An analysis by XRP Ledger validator Vet has highlighted the differing vulnerabilities of XRP and Bitcoin to a potential future threat from quantum computers. The findings indicate that XRP exhibits significantly lower exposure due to its account-based design and user behavior, while Bitcoin faces a broader risk profile due to its transaction structure and legacy address formats.
According to Vet's detailed post, only about 21 million XRP (approximately 0.03% of the total circulating supply) is held in wallets with exposed public keys. These funds are contained within just two long-dormant "whale" accounts that have not transacted in over five years. In contrast, a substantial portion of XRP holdings is considered safer by default. Vet noted that roughly 300,000 XRP accounts, holding a combined 2.4 billion tokens, have never executed a transaction, meaning their public keys have never been exposed on the network, rendering them currently resistant to quantum computing attacks.
The validator contrasted this with Bitcoin's situation, where estimates suggest between 11% and 37% of Bitcoin's supply could be vulnerable. This higher exposure stems from Bitcoin's use of Pay-to-Public-Key (P2PK) outputs in its early days and widespread address reuse, which permanently reveal public keys. Furthermore, Bitcoin lacks a native mechanism for key rotation, meaning funds sent to these exposed addresses cannot have their authorization keys changed without moving the assets to a new address.
"This setup is different from Bitcoin, where large amounts of BTC are typically held in inactive wallets and have exposed public keys due to older address formats," Vet explained. He emphasized that this structural difference means XRP and Bitcoin would likely require tailored security strategies even if both networks adopted similar post-quantum cryptography defenses.
The analysis also pointed to built-in XRP Ledger features that offer additional protection. The network's account-based model supports signing key rotation, allowing users to change the keys that authorize transactions without having to switch accounts or move funds. Tools like escrow and hash time-locked contracts can also be used to add layers of security, potentially making attacks more costly for a malicious actor.
Despite the comparative analysis, Vet and other experts stress that the threat remains entirely theoretical for now. "No quantum computers capable of threatening public blockchain systems currently exist," Vet stated, adding that by the time such technology is developed, the crypto industry will likely have evolved and implemented effective countermeasures.
