Bitcoin's weak spots — an honest look

We are not here to hype. Bitcoin has real risks. Here are the main ones, each paired with the honest reality — so you can judge for yourself.

1 · Quantum computing

The risk: a powerful enough quantum computer could one day break the cryptography that protects wallet ownership. Coins whose public key is already visible on-chain (estimated around 6–7 million BTC, roughly a third of the supply, including Satoshi's old coins) would be the "low-hanging fruit".
The reality: it cannot touch mining or the ledger — only signatures. Bitcoin's signatures rest on 256-bit elliptic-curve cryptography and today's quantum machines are nowhere near capable. Most cryptographers put the threat at 2030 or later; some say decades. Fixes are already being worked on: a post-quantum address type (BIP-360) and a migration plan to retire the old signatures (BIP-361).
Your move: use a fresh address for each receive (don't reuse addresses), so your public key isn't exposed until you spend. Modern wallets do this by default.
Satoshi anticipated this. Back in June 2010, on the question of a broken hash, Satoshi wrote that "SHA-256 is very strong" and could last for decades barring a major breakthrough — and described how the network could agree on the honest chain up to that point and transition to a new hash function in an orderly way. The risk was foreseen and is fixable.

2 · Exchanges & custodians (the real day-to-day danger)

The risk: if you leave coins on an exchange, you don't hold the keys — they do. Exchanges get hacked or fail. This is not rare: in 2025 alone, exchange and platform breaches ran into the hundreds of millions of dollars (the Bybit hack early that year was the largest in crypto history).
The reality: this is human risk, not a flaw in Bitcoin. Bitcoin worked exactly as designed; the custodian failed.
Your move: "not your keys, not your coins." Move savings to self-custody (your own wallet, your own seed). This is what our Crash Courses teach.

3 · Lost keys

The risk: there is no password reset and no bank to call. Lose your seed phrase and the coins are gone forever. A large share of all BTC is believed permanently lost this way.
The reality: this is the flip side of true ownership — the same property that means no one can seize your coins means no one can recover them for you.
Your move: back up your seed properly (offline, multiple copies), and consider a passphrase. Metal backups survive fire and water, which is why they're often recommended — but that durability cuts both ways: a metal plate is also hard to destroy quickly if your own situation ever called for that. The right backup depends on what you are protecting against. Covered step by step in the courses.

Old wallet files can hold keys to funds you've forgotten about, or change from past transactions. Deleting a wallet can wipe those keys forever. Keep old backups safe rather than throwing them away.

Why can't someone just guess your address?

Because the number of possible Bitcoin addresses is almost unimaginably large — about 1.46 × 10⁴⁸, that is a 146 followed by 46 zeros. To put that in perspective, it is vastly more than the number of grains of sand on every beach on Earth. Guessing or brute-forcing someone's key by chance is, for all practical purposes, impossible — which is exactly why self-custody is safe when you protect your seed.

4 · Mining centralisation / 51% attack

The risk: a few large mining pools control much of the network's power — at times the top pools combined exceed 70%. In theory, controlling 51% could allow double-spends or censorship.
The reality: it is economically irrational — you'd need hardware equal to half the network, huge sustained electricity, and the moment an attack is detected the price (and your hardware's value) collapses. Pools are also made of many independent miners who can leave.
Your move: nothing for a normal holder — but it's a real reason to watch pool concentration and support decentralised mining.

5 · Volatility, scams & your own mistakes

The risk: the price swings hard; scammers are everywhere; and a single typo in an address or a leaked seed loses funds with no undo.
The reality: most people who "lose money in Bitcoin" lost it to a scam, an exchange, or a mistake — not to Bitcoin failing.
Your move: learn before you risk money, never invest more than you can lose, and if you've been hit, see Scam Trace.

6 · What if the internet is shut off?

The risk: Bitcoin needs a network to move. A government can throttle or cut the internet, and crypto sites can be blocked — as happens during unrest.
The reality: Bitcoin was built for this. The whole blockchain is broadcast from space by Blockstream Satellite (since 2017, covering most of the world) — a small dish and USB receiver sync a node with no internet. Transactions can also travel over long-range radio (LoRa) mesh, ham radio, or even plain SMS. During Iran's 2025 blackout people kept transacting this way; in Venezuela and Africa, radio-mesh and SMS Bitcoin already work.
The honest caveat: receiving via satellite is easy; sending needs a radio uplink, and somewhere at least one node still needs internet to push the transaction to miners. So a national shutdown is survivable today — a simultaneous global shutdown is the real edge case.
Your move: for most people, nothing — but it's reassuring that the rails exist. Enthusiasts can run a satellite kit or LoRa node as a backup.

Bottom line: Bitcoin's protocol has never been hacked in over 15 years. Almost every real loss comes from custody, scams, lost keys, or human error — which is exactly what learning self-custody protects against.