A technical debate erupted on X after on-chain analyst Willy Woo published what he called a “DUMMIES GUIDE TO BEING QUANTUM SAFE,” urging Bitcoin holders to migrate coins away from Taproot addresses (bc1p) to SegWit bc1q or older P2PKH/P2SH formats and to avoid spending until post-quantum protections are available. How To Make Bitcoin “Quantum-Safe” “In the past it was about protecting your PRIVATE KEY (your seed phrase). In the age of big scary quantum computers (BSQC) that are coming, you need to protect your PUBLIC KEY also. Basically a BSQC can figure out your private key from a public key. The present day taproot addresses (the latest format) are NOT safe, these are addresses starting with “bc1p” and they embed the public key into the address, not good,” Woo wrote on Nov. 11. His argument hinges on a well-understood distinction in Bitcoin script types: Taproot (P2TR) encodes a public key directly in the output and address, while legacy formats like P2PKH/P2SH and SegWit P2WPKH hash the public key and reveal it only when coins are spent. That architectural difference matters in a future where a sufficiently powerful quantum computer could derive a private key from a revealed public key. Independent references note that P2TR indeed carries a public key in the output, whereas P2PKH conceals it until spend time. Woo’s interim playbook is blunt: move UTXOs to bc1q (or “1”/“3”) addresses, continue receiving to that address, but “NEVER send BTC out of it” until Bitcoin ships a quantum-resistant upgrade —at which point holders should move during low congestion, minimizing the window in which a public key is exposed in the mempool: “Send your BTC into the new quantum safe address when the network is NOT congested, once you send, you reveal the private key for a short time. It’s unlikely a BSQC will steal your coins in that short window.” He also warned that P2PK “Satoshi-era” outputs are most at risk and suggested that lost coins with prior spending history could be vulnerable. “ Satoshi’s 1M coins using an ancient P2PK address will be stolen (unless a future softfork freezes them),” he wrote, adding that ETFs, treasuries, and exchange cold storage “can be quantum resistant if the custodians take action” well before any soft fork. Woo characterized industry expectations as “2030 onwards” for the arrival of “Q-Day,” while stressing that standards for quantum resistance are already rolling out across the wider cryptography space. Former Bitcoin Core maintainer Jonas Schnelli agreed with the hygiene but pushed back on the framing. He called Woo’s plan a prudent mitigation for unspent coins—“P2PKH gives you years of protection while Taproot exposes your pubkey immediately”—yet rejected the term “quantum safe.” In Schnelli’s view, the moment any spend is broadcast, “your pubkey hits the mempool. A quantum attacker could crack your key and RBF double-spend before your transaction confirms (~10 minutes).” He concluded: “It’s a smart precaution, not a permanent solution.” At press time, BTC traded at $104,693.
