Share

Stop #295 - Quantum Collectivism

By Federico Rivi April 18, 2026
Six developers sign BIP-361 to freeze bitcoins potentially vulnerable to the future quantum threat. A senseless precedent that Bitcoin cannot afford
Stop #295 - Quantum Collectivism

Sponsored announcement

With Debifi you get access to immediate fiat liquidity without giving up your bitcoin.

Debifi is a Bitcoin-only and non-custodial lending platform. You deposit your bitcoin as collateral in a 3-of-4 multisig escrow: the keys are distributed between you, the lender, an authorized key holder, and Debifi. It takes 3 out of 4 signatures to move funds - no one can touch your bitcoin unilaterally.

The code is open source: you can verify everything.

Forget the nightmare of 33% capital gains taxes from selling bitcoin: the loan is not a taxable event!

Choose the duration of the loan, the LTV (the portion of bitcoin you commit compared to what you receive in fiat) and receive the loan in euros, dollars, or stablecoins. Debifi, never sell your bitcoin again!

Request your first loan from here: https://debifi.com

New: Debifi has just launched the beta of its API for institutional loans - banks, fintechs, and companies can now integrate non-custodial Bitcoin-backed loans directly into their products, with automatic contract generation and real-time monitoring.

—————————

I don’t like it either. I wrote it because I like the alternative even less.” With these words Jameson Lopp - developer, CTO of Casa, a man reasonably paranoid about security - responded to those accusing him of betraying Bitcoin’s spirit. The proposal in question is called BIP-361, and it closes the quantum trilogy I told you about in the past two Stops.

The official title is Post Quantum Migration and Legacy Signature Sunset. The text was assigned to the official BIP repository on February 11th, and has ignited public debate in recent days, after Core developer Mark Erhardt shared it on X. Alongside Lopp, the signatories are Christian Papathanasiou, Ian Smith, Joe Ross, Steve Vaile, and Pierre-Luc Dallaire-Demers.

The idea, summarized without mincing words: after a transition window, anyone who hasn’t migrated their bitcoin to quantum-resistant addresses will find their funds frozen. Forever.

BIP-361 would be a soft-fork that operates in three phases.

Phase A: approximately three years after activation (160,000 blocks): it becomes impossible to send bitcoin to current address types, meaning those protected by ECDSA or Schnorr signatures - practically all those in use today. Those who already own bitcoin at those addresses can still spend them, but no one can send them new ones.

Phase B: two years later (five years total from activation): at a predetermined block height, legacy signatures become invalid. All bitcoin that at that point are still on old addresses become impossible to spend, forever.

Phase C: still under study. A recovery mechanism through zero-knowledge proof of the BIP-39 seed phrase. Those who waited too long but can cryptographically prove they possess the private key should be able to recover something. The should is obligatory: the most important paragraph of the proposal is the one not yet written.

All of this relies on BIP-360, a sister proposal still under discussion that defines how the new post-quantum addresses will be structured. Without BIP-360 activated, BIP-361 goes nowhere: it’s a train waiting for tracks.

The six developers start from one data point. According to the official website of the proposal, as of March 1, 2026, over 34% of all existing bitcoin had public keys exposed on-chain. These are UTXOs technically vulnerable the day a quantum computer with enough stable qubits manages to execute Shor’s algorithm against 256-bit elliptic curve signatures.

The total number of bitcoin at risk - according to Lopp - is 5.6 million. Approximately 28% of the circulating supply. This set includes 1.1 million bitcoin that haven’t moved since 2010 and are probabilistically attributed to Satoshi Nakamoto.

The central thesis of the proposal is: if dormant UTXOs were intercepted by an attacker possessing a sufficiently powerful quantum chip, they would be unlocked and, in all likelihood, dumped on the market. The consequent dump would erode the value of all other bitcoin. I quote from the BIP text: “Lost coins make everyone else’s coins slightly more valuable. Coins recovered by an attacker make them worth less. Consider it theft from everyone.

Lopp himself, in the hours following the explosion of the debate, felt the need to clarify his position. In an interview with Cointelegraph he reiterated: “At this point, I don’t believe any of this is necessary

The community’s reaction was, let’s say, unambiguous.

Marty Bent, founder of TFTC, called the proposal “ridiculous” and in an editorial dismantled the key points. The first is what he calls “the man in the coma”: anyone who is in a coma, in prison, in any situation that for five years prevents them from performing a migration, would lose all their bitcoin. “Frozen by consensus. It’s the design of the proposal, not a bug. And it’s a terrible precedent.

Bent’s second point is the one that stings the most. If consensus rules can freeze addresses based on type, governments have an ennobled precedent to bring to the table: freeze sanctioned UTXOs, or those held by politically undesirable persons, or associated with addresses on an OFAC list. Bent’s conclusion is blunt: “Bitcoin’s fundamental value proposition is that nobody can freeze your money. BIP-361 proposes exactly that.

Adam Back, CEO of Blockstream, took the stage from a more technical angle at Paris Blockchain Week. For Back, today’s quantum computers are “essentially laboratory experiments” with “incremental” progress, and Bitcoin can perfectly well prepare optional upgrades without needing imposed freezes. “When something becomes urgent, it focuses attention and produces consensus,” he said, implying that Bitcoin’s distributed governance is perfectly capable of handling an emergency without planning freezes years in advance. The risk, in short, is dismantling the castle from within to protect against an enemy that doesn’t yet exist.

A year ago Jameson Lopp on X was dismissing the position of Bob Burnett, CEO of Barefoot Mining, who defined himself as opposed to the proposal to remove the OP_RETURN limit in version 30 of Bitcoin Core.

“I was about to invite you to weigh in on the pull request, but if you’ve never contributed to Bitcoin Core, you won’t be able to at this time. To be clear: what I’m saying is that social media opinions have no relevance to discussions in the repository.”

Here I am, then, with a humble comment from someone who has never contributed to Bitcoin Core code and who, perhaps, Lopp would consider entirely irrelevant. Three things, quick.

  1. Introducing prohibitions on other people’s bitcoin is madness that undermines two founding concepts of Bitcoin: private property and immutability. These are the protocol’s main features, the reason why Bitcoin exists and isn’t just another permissioned database. Saying “these bitcoin, although legitimately owned, must be blocked for the collective good” means denying the starting point. Translated: if consensus could freeze bitcoin based on address type, we would be a permissionless ledger provided you follow the rules. An oxymoron with a license.

  2. Assuming, hypothetically and against all evidence, that the idea was even remotely feasible - fortunately there will never be enough consensus to activate this soft-fork - it would be an extremely dangerous precedent. Today we freeze for the quantum “emergency” - entirely nonexistent and fueled by irrational fear and economic interests. Tomorrow for what? For dormant UTXOs that risk destabilizing the market? For those linked to OFAC-sanctioned addresses? For the funds of a failed exchange that need to be redistributed fairly? Once the network accepts the principle, the list of good reasons for introducing arbitrary rules grows on its own. Those who know the history of civil liberties know how this ends: emergency rules remain, emergencies pass.

  3. Let’s even assume that in 40 years a quantum computer worthy of the name manages to extract the 5.6 million dormant bitcoin. What’s the problem, exactly? Protecting one’s UTXOs is a personal responsibility, not a collective one. What are we, in socialism? If Satoshi didn’t bother to migrate in forty years, it’s his business - literally. And if those bitcoin were dumped on the market and caused a crash? Fine. Bitcoin has experienced 80% dumps and absorbed them all. Volatility is a structural characteristic of this network, not an accident to be prevented by rewriting the constitution. The market does what the market does.

Lopp claims to have put BIP-361 in writing to prevent worse damage, and he deserves credit for formalizing reasoning that someone else could have advanced in a much less honest form. But the real issue lies elsewhere, far beyond quantum FUD: BIP-361 wants to normalize the idea that the community can decide the fate of other people’s bitcoin. Once normalized, the same idea applies to any future emergency, real or manufactured.

There is a non-problem, and it doesn’t need to be solved, because there’s nothing to solve. If a quantum computer arrived tomorrow, as we saw last week, Bitcoin would already have the antibodies in its DNA. Only two things are needed: time and patience. The exact opposite of a freeze pre-programmed five years in advance.

In any case, dear readers, don’t worry. With all due respect to Lopp and those Core Developers who would prefer to speak only among themselves, the opinion of those who run a Bitcoin node is worth just as much as theirs. Before activating a collectivist dystopia on Bitcoin, they’ll have to get past my node.

—————————

Subscribe to Morning Blend by Atlas21: from Monday to Friday, at 07:00, the newsletter that brings you the most relevant news of the day on Bitcoin, technology, and finance. Subscribe for free here.

When you ask me where to buy bitcoin, my first answer is always the peer-to-peer market: Bisq, HodlHodl, Robosats. But I know not everyone wants to use these services. If you’re looking for an immediate service that’s compatible with Bitcoin’s original values, my choice today is Bull Bitcoin. By signing up with the code “federico” you get a reduced spread of 1.75% instead of 2%, forever. You can do it from here.

Non-custodial, supports Bitcoin on-chain, Lightning, and Liquid. And you can also spend your bitcoin to pay any IBAN in euros, without going through a bank.

KYC data is on self-hosted infrastructure, not shared with tax agencies, governments, or third parties. And they will continue not to collaborate until someone shows up with a judge’s order in hand. It’s the only service in Europe I can say this about with certainty.

#bitcoin #bitcointrain
No comments yet.

Related articles

by xe42…w40m

April 18 2026

The Quiet Revolution: How Stablecoins Are Reshaping Ukraine's Payments Industry

How USDT and USDC became core financial infrastructure in wartime Ukraine — adoption data, regulatory landscape, and what it signals for the future of money.

by average_bitcoiner

April 18 2026
Cover image for Mining for the Heats

Mining for the Heats

stop mining for hashrate and start mining for the heats

by Alien Investor

April 18 2026
Cover image for Cryptography: Why It Is Indispensable for Freedom

Cryptography: Why It Is Indispensable for Freedom

Cryptography is not just rocket science; it is the foundation of modern digital life. By distinguishing between symmetric and asymmetric encryption, this article explains how mathematics shifts the power balance from centralized authorities back to the individual. It is the ultimate tool for digital self-determination.