were built and used. Older Pay-to-Public-Key and Pay-to-Public-Key-Hash transactions exposed public keys directly on the blockchain, which means a sufficiently capable quantum computer running Shor’s algorithm could derive the corresponding private keys. That makes the threat more direct than the broader concerns often associated with faster hash searching.
The real challenge is migration, not awareness
The hardest part is that this problem cannot be fixed retroactively for coins whose public keys are already visible. Many of those addresses have been dormant for years, some owners may have lost access to their keys, and moving funds into quantum-resistant formats would require action, coordination, and technical understanding that may never come.
That leaves the industry facing a practical and governance problem as much as a cryptographic one. Bitcoin has no central authority that can force a universal migration, which means the response will depend on voluntary upgrades for active users while the most vulnerable legacy holdings continue to sit exposed.
If quantum hardware advances far enough to run Shor’s algorithm at scale, those old addresses will become the clearest attack surface in the market. That is why the debate is shifting from whether quantum risk exists to how quickly institutions, custodians, and large holders can prepare for it before the technology reaches that point.
