Bitcoin’s core developers proposed freezing 8 million coins earlier this week to defend against quantum attackers.
But Cardano founder Charles Hoskinson believes it still cannot store coins belonging to the network’s pseudonymous creator Satoshi Nakamoto, according to a video posted on his YouTube channel late Wednesday.
Hoskinson said Bitcoin’s proposed defenses against quantum computers are both technically flawed and structurally unable to protect the network’s oldest coins, including the roughly 1 million bitcoins attributed to Satoshi Nakamoto.
He argued that BIP-361, the proposal by developer Jameson Lopp and others to phase out quantum-vulnerable bitcoin addresses, is being presented as a soft fork but would functionally require a hard fork because it invalidates existing signature schemes that users actively trust.
“To actually do this, you need a hard fork,” Hoskinson said. The distinction matters because Bitcoin’s development culture has historically opposed hard forks, viewing them as violations of the network’s immutability. BIP-361 authors have described the proposal as a soft fork, a characterization Hoskinson called a lie.
A soft fork tightens the rules so that old software still works but cannot use the new features. A hard fork changes the rules so fundamentally that old software stops working altogether and the network splits unless everyone upgrades.
BIP-361 suggests that users with frozen quantum vulnerable funds could reclaim them by constructing a zero-knowledge proof bound to their BIP-39 seed phrase, a standard for generating wallet keys from a recoverable phrase.
Hoskinson argued that this approach cannot save the approximately 1.7 million bitcoin that predated BIP-39’s introduction in 2013, including the roughly 1 million coins associated with Satoshi’s early mining.
These early coins were generated using a different key derivation method from the original Bitcoin wallet software, which relied on a local key pool rather than a deterministic seed.
There is no seed theorem to prove knowledge of, meaning that no zero-knowledge recovery scheme built on this assumption can return access to the holders.
“1.7 million coins can’t do that. It’s not possible. 1.1 million of them belong to Satoshi,” Hoskinson said.
If the proposal passes in its current form, these coins will remain permanently frozen regardless of whether their original owners ever attempt to migrate, because migrating would require cryptographic proof that they are unable to provide.
Jameson Lopp, the core developer who co-authored BIP-361, acknowledged in a post on X this week that he doesn’t like the proposal and hopes it never needs to be adopted, describing it as “a rough idea for a contingency plan” rather than a final specification.
Lopp has argued that freezing dormant coins, which he estimates at 5.6 million bitcoin, would be preferable to allowing a future quantum attacker to recover and dump them on the market.
Hoskinson’s broader criticism extends beyond the technical details. He argues that Bitcoin’s lack of formal on-chain governance leaves the network unable to resolve these trade-offs through a structured process, forcing contentious upgrades to be negotiated through developer mailing lists and social pressure.
