New Ledger Scan Shows How Much XRP Is Quantum-Exposed

A full-history scan of the XRP Ledger has put fresh numbers on one of crypto’s more uncomfortable long-term security questions: how exposed current accounts may be to a future quantum-computing threat. The analysis, shared by dUNL validator Vet on X, examined all 7,810,364 XRP Ledger accounts and found that 76.82 billion tokens is currently held in accounts whose public keys have already been exposed through signed transactions. The thread does not argue that quantum-capable attackers are an immediate operational risk. Instead, it frames the issue as a future migration and governance problem. Once quantum-resistant cryptography is implemented , active users can move funds to new quantum-safe accounts. The harder question is what happens to accounts that cannot move. “What’s the problem with the Quantum threat that is so difficult to agree on how to solve?” Vet wrote. “We’ll need Quantum proof encryption eventually. That is most likely outcome. This means, once we implement such encryption, everyone can transfer their funds to a Quantum threat proof XRP account.” The difficulty, he argued, starts where user agency ends. Dormant accounts may belong to people who lost keys, forgot about holdings, died, or are temporarily unable to act. In a future where quantum computers can exploit exposed public keys, those funds could become vulnerable while the owner remains silent. “Here is already the Problem though,” Vet wrote. “People who can’t move their funds to a Quantum threat proof XRP account are at risk to have their funds stolen in a future with capable enough Quantum computers.” Why Exposed Public XRP Keys Matter Vet’s analysis rests on a key distinction: an account is considered “quantum exposed” only if it has submitted a signed transaction that revealed its public key on-ledger. Accounts that have never signed a transaction have not exposed that public key and are therefore treated as quantum safe under the framework used in the scan. That distinction creates a split across the ledger. According to Vet, 5.6 million accounts holding 76.82 billion tokens are quantum exposed when dormancy is not considered. However, he said 96% of that exposed XRP is held by active accounts, meaning those users would be expected to migrate once a quantum-resistant account model becomes available. The more contentious slice is dormant supply. Accounts that are both quantum exposed and dormant for at least five years hold 3.83% of all quantum-exposed XRP supply. Against total XRP supply, that represents 2.94%. The oldest dormant category, accounts dating back to the ledger’s 2013 genesis year, represents 0.03% of exposed XRP supply and 0.024% of total supply. The account count follows the same pattern. Vet identified 1.33 million accounts in the five-year dormant and exposed bucket, while the 2013 dormant group contains roughly 15,000 accounts. A Smaller Dormant Risk Than Bitcoin? Vet positioned the XRP Ledger’s dormant exposure as materially smaller than Bitcoin’s most discussed quantum-risk edge case: early unmoved BTC, including coins attributed to Satoshi Nakamoto. “Massively lower than Bitcoin, where genesis accounts alone aka Satoshi BTC are about 5% of supply,” he wrote. “That’s supply that is expected to not move to quantum safe addresses. This is not even including BTC sitting in P2PK accounts outside of Satoshi holdings.” The comparison is important because the quantum debate in crypto is not only technical. It is social. If a network introduces quantum-resistant account types, active users can rotate. Dormant users cannot. That raises a difficult governance question: should untouched funds remain exposed, should protocol rules somehow protect them, or should the network accept the risk that future attackers may drain accounts whose owners never migrated? Related Reading: XRP Sentiment Tanks To A 2-Year Low—But History Hints At Major Bullish Comeback Vet described the dormant-account issue as a “litmus test for blockchains social layer,” noting that the XRP Ledger community faces the same type of question Bitcoiners have debated around early wallets. Multi-Sig Is Not Automatically Safe The scan also found that around 27% of XRPL accounts are already quantum safe, collectively holding approximately 23.16 billion XRP. Vet said these accounts either never signed a transaction, meaning their public key never appeared on the ledger, or they disabled their master key and now sign through a fresh RegularKey or SignerList that has not been exposed. But the analysis also cautions against assuming that more sophisticated wallet setups are protected by default. Vet said 242 multi-signature wallets hold 36.60 billion XRP, equal to 36.6% of total supply, in a state where a quorum of signer public keys is already visible on-ledger. The largest examples, he said, include Ripple’s escrow distribution wallets. “So even sophisticated multi-sig setups aren’t automatically safe — they require disciplined signer-key rotation,” Vet wrote. The key nuance is operational. A single-key account can remain safe until it needs to spend, but spending reveals the relevant public key. Multi-signature setups can preserve safety if the quorum threshold is not yet exposed. Vet gave the example of a 4-of-8 SignerList with the master key disabled and only three signers’ keys visible on-ledger: the account can remain quantum safe because the exposed keys are still below the signing threshold. At press time, XRP traded at $1.3758.