Quantum computing has become one of the hottest topics of late, thanks to Google’s claims that a sufficiently powerful machine could mine existing blockchains with less firepower than initially estimated.
For XRP holders, a nuanced answer, based on expert opinions, is that XRP’s architecture is better positioned than Bitcoin’s. XRP is the digital token running on XRP Ledger (XRPL), which is an open source and decentralized blockchain. Ripple is a financial technology company that co-founded this ledge.
Let’s discuss in detail, one step at a time.
The threat
Every major blockchain shares the same fundamental cryptographic features, including a private key, which is the secret password that you never share but use to sign and execute transactions on the distributed ledger.
For this, a public key is mathematically derived, and from there your wallet address is generated, which you share with others to receive funds.
The quantum vulnerability everyone is talking about is that a powerful enough machine running Shor’s algorithm could theoretically reverse engineer your private key from the exposed public key, thereby draining your funds.
Typically, your public key is exposed to the network when you send a transaction and when you receive funds, only your address is on-chain. This is why your account activity, whether you sent funds, makes you quantumly vulnerable, not your balance or the length of time you have held the address.
The exposure of XRP
This week, XRP Ledger validator Vet conducted a quantum vulnerability audit of the entire ledger and discovered that approximately 300,000 XRP accounts holding 2.4 billion XRP never sent funds. So far, they have only received funds, meaning their public keys have never been exposed to the network.
These accounts are therefore quantum secure by default.
However, there are dormant whale accounts that have already transacted and exposed their public keys, but this happened at least 5 years ago. They are essentially exposed and not active. If a quantum computer is born tomorrow, these whales would be in trouble.
Vet found two such accounts across the entire XRP Ledger, and together they hold 21 million XRP. While that seems like a lot, it only represents 0.03% of the circulating supply.
Note that the vulnerability is based on the assumption that they are inactive and are not available for “key rotation” – an XRPL feature that allows you to swap your signing key without moving any funds at all. Think of it this way: you can change the lock on your house (account) without having to move. This way, your funds remain safe, no sending transactions take place, and anyone with your old key no longer has access to your account.
“The
Technically, this feature is available to everyone, but the problem arises when people aren’t around to use it – so-called long-inactive accounts, who may have lost their keys, died, or simply aren’t paying attention. This is what makes them vulnerable.
Mayukha Vadari, a software engineer at Ripple, highlighted the “custody feature” as another defense against quantum risk.
He said funds locked with a time lock are safe not because of cryptography, but because of logic – a time lock simply prevents withdrawal until a specified time has passed.
“Time locks aren’t hash-based either, you just can’t access them until that timer passes (at least not via quantum – you’d need another bug for that). Yes, that’s true, you can’t stop a blackholing – but the attacker has less incentive to do so because they don’t get the funds,” Vadari said.
How Bitcoin Compares
The quantum threat to Bitcoin appears worse than that to XRP for two reasons.
First of all, the scale of the phenomenon. A significant portion of early bitcoins were mined using a format called P2PK, which exposed public keys directly in the transaction result – no spending transactions were required. This includes Satoshi Nakamoto’s million BTC, which has never moved. Generally speaking, estimates of quantum-vulnerable dormant bitcoin range from 2.3 million BTC to 7.8 million BTC. This represents between 11% and 37% of the circulating bitcoin supply.
All of these are easy targets for a potential quantum attacker.
Even holders who recognize the threat and want to protect themselves face a structural problem that XRP holders do not. This is because the Bitcoin blockchain does not have a key rotation function, leaving holders with only one option: move funds to a new address whose public key has never been seen. The funds at this new address are quantum secure.
However, when you move funds from the old to the new, the transaction remains in the memory pool (a temporary waiting room) for approximately 10 minutes. During this time, the public key of the old address is exposed. A sufficiently powerful quantum machine can exploit this public key in ten minutes. This risk is still largely theoretical, but it reflects the relative structural vulnerability of Bitcoin holders.
That said, note that Bitcoin developers have already initiated several proposals aimed at developing quantum resistance.
