Only applies for Bitcoin address where it's public key is known
something has occurred to me since this all started
is it not the case that Taproot/tapscripts output would expose it's public key in it's pubkey script on the chain
before it is spent? I'm gonna have to check that out today, I'm not certain
If so, I don't think this is some kind of oversight on the part of Taproot's design; as was pointed out upthread, if a QC-based attacker scans the mempool for inflight transactions, the hashed public key offers them zero protection during the time between broadcasting a tx and it getting confirmed. That amount of time could easily be long enough to use the QC to resolve the private key from the (briefly exposed) public key.
This post is subject to change if I'm wrong! Re-reading the Taproot/Tapscript BIPs right now...
https://github.com/sipa/bips/blob/bip-schnorr/bip-taproot.mediawikihttps://github.com/sipa/bips/blob/bip-schnorr/bip-tapscript.mediawiki