BIP-361 Could Freeze Inactive Bitcoin Wallets

A proposal circulating in Bitcoin’s developer community would do something the network has never done before: render coins unspendable for users who don’t comply with a protocol upgrade. 

Bitcoin Improvement Proposal 361 (BIP-361), titled “Post Quantum Migration and Legacy Signature Sunset,” outlines a staged transition away from Bitcoin’s current cryptographic foundations toward quantum-resistant alternatives. Users who don’t migrate their holdings to new address formats within the specified windows would eventually find their coins frozen by the network itself.

The Threat Behind the Proposal

The urgency stems from advances in quantum computing and their implications for ECDSA – the Elliptic Curve Digital Signature Algorithm that secures most Bitcoin wallets. When users transact, their public key is exposed on-chain. A sufficiently powerful quantum computer could theoretically derive the corresponding private key from that exposure and seize the funds.

A recent Google report suggested the computational capacity required to break widely used encryption schemes may be lower than previously assumed, narrowing the timeline. Even if a practical quantum attack on Bitcoin remains likely a decade or more away by most credible estimates. Roughly 6.7 million BTC currently sit in addresses considered vulnerable under such a scenario.

BIP-361 builds on an earlier draft, BIP-360, which proposed a new transaction format called pay-to-Merkle-root (P2MR), drawing from Taproot but removing spending paths viewed as quantum-exposed. Contributor Jameson Lopp has argued that waiting for a credible quantum threat to materialize before acting would be too late.

What the Proposal Actually Does

The transition runs in three phases. Three years after activation, users would be blocked from sending funds to quantum-vulnerable address types. Existing holdings could still be spent, but those addresses would stop accepting new deposits. Five years post-activation, legacy signature schemes including ECDSA and Schnorr would be rejected outright, freezing any coins that hadn’t been migrated.

A third phase, still under research, would offer a potential recovery path, allowing affected users to prove ownership of frozen funds using zero-knowledge proofs without revealing their private keys. Whether that mechanism makes it into a final version remains unclear.

A Foundational Argument

The backlash has been immediate and cuts deeper than typical developer disagreement.  For a meaningful portion of the Bitcoin community, the proposal isn’t just technically controversial. It’s philosophically incompatible with what Bitcoin is supposed to be. One critic wrote: 

“Upgrade should be 100% voluntary. The timeline-driven structure resembles central planning, and that’s about as damning a comparison as it gets in Bitcoin circles.”

Proponents reject that framing, writing:  

“This is not an offensive attack. Our thesis is that the Bitcoin ecosystem wishes to defend itself and its interests against those who would prefer to do nothing and allow a malicious actor to destroy both value and trust.”

Either way, the proposal requires accepting protocol-level coercion as a defensive tool, a concession that cuts against Bitcoin’s core promise that no one can touch coins without the holder’s private key. BIP-361 has no path to consensus yet and may never find one. Its existence still marks a real inflection point in how Bitcoin developers are thinking about the protocol’s long-term survival.