Leading Bitcoin developers proposed earlier this week to freeze 8 million coins to defend against quantum attackers.
But Cardano founder Charles Hoskinson believes he still can’t safeguard coins owned by the network’s pseudonymous creator Satoshi Nakamoto, according to a video posted to his YouTube channel Wednesday evening.
Hoskinson said Bitcoin’s proposed defense against quantum computers is both technically mislabeled and structurally incapable of protecting the network’s oldest coins, including the approximately 1 million bitcoins attributed to Satoshi Nakamoto.
He argued that BIP-361, the proposal by developer Jameson Lopp and others to phase out quantum-vulnerable Bitcoin addresses, is presented as a soft fork but would functionally require a hard fork because it invalidates existing signature schemes that users actively rely on.
“To do that, you need a hard fork,” Hoskinson said. The distinction is important because Bitcoin’s development culture has historically opposed hard forks, viewing them as violations of the network’s immutability. The BIP-361 authors described the proposal as a soft fork, a characterization Hoskinson called a lie.
A soft fork tightens the rules so that old software still works but cannot use new features. A hard fork changes the rules so fundamentally that old software stops working completely and the network splits unless everyone upgrades.
BIP-361 suggests that users with frozen, quantum-vulnerable funds could recover them by constructing a zero-knowledge proof linked to their seed phrase BIP-39, a standard for generating wallet keys from a recoverable phrase.
Hoskinson argued that this approach could not save approximately 1.7 million bitcoins predating the introduction of BIP-39 in 2013, including approximately 1 million coins associated with Satoshi’s early mining activities.
These first coins were generated using a different key derivation method than the original Bitcoin wallet software, which relied on a local key pool rather than a deterministic seed.
There is no seed sentence to prove knowledge, which means that no zero-knowledge recovery system based on this assumption can restore access to the holders.
“1.7 million coins can’t do that. It’s not possible. Of which 1.1 million belong to Satoshi,” Hoskinson said.
If the proposal passes in its current form, these coins will remain permanently frozen regardless of whether their original owners attempt to migrate, because migration would require cryptographic proof which they are unable to provide.
Jameson Lopp, the lead developer who co-wrote BIP-361, acknowledged in an article on
Lopp argued that it would be better to freeze the dormant coins, which he estimates to be 5.6 million bitcoins, than to allow a future quantum attacker to collect them and dump them on the market.
Hoskinson’s broader critique extends beyond technical details. He argues that Bitcoin’s lack of formal on-chain governance leaves the network unable to resolve these tradeoffs through a structured process, forcing controversial upgrades to be negotiated through developer mailing lists and social pressure.
