- XRP Ledger leaves a smaller share of its supply exposed to potential quantum attacks compared with Bitcoin, mainly due to how accounts and public keys are handled.
- Around 300,000 XRP accounts, holding roughly 2.4 billion XRP, have never revealed their public keys and are therefore considered inherently safer under current quantum-risk models.
- Only about 0.03% of XRP’s circulating supply appears tied to large, inactive accounts with exposed public keys, while estimates for Bitcoin suggest up to 35% of its circulating supply could be vulnerable.
- XRPL’s native key rotation, escrow tools and a post‑quantum testnet (AlphaNet) offer additional layers of defense and experimentation that Bitcoin does not yet provide at protocol level.
Concerns about how quantum computing could impact public blockchains have moved from pure theory to a recurring topic in the crypto ecosystem. While no existing machine can yet crack today’s cryptography at scale, researchers and industry players are already asking which networks might be more exposed if that moment arrives.
Within that debate, a growing body of analysis suggests that XRP Ledger (XRPL) may face a smaller immediate attack surface than Bitcoin. The argument is not that XRP is magically immune, but that its account model, key‑handling rules and built‑in features leave a lower share of its total supply in a vulnerable position under the typical quantum threat scenarios being discussed.
Why quantum computing is seen as a potential threat to crypto
Behind most major blockchains lies the same basic recipe: users control funds through a private key, which is used to sign transactions. From that private key, software derives a public key and then a wallet address, the string people actually share when they want to receive coins or tokens.
Theoretical quantum attacks generally revolve around the moment a public key becomes visible on-chain. With algorithms such as Shor’s, a sufficiently powerful quantum computer could, in principle, work backwards from an exposed public key to reconstruct the underlying private key and seize control of funds.
In practice, this means that sending a transaction is the critical step. When an address only ever receives funds, usually only the address — not the raw public key — is visible. The risk profile changes once that account spends for the first time and the public key ends up recorded in the ledger.
Under this model, what matters is not how big a balance is or how long it has been sitting untouched, but whether the public key has been revealed to the network. That single detail is what turns an account into a potential target in a future quantum era.
What recent audits reveal about XRP’s quantum exposure
Recent on‑chain reviews by XRPL participants, including validator and researcher Vet, examined how much of the ledger would be immediately interesting to a quantum‑enabled attacker. The findings point to a relatively narrow set of high‑value XRP accounts with exposed public keys, especially when compared to Bitcoin.
According to these analyses, roughly 300,000 XRP accounts have never sent a transaction. Collectively, they hold around 2.4 billion XRP. Because these wallets have only received funds and never broadcast a spend, their public keys have not been written to the ledger and remain unknown.
Under the standard threat model — where an attacker needs a publicly visible key — these holdings are effectively shielded from quantum attacks by default. There is nothing for a quantum computer to latch onto as long as those accounts stay in their current state.
The picture is different for accounts that have been active. There, the public key is already on-chain, meaning that a sufficiently advanced quantum machine could, at least in theory, attempt to derive the private key. Even so, among large XRP holders that are both inactive and exposed, the numbers look small.
Vet’s audit identified just two significant “whale” accounts on XRPL that: (1) have not moved their funds in over five years and (2) have exposed public keys. Together, they control about 21 million XRP, roughly 0.03% of the circulating supply. In absolute terms, that is a meaningful pile of coins, but relative to the entire network, it suggests that the amount of dormant, high‑value XRP sitting in a vulnerable configuration appears limited.
How XRPL’s account model and key rotation change the picture
Part of XRP’s perceived advantage stems from how XRP Ledger manages accounts and signatures. XRPL is account‑based: an account persists as a single state object in the ledger, and the keys that authorize that account can change over time without replacing the account itself.
One of the standout features here is native key rotation. Instead of moving funds to a brand‑new address whenever a user wants to refresh security, XRPL lets the account holder update the signing key directly. In other words, the owner can “change the lock” without changing the house.
From a quantum‑risk perspective, this means that if concerns about exposed public keys increase, many XRPL users can respond by rotating their keys while keeping their existing account history, settings and relationships intact. No forced migration of funds is strictly required to achieve a security upgrade.
Of course, key rotation only helps if the account owner is still present and able to act. Long‑dormant wallets whose owners lost access, passed away or simply stopped paying attention are the ones that remain fragile. They cannot easily take advantage of rotation, which is why the tiny set of old whale accounts with exposed keys attracts outsized scrutiny in these analyses.
Escrow and time locks as an additional layer of defense
Another aspect frequently mentioned by developers is the use of escrow with time‑based conditions within XRPL. These mechanisms lock funds until a certain date or block height is reached, regardless of how much computing power a potential attacker might have.
Engineers close to the project, such as Ripple software staff Mayukha Vadari, have stressed that escrow safety comes from business logic rather than cryptographic hardness. A time lock simply refuses to release funds before its deadline, meaning that even a quantum‑enabled adversary cannot spend those particular coins early just by solving a math problem faster.
This does not mean escrow eliminates all risk. The underlying account that created the escrow can still be exposed like any other XRPL account. If a quantum attacker derived that owner’s private key, they could try to cancel or modify escrow arrangements, or simply wait until the lock expires and then seize the funds.
Even with those caveats, time‑locked escrow is seen by some as a useful tool for reducing incentives to attack certain balances. If an attacker cannot immediately gain control of locked funds, the cost‑benefit calculation of targeting that account changes, especially when there may be other, more easily accessible assets elsewhere.
Bitcoin’s larger quantum attack surface
When the discussion shifts to Bitcoin, two main elements tend to make its position look more fragile: the scale of potentially exposed holdings and the absence of protocol‑level key‑rotation tools.
Historically, a significant share of early bitcoin was stored using an older script type known as pay‑to‑public‑key (P2PK). In that setup, the public key appears directly in the blockchain as part of the output, regardless of whether the coins have ever been moved. That includes some of the most famous holdings in Bitcoin’s history, such as the roughly 1 million BTC widely attributed to the network’s pseudonymous creator, Satoshi Nakamoto.
Based on public‑key exposure patterns and address types, research cited by Google has suggested that around 6.9 million BTC — about 35% of the circulating supply — could be vulnerable under a future, high‑powered quantum attack scenario. The estimate assumes that an attacker would systematically target outputs whose public keys are already visible on the chain.
Compared with the 0.03% figure often cited for XRP’s dormant, exposed whale accounts, that 35% estimate for Bitcoin highlights a much larger potential harvest for a successful attacker. While the contexts and assumptions differ, the order‑of‑magnitude contrast is what drives many observers to say Bitcoin appears “more exposed” structurally.
The second issue is operational. Bitcoin does not offer a built‑in key rotation mechanism that allows users to swap signing keys while keeping the same address. Instead, anyone looking to move away from an exposed public key must transfer their funds to a completely new address whose key has not yet been seen on-chain.
That migration itself opens a narrow but important window of risk. While a transaction is waiting to be confirmed — usually around ten minutes in Bitcoin’s mempool — the old public key remains visible, and the coins are still technically spendable from that key. In the extreme case, a very powerful quantum computer could try to crack the older key and submit a conflicting transaction during that gap.
This scenario remains theoretical, but it illustrates why many researchers describe Bitcoin’s quantum exposure as structurally higher than XRPL’s, at least based on today’s protocols and the way historical holdings are distributed across address types.
Post‑quantum experimentation on XRPL’s AlphaNet
XRPL’s developers have not limited their response to auditing exposure; they have also been experimenting with post‑quantum cryptography in a dedicated test environment. A developer‑focused testnet known as AlphaNet has become a proving ground for these ideas.
In December 2025, project contributors reported that AlphaNet had become fully resistant to quantum attacks at the protocol level. The network adopted ML‑DSA (often associated with the CRYSTALS‑Dilithium family), a digital signature scheme selected and approved by the U.S. National Institute of Standards and Technology (NIST) as part of its post‑quantum standardization process.
On AlphaNet, these post‑quantum signatures underpin not only basic account control but also Quantum Accounts, Quantum Transactions and Quantum Consensus. In other words, the cryptographic protections extend beyond user wallets to the way validators communicate and agree on ledger changes.
Running such schemes in a live testnet exposes their practical trade‑offs. Developers note that post‑quantum signatures are significantly larger than traditional ones — often by a factor of dozens — which increases storage requirements and can slow processing. Transactions occupying more space also affect bandwidth and throughput.
Despite those drawbacks, the expectation among engineers is that performance can improve through optimization over time. The goal is to find a balance where the network gains quantum resistance without sacrificing too much on cost, latency or user experience, and to ensure that any migration path from today’s cryptography is smooth and reversible.
Hybrid cryptography and future‑proofing strategies
Beyond AlphaNet, teams in the XRPL ecosystem are exploring hybrid cryptographic approaches that combine existing algorithms with post‑quantum schemes. This kind of setup allows the network to test quantum‑resistant signatures in parallel with familiar tools, minimizing disruption.
In a hybrid model, an account might require both a classical and a post‑quantum signature to authorize a transaction. That way, even if one system were compromised, the other would remain as a safety net. It also gives developers more time to monitor how new algorithms perform under real‑world conditions.
Some of these efforts run alongside ongoing proposals inside the Bitcoin ecosystem. Researchers connected to companies like Blockstream have been trialing post‑quantum signature schemes on Bitcoin‑related sidechains, providing opt‑in protections without altering Bitcoin’s base protocol. Together, these parallel experiments illustrate that the crypto industry is not ignoring quantum risk, even if full migrations are still years away.
From the perspective of investors and users, these technical steps feed into a broader perception that XRP’s ledger is being actively prepared for a quantum‑capable future. While day‑to‑day price movements depend on many other factors, quantum‑resilience work has become part of the narrative around how robust different networks might be over the long term.
Market narratives and whale behavior around XRP
As the quantum discussion has gained visibility, it has also spilled over into market commentary around XRP. Some reports claim that XRP’s relatively low share of exposed, dormant supply is helping shape demand dynamics among larger holders.
Analysts tracking the ledger note that about 7.7-7.8 million XRP accounts exist in total, of which roughly 1.1 million appear inactive. Most of those inactive wallets hold modest balances — often between 10 and 20 XRP — implying that systemic risk is concentrated in only a tiny set of large, exposed accounts.
At the same time, observers have pointed to continued accumulation of XRP by larger investors, with on‑chain data indicating that some “whale” addresses have been adding millions of tokens per day. These flows often involve coins moving off exchanges into private wallets, a pattern typically interpreted as longer‑term positioning rather than short‑term trading.
Commentary from asset managers and research desks has highlighted XRPL’s combination of hidden public keys, active key rotation options and low dormant‑exposure ratios as factors that, in their view, place the network in a relatively favorable spot if quantum computing advances faster than expected.
Price levels and capitalization figures fluctuate, but at times recent estimates have put XRP’s market value in the tens of billions of dollars, with daily trading volumes rising when quantum‑risk narratives, regulatory news or protocol updates capture wider attention. Those market reactions underline how technical design choices can shape sentiment long before any quantum computer capable of breaking today’s cryptography actually exists.
A risk that is real, but still largely theoretical
Despite the intense interest, quantum computing remains an emerging technology. The kind of large‑scale, fault‑tolerant machines needed to run Shor’s algorithm against real‑world blockchains at speed are not available today. Many researchers believe such systems are still years, if not decades, away.
Even so, recent advances and public statements by major tech companies have helped bring the debate to the forefront. Studies associated with Google, for example, have argued that future quantum hardware could potentially crack some legacy blockchain setups faster than previously assumed, prompting renewed scrutiny of protocols like Bitcoin and Ethereum.
Security specialists generally treat this as a long‑lead‑time engineering problem. The cryptographic assumptions that underpin today’s networks will eventually need to evolve, and the transition will likely involve careful staging, hybrid phases and extensive testing on sidechains and testnets — precisely the sort of work now visible on XRPL’s AlphaNet and other experimental networks.
For XRP specifically, the message from experts is not that the asset is fully insulated from quantum threats, but that its architecture — including account‑based design, built‑in key rotation, time‑locked escrow and active experimentation with post‑quantum schemes — appears to leave a smaller slice of total supply in the highest‑risk category when compared with Bitcoin’s legacy holdings and script formats.
Across the broader crypto landscape, the emerging consensus is that both XRP and Bitcoin will need further upgrades as quantum hardware matures. What current audits and testnets do show is that XRP Ledger’s immediate exposure, in terms of dormant high‑value accounts with visible public keys, seems narrower, while Bitcoin’s long history and early address formats leave a larger, more attractive target for any future quantum‑capable attacker.
