QuanChainQuanChain
Security

Cold Storage and Quantum Risk: What Quantum Computers Can and Can't Steal

Cold storage protects your private key from the internet. It does nothing about the cryptographic algorithm used to secure your funds. These are two different problems.

Dr. Sarah ChenDr. Sarah Chen
June 26, 2026
8 min read
Share
Part of the How to Protect Your Crypto from Quantum Computers: A Practical Guide for 2026 series

What Cold Storage Is and What It Protects Against

Cold storage means your private key has never touched an internet-connected device. In practice, this includes hardware wallets used in air-gap mode, paper wallets generated on an offline computer, metal seed phrase backups in a physical vault, and signing devices that never connect to a network.

The threat model cold storage addresses is classical private key theft: malware on your computer, phishing attacks that trick you into entering your seed phrase, remote access exploits, exchange hacks, and insider threats at custodians. Against these threats, cold storage is highly effective. The private key is only as accessible as the physical device or piece of paper holding it. Stealing it requires physical access or social engineering the key holder directly.

Cold storage has an excellent track record against classical attackers. Most large-scale crypto thefts involve compromised hot wallets, exchange hacks, or user error, not cracked cold storage. For the threats that exist today, cold storage is a serious security measure.

The Misconception: Cold Storage Does Not Equal Quantum Safety

Cold storage and quantum resistance are orthogonal security properties. They address different attack surfaces. Cold storage addresses the question of who can access your private key directly. Quantum resistance addresses the question of whether someone who sees your public key can derive your private key mathematically.

A quantum attacker does not need your private key. They do not need physical access to your cold storage device. They do not need your seed phrase. They need your public key, which is published on a public blockchain every time you send a transaction. Your air-gapped hardware wallet, your fireproof safe, your distributed seed phrase backups, none of these protect against an attack that starts from data already on the blockchain.

This is the core of the quantum threat to cold storage holders: you already have data on-chain. If you have ever sent a transaction from any address you control, that address's public key is in the historical blockchain data right now, and has been since the moment you sent. A quantum attacker with sufficient capability can work from that data without ever coming near your cold storage device.

When Cold Storage Does Not Protect Against Quantum Attack

Cold storage fails to protect against quantum attack in two specific scenarios:

Scenario 1: Addresses With Outgoing Transaction History

If you have ever sent funds from an address, that address's public key is on the blockchain. This is true for every ECDSA-based chain: Bitcoin, Ethereum, and all EVM-compatible networks. The public key is included in the transaction input as part of the signature verification data. Any address with at least one outgoing transaction has an exposed public key, regardless of whether the private key is in cold storage.

For a comprehensive explanation of how this exposure creates risk over time, see our article on harvest-now-decrypt-later attacks.

Scenario 2: Legacy P2PK Bitcoin Addresses

Pay-to-Public-Key (P2PK) is an early Bitcoin output type used by Satoshi Nakamoto's original mining rewards and early transactions. In P2PK, the output script contains the full public key directly, not a hash of it. This means the public key is exposed even for addresses that have only ever received Bitcoin and never spent it.

If you hold Bitcoin in P2PK outputs in cold storage, quantum exposure is already present. Your private key is safe from classical theft, but the public key is visible to anyone examining the blockchain. This is a concrete risk that cold storage does not address.

For a detailed breakdown of Bitcoin-specific quantum vulnerabilities, read our Bitcoin quantum vulnerability analysis.

The Two Security Properties, Side by Side

It helps to think of these as two separate axes:

  • Key theft protection (classical attackers): Cold storage helps significantly. Hardware wallets, air gaps, and physical security are your tools here. The threat is real today.
  • Quantum cryptographic resistance (quantum attackers working from public blockchain data): Cold storage is irrelevant. The signature algorithm is what matters. ECDSA is vulnerable; ML-DSA is not.

A well-secured cold storage setup using ECDSA has strong key theft protection and zero quantum resistance. A software wallet using ML-DSA on a connected device has poor key theft protection (assuming no other security measures) and strong quantum resistance. These are independent dimensions of security.

The most common mistake is treating cold storage as a proxy for overall security and assuming it covers quantum risk by extension. It does not. Understanding this distinction matters for how you evaluate your overall risk posture.

What Cold Storage Users Should Actually Check

If you use cold storage and want to understand your quantum exposure, work through these checks:

  1. Identify every address associated with your cold storage device or seed phrase. This means every address on every derivation path you have used across every chain.
  2. For each address, check whether it has any outgoing transaction history using a block explorer. An address with zero outgoing transactions has a hidden public key (assuming it is not P2PK).
  3. For Bitcoin specifically, check whether any of your UTXOs are in P2PK output format. These are identifiable by looking at the output script type on a blockchain explorer. P2PK outputs start with a push of a 65-byte or 33-byte public key directly.
  4. Categorize your holdings: (a) addresses with exposed public keys that you should prioritize migrating, and (b) addresses with hidden public keys that are lower priority.
  5. Check your Bitcoin address types. P2WPKH (native SegWit, "bc1q...") and P2TR (Taproot, "bc1p...") addresses hash the public key before putting it on-chain. P2PKH (legacy, "1...") and P2SH-P2WPKH are in between. P2PK has no hash protection.

Combining Both Protections

The right approach is to address both threat vectors. Cold storage protects against classical theft, which is the active threat today. Migrating to post-quantum signature schemes protects against quantum attack, which is the medium-to-long-term threat.

For assets you want both properties simultaneously, QuanChain is designed to provide them: the protocol uses ML-DSA signatures for quantum resistance, and you can hold your keys in cold storage for classical theft protection. The TADEQS architecture handles key rotation at the protocol level so that spending does not permanently compromise your security posture. Read the overview of protecting your crypto from quantum threats for practical next steps across your full holdings.

Dr. Sarah Chen

Dr. Sarah Chen

Head of Cryptography Research

Dr. Sarah Chen leads cryptographic research at QuanChain, specialising in post-quantum algorithm integration and quantum threat timeline analysis. She holds a PhD in cryptography and has published extensively on lattice-based cryptographic systems and their application to distributed ledger security.

Related Articles

Security

Hardware Wallet Quantum Vulnerability: What Ledger, Trezor, and Coldcard Don't Yet Do

8 min read

Dark interior with a diagonal teal light beam slanting from the upper right, heading "Harvest Now, Decrypt Later: Why the Quantum Threat Is Already Here"

Security

Harvest Now, Decrypt Later: Why the Quantum Threat Is Already Here

14 min read

Bitcoin B logo fragmenting and dissolving into a teal particle cloud with a teal laser beam, heading "Bitcoin's Quantum Vulnerability"

Security

Bitcoin's Quantum Vulnerability: A Complete Technical Analysis

9 min read

Concentric teal shield outlines nested inside each other with a teal beam targeting the center, heading "How to Protect Your Crypto from Quantum"

Security

How to Protect Your Crypto from Quantum Computers: A Practical Guide for 2026

10 min read

Back to Blog