Jumping into Bitcoin News Today, French cybersecurity agency ANSSI (National Agency for the Security of Information Systems) Announce At the annual France Quantum conference, it will stop certifying security products that lack quantum-resistant encryption from 2027, with a deadline for a full corporate transition in 2030, a mandate that applies to French government agencies and critical infrastructure operators in accordance with regulatory requirements, and arrives in due course. Glassnode May 2026 Report It identifies 6.04 million bitcoins, roughly 30.2% of the issued supply, as holding public keys visible on the chain.
This is not just a European purchasing rule. It’s the most specific deadline the government has issued yet to deprecate classical public-key cryptography, and comes at a moment when the Bitcoin security community is measuring how much of the network’s supply is structurally exposed for a powerful quantum computer.
ANSSI has sent a clear signal: starting in 2027, products seeking certification will need to address the quantum threat through post-quantum cryptographic protections.
With the increasing risk of “harvest now, decrypt later” attacks, preparing for the post-quantum transition is becoming more difficult.
– SEALSQ (@SEALSQcorp) June 18, 2026
Bitcoin Security News Today: How Glassnode Unbundles 6.04 Million BTC Exposure
Glassnode divides exposed exposure into two distinct categories. The first is 1.92 million BTC (about 9.6% of the supply), which is classified as structurally exposed, an output that exposes the public key by design, including P2PK (payment to public key) outputs from Satoshi-era mining rewards, multi-signature baretexts, and Taproot (P2TR) outputs. The second is 4.12 million BTC (~20.6%) classified as operationally exposed, where public keys became visible through address reuse, partial UTXO spending, or custodial practices.
The analytical focus of the report is notable: Glassnode emphasizes that the primary risk lies in current storage practices rather than legacy currencies. The exchanges account for an estimated 1.63-1.66 million BTC of the operationally exposed pool. By contrast, sovereign Bitcoin holdings in the US, UK and El Salvador are said to show zero quantitative exposure, suggesting that those positions are using unexposed UTXO types. 13.99 million Bitcoins (about 69.8%) with no public key exposed at rest are considered safe under the Glassnode framework.
Glassnode revealed that about 6.04 million bitcoins (nearly 30% of bitcoin supply) are theoretically at risk from future quantum threats because the public keys are already visible on the chain.
What’s even more interesting is that 4.12 million BTC of those risks stem from preventable practices like address… pic.twitter.com/qznsfApz8P
– Evans (@evans1vn) May 27, 2026
The threat mechanism is clearly defined. Bitcoin transaction signing is based on ECDSA (Elliptic Curve Digital Signature Algorithm) on the secp256k1 curve, with security based on the discrete logarithm of the elliptic curve problem. A fault-tolerant quantum computer running Shor’s algorithm can recover a private key from any public key already visible on the chain, meaning the 6.04 million bitcoins with exposed keys will be at immediate risk once Q-Day arrives. Hash-of-pubkey outputs, such as P2PKH, carry an additional layer of protection until they are consumed.
discovers: Ethereum quantum security hard fork plans explained
Post-quantum cryptography: ANSSI delegation and the compressed timeline
ANSSI Chief of Staff Samih Souissi, speaking at the France Quantum conference, framed the policy shift in terms that extend beyond technical parameters. “It is not just a technical issue,” Souissi said. “It is an issue of governance, industrial planning, regulation and sovereignty.”
The agency’s roadmap calls for organizations to inventory sensitive data by the end of 2026, map affected systems by the end of 2027, and fully transition to post-quantum cryptography (PQC) by 2030.
The timeline aligns with, and in some ways accelerates, signals from other large institutions. In March 2026, Google set an internal deadline of 2029 to transition its systems to PQC. Quantum security firm Project Eleven estimated in May 2026 that a cryptographic-related quantum computer could arrive as early as 2030.
🌍 Update: France bans legacy encryption by 2027
French cybersecurity agency ANSSI is mandating a major encryption overhaul, halting adoption of legacy cryptography by 2027 and mandating exclusively quantum-secure products by 2030.
ANSSI will stop certifying… pic.twitter.com/tTFX57AB8J
— Zoubico (@Zubico) June 18, 2026
NIST has indicated its intention to retire classic public key systems, including RSA and ECC, by around 2030 and to end their use by around 2035, timelines that major software vendors are now building into their hardware security and operating system roadmaps.
Academic research cited at DEF CON 33 suggests that at least 1,754 logical qubits, under optimistic scaling assumptions, could be enough to attack a secp256k1-based blockchain, although most experts place a realistic threat window at ten to twenty years.
Previous quantitative work has placed the exposed BTC number in a wide range. A study by Deloitte estimated approximately 4 million bitcoins are held in P2PK or reused P2PKH addresses, while a 2025 paper by Chaincode Labs estimated between 4 and 10 million bitcoins across broader vulnerability categories. The Glassnode number of 6.04 million falls within this range and applies narrower, more precise criteria.
discovers: Long-Term Bitcoin Holders Surrender: On-Chain Supply Dynamics
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to provide accurate and timely information but should not be considered financial or investment advice. Since market conditions can change rapidly, we encourage you to verify the information yourself and consult with a professional before making any decisions based on this content.
Daniel Francis is a technical writer and Web3 educator specializing in macroeconomics and DeFi mechanics. A crypto native since 2017, Daniel brings his background in cross-chain analytics to author evidence-based reports and detailed guides. It is certified by the Blockchain Council and is dedicated to providing “information gain” that cuts through the market noise to find blockchain’s real-world utility.
