You forgot Satoshi's 1000000 bitcoins that have newer been moved, but still have their public keys visible.
Those addresses are difficult to protect from QC, because even if we implement a QC-resistant algorithm, those can't be protected or otherwise even Satoshi couldn't move them.
That's quite interesting, I didn't know that. I couldn't find anything useful on Google, got any more info on that? How are the public keys to Satoshi's old stash known, where public keys public before the protocol was changed to the way it works now?
At the beginning bitcoin used pay to public key (P2PK) instead of the pay to public key hash (P2PKH) that we are using now.
When using P2PK the public key is published in the blockchain when the "address" receives coins.
Actually. without QC, the P2PK is even safer than P2PKH, because there is only ONE valid private key that can be used to spend coins from P2PK, while there are 2^96=79228162514264337593543950336 valid private keys to all P2PKH addresses. Because of the Ripemod160 hash.
I do not know any wallet that would still support paying to P2PK "addresses", but there are some scripts in the net that can still be used for creating P2PK "addresses"