Bitcoin’s pseudonymous creator, Satoshi Nakamoto, vanished from public view in 2011, leaving behind not just the world’s first decentralized cryptocurrency but also a staggering personal fortune: roughly 1.1 million bitcoins, worth about $89 billion at today’s prices. These coins have never moved—not a single satoshi—in over 15 years, sitting silently in roughly 22,000 separate addresses, each holding the original 50 BTC mining reward from Bitcoin’s earliest days.
This immobility was once considered a virtue, a sign of Satoshi’s principled disappearance. But now, as quantum computing advances and creative legal theories multiply, those dormant coins have become the most coveted prize in the digital world. Everyone wants Satoshi’s bitcoin: quantum hackers who might one day crack the cryptography, self-proclaimed Satoshis demanding courts hand over the fortune, and even the Bitcoin community itself, which is debating whether to freeze the coins preemptively.
What was once the foundation of a revolutionary monetary system has become a target. And the battle over Satoshi’s stash reveals deep tensions about property rights, technological risk, and the very soul of Bitcoin.
The Quantum Threat: A Ticking Clock for Early Coins
The most scientifically grounded threat to Satoshi’s bitcoin comes from the rapid advancement of quantum computing. To understand why, you need to understand how early Bitcoin addresses were structured. Modern wallets keep public keys hidden until coins are spent, but during Bitcoin’s Satoshi era (2009–2010), miners used Pay-to-Public-Key (P2PK) addresses that permanently expose public keys directly on the blockchain. This was a design choice that predates any serious concern about quantum attacks, but it now creates a massive vulnerability.
A sufficiently powerful quantum computer running Shor’s algorithm could, in theory, derive a private key from an exposed public key—effectively cracking open the wallet and allowing an attacker to sign transactions and drain funds without authorization. While no such machine exists today, the estimated timeline for when one might is shrinking rapidly.
In March 2026, Google’s Quantum AI division published a paper that compressed the estimated hardware requirements for breaking elliptic-curve cryptography by roughly 20-fold. The revised estimate suggests fewer than 500,000 physical qubits could suffice, down from prior estimates exceeding 10 million. Google subsequently targeted 2029 as a milestone for broader post-quantum cryptography migration across systems.
Analysts at Bernstein have described a 3–5 year window for Bitcoin to prepare. Project Eleven, a quantum security research firm, warned that Q-Day—the point when quantum computers break standard encryption—could arrive as early as 2030 and no later than 2033
The scale of exposure is staggering. Roughly 6.9 million BTC, about one-third of Bitcoin’s total supply, sits in wallets whose public keys are already permanently visible on-chain. This includes not only Satoshi’s estimated 1.1 million coins but also any wallet that has ever been spent from, since spending reveals the public key for whatever remains, and coins generated after the 2021 Taproot upgrade, which also expose public keys. An estimated 1.7 million BTC are locked in inherently exposed P2PK scripts alone.
A quantum attacker wouldn’t need to race against a transaction in progress. They could work through wallets with already exposed keys at their own pace, one by one. If a bad actor derived the private keys to Satoshi’s dormant stash, they could liquidate the funds, triggering a catastrophic market collapse.
Craig Wright: The Self-Proclaimed Satoshi Who Won’t Stop Suing
Before quantum computers became a realistic threat, the most persistent challenge to Satoshi’s coins came from a man who claims to be Satoshi. Craig Wright, an Australian computer scientist, has spent years asserting he is Bitcoin’s creator—a claim that has been systematically dismantled by courts, yet continues to resurface in new forms.
The legal saga reached its climax in 2024–2025 in the UK courts. The Crypto Open Patent Alliance (COPA), a nonprofit backed by Coinbase, Block, Meta, and Strategy, sued Wright for a declaration that he is not Satoshi Nakamoto. After a trial, the High Court found that Wright was indeed not the Bitcoin creator and that his claims were supported by forged documents and false statements. The court described his actions as a “campaign of dishonesty” that “terrorized” those who questioned him.
In March 2025, the court granted a General Civil Restraint Order (GCRO) for three years against Wright, preventing him from filing further lawsuits without court permission. When Wright attempted to appeal, the Court of Appeal certified his case as “totally without merit,” and his application to the UK Supreme Court was similarly rejected. He was ordered to pay £225,000 in legal costs after a judge found he had improperly used AI-generated “hallucinations” in his appeal bid.
By May 2026, matters escalated further. A UK court froze £6 million ($7.6 million) of Wright’s assets in a worldwide freezing order after he transferred shares from his London-based company to a Singaporean firm, raising concerns he was attempting to evade legal costs. Judge James Mellor stated: “Understandably, that gave rise to serious concerns on COPA’s part that Dr. Wright was implementing measures to seek to evade the costs and consequences of his loss at trial”.
The court also found Wright in contempt, issuing a one-year suspended prison sentence and a £145,000 fine. By late May 2026, he faced renewed contempt proceedings, with COPA seeking a two-year prison sentence.
Despite the cascade of legal defeats, Wright’s shadow hangs over the question of Satoshi’s coins. His years of litigation demonstrated that courts are willing to engage with the question of who Satoshi is—and, by extension, who might lay claim to the fortune. This precedent has emboldened others.
The Noah Doe Lawsuit: A Bold New Legal Theory
In May 2026, a lawsuit filed in a New York court introduced a novel legal theory: that dormant bitcoin, including Satoshi’s, should be treated as abandoned property and handed over to a new claimant. The plaintiff, known as “Noah Doe,” sought to be declared the legal owner of more than 39,000 dormant Bitcoin wallets, targeting a combined 3.79 million BTC worth hundreds of billions of dollars. The amended complaint specifically named wallets attributed to Satoshi Nakamoto, alongside early miner addresses, Casascius Coin holdings, and wallets linked to hackers.
The lawsuit’s legal basis is unusual. Noah Doe reportedly relied on Section 7-B of the New York Personal Property Law, a statute that deals with abandoned property and escheatment—the process by which unclaimed assets revert to the state. The plaintiffs claimed to have reported the addresses to the NYPD and sent on-chain and press notices to potential owners, though questions have since emerged about whether these notifications actually reached anyone with control over the funds.
Ripple CTO David Schwartz, known as JoelKatz, responded with dry derision, observing that a court might one day approve “something dumb like this” but that any such ruling would carry little practical weight. His reasoning points to Bitcoin’s fundamental structure: the network operates without any central authority capable of enforcing a forced ownership transfer.
Thousands of independent node operators globally maintain the protocol, and none of them would implement a change to satisfy a court order. Any ruling purporting to transfer dormant BTC would be enforceable only if private keys could be seized through traditional legal channels—a condition that does not apply to the wallets at the center of this suit.
Schwartz did note one exception: Bitcoin SV (BSV), the Craig Wright-linked fork, might honor such a ruling, given its historically different governance positions. This observation highlights how the legal battles over Satoshi’s identity have practical consequences for different blockchain networks.
BIP-361: The Nuclear Option of Freezing Satoshi’s Coins
As the quantum timeline accelerates, the Bitcoin developer community has begun considering what was once unthinkable: freezing Satoshi’s coins preemptively before a quantum attacker can steal them. In April 2026, a group of researchers including Jameson Lopp introduced Bitcoin Improvement Proposal 361 (BIP-361), a plan to migrate the entire network to quantum-resistant cryptography—with a hard deadline that could permanently lock unmigrated coins.
BIP-361 proposes three phases. Phase A, starting three years after activation, would prohibit anyone from sending new bitcoins to old, quantum-vulnerable addresses. You could still spend from these addresses, but you couldn’t receive coins to them. Phase B, starting five years after activation, would render old signatures completely ineffective, with the network rejecting any attempt to spend coins from quantum-vulnerable wallets.
Those coins would be permanently frozen. Phase C, still under research, would offer a recovery mechanism using zero-knowledge proofs, allowing holders to prove ownership without exposing private keys.
The proposal immediately split the Bitcoin community. For some, it’s a necessary defense. “Even if Bitcoin is not a primary initial target of a cryptographically relevant quantum computer, widespread knowledge that such a computer exists and is capable of breaking Bitcoin’s cryptography will damage faith in the network,“ the BIP authors wrote.
For others, freezing coins is an existential threat to Bitcoin’s core values. “Bitcoin’s structure treats all UTXOs equally. It does not distinguish based on wallet age, identity, or perceived future threat. That neutrality is foundational to the protocol’s credibility,“ said Nima Beni, founder of Bitlease. Critics argue that creating exceptions, even for security reasons, alters Bitcoin’s architecture in dangerous ways. Once authority exists to freeze coins for protection, it exists for other justifications as well.
Charles Hoskinson, founder of Cardano, leveled a more technical critique, arguing that BIP-361 is “misclassifying its own fix”—that while it’s promoted as a soft fork, it would in practice require a hard fork by invalidating existing signature schemes, something Bitcoin has never successfully executed for a change of this magnitude. Hoskinson warned that forced action on old addresses would fracture Bitcoin and damage market trust.
The Intractable Problem: Keys Unknown, Keys Gone
Beneath the BIP-361 debate lies a deeper problem: Satoshi hasn’t moved any coins in over 15 years. Upgrading a wallet to quantum-resistant cryptography requires the owner to initiate a transaction. If Satoshi has truly disappeared—or worse, if the private keys are lost forever—those coins cannot be migrated voluntarily.
This creates an impossible trilemma. Do nothing, and quantum attackers might one day steal the coins, potentially flooding the market with millions of suddenly liquid bitcoins. Freeze the coins, and you violate property rights and set a precedent for future interventions. Require migration, and you may be demanding something impossible from a ghost.
Dan Robinson of Paradigm introduced an alternative concept called Provable Address-Control Timestamps (PACTs), which would allow an address owner to cryptographically prove they control a wallet at a specific date without spending coins. However, this would only work if Satoshi—or whoever holds the keys—actively participates. Most of Satoshi’s addresses also predate the BIP-32 standard from 2012, meaning the recovery mechanism may not cover all legacy accounts.
Galaxy Digital’s Alex Thorn has offered a somewhat contrarian view, noting that Satoshi’s coins are distributed across approximately 22,000 separate addresses of 50 BTC each. A quantum attacker would need to target each address individually, which provides a degree of practical friction.
Thorn also notes that Bitcoin markets have absorbed large supply shocks before, and even in a worst-case scenario of Satoshi’s coins entering the market, preserving Bitcoin’s fundamental principles at the cost of a price drop of up to 50% could be considered acceptable by many investors.
The Deeper Question: What Does Bitcoin Owe Its Creator?
The convergence of quantum computing research, legal maneuvering, and protocol governance debates raises a question that transcends technology: what does Bitcoin owe to the person who created it?
One view holds that Satoshi’s disappearance was a feature, not a bug. By walking away, Satoshi ensured Bitcoin would be truly decentralized, belonging to no one. From this perspective, Satoshi accepted—perhaps even intended—that the coins would remain untouched forever, a kind of burnt offering to the network’s founding myth.
Another view is more pragmatic. The quantum threat is real and accelerating. Google’s research has compressed the timeline, and Bitcoin’s anti-centralization governance culture makes coordinating large-scale security upgrades extremely difficult. Unlike Ethereum, which has had a formal quantum resistance migration plan since 2018 with four full-time teams, Bitcoin lacks a unified roadmap. If the community cannot act before Q-Day, the consequences could be catastrophic—not just for Satoshi’s coins, but for all 6.9 million vulnerable BTC.
The Noah Doe lawsuit, however frivolous it may appear, exposes something uncomfortable: the law is not designed for bearer assets that exist only as cryptographic keys. If a court were to rule that dormant bitcoin constitutes abandoned property, the ruling would be practically unenforceable without the private keys—but it could still create legal jeopardy for exchanges, custodians, and anyone attempting to move those coins in the future.
As for Craig Wright, his legacy is not the identity of Satoshi but a demonstration that courts will engage with the question. The UK judiciary has definitively declared he is not Nakamoto, but the mere fact that these cases reached trial at all shows that the legal system can be mobilized around Satoshi’s identity and assets.
The Unwanted Crown
Satoshi’s bitcoin was never meant to be a target. It was the natural byproduct of being first—the original miner accumulating block rewards in the network’s earliest days when no one else was mining. Those coins were supposed to sit as a testament to Bitcoin’s creation myth, a silent fortune that proved the creator’s commitment by never being spent.
Instead, they have become a gravitational center for every force that seeks to challenge or co-opt Bitcoin’s revolutionary promise. Quantum computing threatens the mathematical assumptions that protect them. Craig Wright threatens the legal assumptions about who controls them.
The Noah Doe lawsuit threatens the property assumptions about whether they can be abandoned. And BIP-361 threatens the governance assumptions about whether the community can—or should—intervene.
The irony is thick: the creator who gave Bitcoin to the world, then vanished precisely to prevent any central authority from forming around him, now finds his remaining digital footprint at the center of the very power struggles he sought to escape. Whether Satoshi’s coins survive the quantum era, the courtroom era, and the governance era will test not just Bitcoin’s cryptography, but its soul.
