News linked to both this project and an event.
BitMEX Research published an article proposing an alternative soft fork to BIP-361, suggesting that dormant bitcoins vulnerable to quantum attacks be frozen only upon confirmed existence of a quantum computer capable of stealing bitcoins. The proposal introduces a “canary fund” mechanism: a special bitcoin address whose private key is unknown but theoretically crackable by a sufficiently powerful quantum computer; users may donate BTC to this address as a bounty. If funds are spent from this address, it signals confirmed quantum threat and automatically triggers the freezing mechanism. BitMEX Research states that this proposal serves as a less contentious alternative to the more controversial BIP-361.
Odaily News Bitcoin Core developer Jameson Lopp stated that compared to potential future quantum computing attacks, he would prefer to "freeze" approximately 5.6 million long-dormant BTC from the network rather than letting them be acquired by attackers. These bitcoins have not moved for over 10 years and may be permanently lost, valued at around $420 billion at current prices. If future breakthroughs in quantum computing lead to the private keys of old addresses being cracked, these assets could be transferred again, potentially triggering severe market volatility or even a crisis of confidence. Although the community recently proposed BIP-361, the proposal is still in its early stages and is not a formally promoted solution, but rather more like a contingency plan for an "extreme risk." (CoinDesk)
Odaily News Bitcoin contributor Jameson Loop and other cryptographers have proposed an initiative that could force Bitcoin holders to migrate their tokens to new quantum-resistant addresses, otherwise their tokens would be permanently frozen by the network itself. In this scenario, holders would technically still "own" the coins but would lose the ability to transfer them. This is known as Bitcoin Improvement Proposal BIP-361, which was updated in Bitcoin's official proposal repository on Tuesday under the title "Post-Quantum Migration and Legacy Signature Deprecation".BIP-361 builds upon the BIP-360 proposal introduced in February. BIP-360 introduced a soft fork (a network upgrade) designed to enable a new transaction type called "Pay-to-Merkle-Root" (P2MR). This method draws from Bitcoin's Taproot (P2TR) framework but removes the key-based spending path, thereby eliminating an element widely considered to be at risk in the quantum era.The BIP-361 proposal divides the migration into three phases. Phase A begins three years after activation, prohibiting anyone from sending new Bitcoin to legacy, quantum-vulnerable addresses. You can still spend from these addresses but cannot receive any coins.Phase B begins five years after activation, rendering legacy signatures (ECDSA and Schnorr) completely invalid. The network will reject any attempts to spend coins from quantum-vulnerable wallets. Essentially, your coins will be frozen.Finally, there is Phase C, a still-under-research rescue plan: holders of frozen wallets may be able to prove ownership via zero-knowledge proofs (a method of proving knowledge of a secret without revealing the secret itself). If successful, coins frozen in Phase B could be recovered. (CoinDesk)
According to Cointelegraph, Cypherpunk Jameson Lopp and several other Bitcoin quantum-security experts have proposed Bitcoin Improvement Proposal BIP-361, recommending the freezing of quantum-vulnerable addresses—including the Satoshi Nakamoto reserve—to prevent future quantum computers from stealing approximately 1.7 million bitcoins. The proposal proceeds in three phases: first, prohibiting transfers to legacy addresses; second, invalidating legacy signatures and freezing unmigrated assets after five years; and third, enabling partial users to recover frozen funds via zero-knowledge proof mechanisms. The proposal aims to drive the entire network’s migration to quantum-resistant addresses, but has drawn opposition from some community members who argue it violates Bitcoin’s decentralization principles and carries authoritarian and confiscatory characteristics.
According to The Block, U.S. musician Garrett Dutton (stage name G. Love) lost 5.9 BTC—worth approximately $420,000—after downloading and using a counterfeit Ledger wallet app from the App Store and entering his recovery phrase. On-chain analyst ZachXBT discovered that the attacker laundered the stolen Bitcoin via the KuCoin platform. This incident once again exposes the security risks posed by fake wallet apps, reminding users to exercise heightened caution when downloading and using cryptocurrency-related applications, and to avoid entering sensitive information through unofficial channels.
Currently, quantum threats to Bitcoin remain theoretical, but companies such as Google and Cloudflare have already begun preparations and set a target of completing post-quantum migration by 2029.
According to The Block, Avihu Levy, a researcher at StarkWare, published a paper proposing the Quantum Safe Bitcoin (QSB) scheme, claiming it enables quantum-resistant transactions under Bitcoin’s existing script rules—without requiring a soft fork. This scheme replaces elliptic-curve cryptography with the RIPEMD-160 hash function via a “hash-to-signature” puzzle, thereby enhancing resilience against quantum attacks. The paper notes that QSB’s current per-transaction cost ranges from $75 to $150—significantly higher than today’s average transaction fee—and involves complex user experience; thus, it is recommended only as a “last resort.” The scheme remains constrained by script opcodes and size limits, and does not yet support all use cases—such as the Lightning Network. Compared to BIP-360—which requires protocol-level changes—QSB needs no modifications to the Bitcoin protocol, but remains experimental.
According to ZachXBT, BitcoinDepot filed an 8-K on April 6, 2026, stating that it discovered the theft of 50.9 BTC on March 23; on-chain tracking shows that 19 high-confidence theft addresses had already transferred a total of 54.45 BTC as early as March 20—3.55 BTC more than disclosed—and the funds ultimately flowed into KuCoin, indicating the company may have detected the anomaly three days late.
According to Decrypt, Bitcoin ATM operator Bitcoin Depot filed a disclosure with the U.S. Securities and Exchange Commission (SEC) revealing that it suffered a cybersecurity attack on March 23. Hackers infiltrated the company’s IT systems to obtain credentials for its digital asset settlement account and stole approximately 50.9 BTC—valued at roughly $3.665 million—from the company’s wallet. Following the incident, the company activated its incident response protocol, engaged external cybersecurity experts to conduct an investigation, and notified law enforcement authorities. Bitcoin Depot stated that its customer platform and user data remained unaffected. The company classified this event as a material matter, which may result in reputational damage and additional legal and regulatory costs.