Quantum computing has become one of the hottest topics lately, thanks to Google saying that a sufficiently powerful machine could exploit legacy blockchains with less firepower than initially estimated.
For XRP holders, a nuanced answer, based on expert opinions, is that XRP’s architecture is better positioned than Bitcoin’s. XRP is the digital token that operates on the XRP Ledger (XRPL), which is an open source decentralized blockchain. Ripple is a financial technology company that co-founded this platform.
Let’s analyze in detail, step by step.
the threat
All major blockchains share the same fundamental cryptographic features including a private key, which is the secret password that is never shared but is used to sign and execute transactions on the distributed ledger.
For this, a public key is mathematically derived and from there your wallet address is generated, which you share with others to receive funds.
The quantum vulnerability everyone is talking about is that a sufficiently powerful machine running the so-called Shor algorithm could, in theory, reverse engineer your private key from the exposed public key, depleting your funds.
Typically, your public key is exposed to the network when you send a transaction and when you receive funds, only your address is on the chain. That’s why your account activity, whether you’ve sent funds, makes you quantum vulnerable, not your balance or how long you’ve held the address.
The XRP Expo
This week, XRP Ledger validator Vet performed a quantum vulnerability audit of the entire ledger and found that around 300,000 XRP accounts with 2.4 billion XRP have never sent funds. So far they have only received funds, which means their public keys have never been exposed to the network.
Therefore, these accounts are quantum safe by default.
However, there are dormant whale accounts that have transacted before and exposed their public keys, but this happened at least 5 years ago. They are essentially exposed and not active. If a quantum computer appears tomorrow, these whales would be in trouble.
The vet found two such accounts in the entire XRP ledger, and together they have 21 million XRP. Although it may seem like a lot, it is only 0.03% of the circulating supply.
Note that the vulnerability is based on the assumption that they are inactive and unavailable for “key rotation”, an XRPL feature that allows you to exchange your signing key without moving funds at all. Think of it this way: you can change the lock on your house (account) without having to move. This way, your funds remain safe, no sending transaction occurs, and anyone who has your old key will be locked out of your account.
“The
Technically, this feature is available to everyone, but the problem arises when there are no people available to use it: so-called long-dormant accounts, who may have lost their keys, died, or simply aren’t paying attention. That’s what makes them vulnerable.
Mayukha Vadari, a software engineer at Ripple, pointed to the “escrow feature” as another defense against quantum risk.
He said funds locked in escrow with a time lock are safe not because of cryptography, but because of logic: a time lock simply prevents withdrawal until a specific time has passed.
“Time locks are also not hash-based, you just can’t get in until that time has passed (at least not via quantum; you’d need some other bug for that). Yes, that’s true, you can’t stop a black hole, but the attacker is less incentivized to do so because they don’t get the funds,” Vadari said.
How Bitcoin Compares
The quantum threat to Bitcoin appears worse than that of XRP for two reasons.
First, the enormous scale. A significant portion of early bitcoins were mined using a format called P2PK, which exposed public keys directly in the transaction result, without needing to spend any transactions. This includes Satoshi Nakamoto’s 1 million BTC, which has never been moved. Broadly speaking, estimates of quantum and vulnerable dormant bitcoins range from 2.3 million BTC to 7.8 million BTC. This represents between 11% and 37% of the circulating supply of bitcoin.
These are all easy targets for a potential quantum attacker.
Even holders who recognize the threat and want to protect themselves face a structural problem that XRP holders do not. This is because the Bitcoin blockchain lacks a key rotation feature, leaving holders with only one option: move funds to a new address whose public key has never been seen. Funds at that new address are quantum safe.
However, when you move funds from old to new, the transaction remains in the memory pool (a temporary waiting room) for about 10 minutes. During this time, the public key of the old address is exposed. A sufficiently powerful quantum machine can exploit this public key in ten minutes. This risk remains largely theoretical, but points to the relative structural vulnerability of bitcoin holders.
That said, keep in mind that Bitcoin developers have already initiated several proposals to develop quantum resistance.
