Quantum computing has become one of the hottest topics lately, thanks to Google saying that a powerful enough machine could exploit older blockchains with less firepower than originally estimated.
For XRP holders, a nuanced answer, based on expert opinion, is that XRP’s architecture is better placed than Bitcoin’s. XRP is the digital token that operates on the XRP Ledger (XRPL), which is an open source, decentralized blockchain. Ripple is a fintech company that co-founded this ledge.
Let’s discuss in detail, one step at a time.
The threat
Every major blockchain shares the same basic cryptographic features, which include a private key, which is the secret password that you never share, but use to sign and execute transactions on the distributed ledger.
For this a public key is mathematically derived and from that your wallet address is generated which you share with others to receive money.
The quantum vulnerability that everyone is talking about is that a sufficiently powerful machine running the so-called Shor’s algorithm could theoretically convert your private key from the exposed public key, draining your money.
Typically, your public key is exposed to the network when you send a transaction, and when you receive money, only your address is on the chain. This is why your account activity, regardless of whether you’ve sent money, makes you quantum vulnerable, not your balance or how long you’ve had the address.
XRP’s exposure
This week, XRP Ledger’s validator Vet ran a quantum vulnerability audit of the entire ledger and found that around 300,000 XRP accounts with 2.4 billion XRP have never sent any funds. They have only received funds so far, meaning their public keys have never been exposed to the network.
These accounts are therefore quantum secure by default.
However, there are dormant whale accounts that have traded before and exposed their public keys, but it was at least 5 years ago. They are essentially exposed and not active. If a quantum computer appeared tomorrow, these whales would be in trouble.
The vet found two such accounts on the entire XRP Ledger, and together they hold 21 million XRP. While that sounds like a lot, it’s only 0.03% of the circulating supply.
Note that the vulnerability is based on the assumption that they are dormant and not available for “key rotation” – an XRPL feature that lets you swap your signing key without moving any money at all. Think of it this way: You can change the lock on your house (account) without having to move. This way, your money stays safe, no send transaction takes place, and anyone who has your old key is locked out of your account.
“The XRP Ledger is account-based and allows for key rotation signing. so you can rotate keys that sign on behalf of an account without switching accounts. This is obviously by no means a perfect solution and actual quantum-resistant algorithms will eventually be adopted,” said Veterinarian at X.
Technically, this feature is available to everyone, but the problem arises when people aren’t around to use it – the so-called long-dormant accounts, who may have lost keys, passed away, or simply aren’t paying attention. This is what makes them vulnerable.
Mayukha Vadari, staff software engineer at Ripple, pointed to the “escrow feature” as another defense against quantum risk.
He said funds locked in escrow with a time lock are secure not because of cryptography, but because of logic — a time lock simply prevents withdrawal until a certain amount of time has passed.
“Time locks aren’t hash-based either, you just can’t get in until that time has passed (at least not via quantum – you’d need another bug for that). Yes, it’s true, can’t stop a black hole – but the attacker is less incentivized to do so because they don’t get the means,” Vadari said.
How Bitcoin Compares
The quantum threat to Bitcoin looks worse than to XRP for two reasons.
First, the large scale. A significant portion of early bitcoin was mined using a format called P2PK, which exposed public keys directly in the transaction output—no spend transaction required. This includes Satoshi Nakamoto’s 1 million BTC, which has never moved. Overall, estimates of quantum vulnerable dormant bitcoin range from 2.3 million BTC to as high as 7.8 million BTC. This represents between 11% and 37% of bitcoin’s circulating supply.
All of these are sitting ducks for a potential quantum attacker.
Even holders who recognize the threat and want to protect face a structural problem that XRP holders do not. That’s because Bitcoin’s blockchain lacks a key rotation feature, leaving holders with only one option: move money to a new address whose public key has never been seen. Funds at the new address are quantum-safe.
But when you move money from old to new, the transaction sits in the memory pool (a temporary waiting room) for about 10 minutes. During this time, the public key of the old address is exposed. A sufficiently powerful quantum machine can exploit this public key within ten minutes. This risk is still largely theoretical, but it points to the relative structural vulnerability of bitcoin holders.
That said, note that Bitcoin developers have already launched several proposals for developing quantum resistance.
