BITCOIN · L1 · QRI 28 · BAND 3 Planning Hybrid PASS · Stage 1 · Washing 1.2x

Bitcoin has the most concrete quantum spec on this list, BIP-360, a working testnet with CRYSTALS-Dilithium, and Satoshi's one million BTC sitting in P2PK outputs with the public keys visible since 2009. Rescue or burn is the actual argument. Everything else is bikeshedding.

inLinkedIn XPost ▼Scorecard JSON ⇆Compare Verified 2026-04-18

Summary

Bitcoin has the most concrete architectural quantum proposal (BIP-360 + BTQ Bitcoin Quantum testnet with CRYSTALS-Dilithium) but lowest governance velocity in batch. X=infinite (historical UTXO signatures vulnerable to Shor-forged spends of exposed-pubkey UTXOs like Satoshi's 1M BTC). Lopp's burn-vs-rescue framing active. Migration Stage 1: BIP-360 spec exists, external testnet functional, no Core adoption.

What the gates say

Hybrid: PASS. Hybrid-PQ design present.
Evidence: PASS. Sources reconstructable by third party.
Primitive naming: PASS. Named primitives at every scored sub-level.

Burn-vs-rescue policy on file

burn (Lopp BIP-361 position preferred by a faction; not formally adopted). Satoshi coins are de facto burned via non-movement.

Seven dimensions

Each dimension scores 0-100 internally; the weighted roll-up produces the QRI on the left. Open a row to read the sub-score detail.

1 Cryptographic Exposure 45 / 100

1a_primitive_inventory 15 / 20

Very complete primitive inventory. BIP-360 names Dilithium explicitly.

Primitives: ECDSA secp256k1 (legacy/SegWit tx sigs) · Schnorr secp256k1 (Taproot) · SHA-256d (block headers, Merkle) · RIPEMD-160 (P2PKH/P2WPKH address hash) · CRYSTALS-Dilithium (BIP-360 P2MR testnet only)

Evidence: bitcoin.org · bip360.org · chaincode.com

1b_shor_grover_pq_tag 16 / 20

Evidence: bitcoinmagazine.com

1c_algorithm_family_diversity 2 / 20

BIP-360 Dilithium (lattice) proposed; not on mainnet. Currently no PQC families deployed.

1d_nist_security_category 6 / 20

Testnet-only NIST mapping

Evidence: bip360.org

1e_implementation_quality 6 / 20

Evidence: github.com

2 HNDL Exposure 45 / 100

2a_active_key_exposure 10 / 20

P2TR key-path (Taproot) exposes pubkeys in witness output. P2PKH hides pubkey until first spend. Reused addresses exposed. Mix of ~25-40% exposed.

2b_cold_key_exposure 15 / 20

Satoshi's ~1M BTC in P2PK outputs have pubkeys exposed on-chain since 2009-2010. Lost coins (1-2M BTC, 6-10% supply) retain exposure. ETF holdings ~7% of supply.

2c_signature_longterm_validity 10 / 20

X=infinite for Bitcoin — historical signatures retain validity indefinitely. Key difference from account-based chains.

2d_encryption_confidentiality 10 / 20

P2P node communication uses standard TLS, BIP-324 (v2 transport) adds ChaCha20-Poly1305. BIP-324 is PQ-asymmetric-safe for authentication but key exchange still ECDH.

3 Metadata & Privacy Exposure 30 / 100

3a_tx_graph_visibility 6 / 20

UTXO pseudonymous. CoinJoin / Wasabi / Samourai provide some mixing.

3b_rpc_mempool_concentration 8 / 20

Self-hosted nodes common; miners via pools (Foundry 31.6%, AntPool 16.7%, ViaBTC 13.7%).

3c_cross_chain_bridge_correlation 8 / 20

WBTC via BitGo custody; tBTC decentralized; Lightning Network off-chain.

3d_retroactive_deanon_risk 8 / 20

ECDSA broken: historical unspent P2PK outputs expose pubkeys; P2PKH signatures revealed on spend also Shor-broken. Lopp's position: burn exposed coins.

4 Migration Architecture 38 / 100

4a_crypto_agility 10 / 20

Taproot's MAST allows scripted spending conditions. BIP-360 proposes new output type (P2MR SegWit v2).

4b_account_abstraction_key_rotation 5 / 20

No AA. Fixed UTXO script model. Users must manually migrate UTXOs to new address type.

4c_hard_fork_track_record 12 / 20

Soft forks only. SegWit 2017, Taproot 2021. Conservative but successful. Historical avg time proposal-to-activation ~4 years.

4d_hybrid_deployment_readiness 11 / 20

BIP-360 is hybrid by design — new output type alongside existing P2PKH/P2WPKH/P2TR. Old UTXOs remain classical; new UTXOs use Dilithium. Testnet only.

5 Deployment Execution 15 / 100

5a_mainnet_pqc_pct 0 / 20

no mainnet PQC traffic

5b_pqc_code_in_client 4 / 20

BTQ Bitcoin Quantum testnet v0.3.0 has Dilithium opcodes — external implementation, not Bitcoin Core. 50+ miners, 100K+ blocks on testnet.

5c_validator_pqc_adoption 0 / 20

PoW — no validator set. Miners use SHA-256 unchanged.

5d_published_milestones_count 6 / 20

BIP-360 draft spec + BTQ testnet v0.3.0 deployment are named milestones. No dated Core activation.

5e_pqc_washing_delta 5 / 20

BTQ shipped testnet code; Bitcoin Core has not adopted. Modest overhang.

6 Supply Chain Vendor Readiness 15 / 100

6a_wallet 5 / 20

Evidence: Ledger researching PQC firmware publicly

6b_bridge 2 / 20

6c_custodian 5 / 20

Evidence: Fireblocks has announced PQC research (research-only)

6d_rpc_hsm 3 / 20

7 Governance & Coordination 55 / 100

7a_validator_stake_distribution 8 / 20

Mining: Foundry 31.6%, AntPool 16.7%, ViaBTC 13.7%. NC=3. Nodes: ~20K+ reachable.

7b_upgrade_cadence_under_pressure 15 / 20

Taproot 2021, SegWit 2017. Slow but completed. Conservative process.

7c_named_coordination_lead 15 / 20

No formal foundation but rough-consensus model via Bitcoin Core maintainers (Wladimir van der Laan, etc.).

7d_adversarial_coordination_precedent 17 / 20

Block size wars 2015-2017 demonstrated adversarial-pressure coordination capability, culminating in UASF and SegWit activation. Model for quantum migration.

The X + Y vs Z inequality

X (data shelf life): 100+ (historical UTXO signatures unspendable but pubkey-exposed permanently; Satoshi 1M BTC P2PK is the headline case)

Y (migration time): 7-12 (Lopp estimates 5-10 years from Core acceptance; Core acceptance not secured)

Z10 (10% CRQC year): 2036 · Z50 (50%): 2041

Verdict: X+Y > Z (danger).

Four-scenario grid

Scenario	Value preserved	Privacy preserved
quantum never	100%	100%
arrives suddenly pre migration	25%	20%
arrives slowly post migration	90%	80%
arrives slowly mid migration	55%	45%

Peers in the L1 profile

Order-book view of the 9 chains closest to Bitcoin by QRI.

Public artifacts used for this scorecard

Each entry below is a sub-score citation. Clicking the link takes you to the public source. A third party should be able to reconstruct every number on this page from these URLs in 48 hours.

Cryptographic Exposure · 1a_primitive_inventory

Very complete primitive inventory. BIP-360 names Dilithium explicitly.

Cryptographic Exposure · 1b_shor_grover_pq_tag

https://bitcoinmagazine.com/news/bitcoin-advances-toward-quantum-resistance

Cryptographic Exposure · 1d_nist_security_category

Testnet-only NIST mapping

https://bip360.org/

Cryptographic Exposure · 1e_implementation_quality

https://github.com/bitcoin/bitcoin

Supply Chain Vendor Readiness · 6a_wallet

Ledger researching PQC firmware publicly

Supply Chain Vendor Readiness · 6c_custodian

Fireblocks has announced PQC research (research-only)

Supply chain snapshot

wallet Sparrow · Electrum · Ledger HW 1 PQC roadmaps

bridge WBTC · tBTC · Lightning 0 PQC roadmaps

custodian Coinbase Custody · BitGo · Fidelity Digital 1 PQC roadmaps

rpc_hsm self-hosted · Blockstream.info · mempool.space 0 PQC roadmaps

A chain's supply chain cannot migrate faster than its slowest dependency. Zero PQC roadmaps in any of the four categories is a structural blocker, not a lagging indicator.

Analyst notes on the scoring

Highest artifact density of any chain in batch (5 in Dim 1, 4 in Dim 7). Sutor cap binds (only 2 dated milestones). Taproot's 4-year activation cycle suggests quantum migration would exceed Y=10 estimate. Band 3 Planning justified by concrete spec despite slow pace.

Scorecard metadata

Profile: L1
Scored: 2026-04-18 by layerqu-v2-scoring-agent-1
v1 reference: chainscreen-v1-archive
QRI raw: 28 · after caps: 28
Confidence interval: ±5
PQC washing ratio: 1.2x
Burn-vs-rescue: burn (Lopp BIP-361 position preferred by a faction; not formally adopted). Satoshi coins are de facto burned via non-movement.

Caps triggered

mosca_cap_60 (5a=0)
sutor_stage_cap_2 (5d count=2, under 3)
casado_stage_cap_3