I'm not saying the quantum apocalypse will happen tomorrow, but I also don't think it's wise to live as if it's impossible in the coming years. If your wealth depends on the assumption that no one is making significant progress behind closed doors, that's already a serious vulnerability.
You are probably trying to promote some shitcoin judging from the second part of the post, but I concede you the benefit of the doubt for now and answer, also to prevent newbies getting scared from your post.
What you forget is that there is a way to protect your coins already:
Do not reuse your addresses. Above all if they're meant for cold storage.
As I wrote above, there's discussion in the mailing list, there has been a draft BIP already, and at least some of the Bitcoin developers are open for changes. But if the current research on post-quantum cryptography is simply not mature enough, then it doesn't make sense to hurry up just because there's a 0,001% probability of someone stealing some old P2PK coins in the next 10 years.
A hack of a single Satoshi-era address, or two or three, in the next 10 years would not be the apocalypse, it would be a hack like any other. If that happens, then it's really time to upgrade, but that's some time away still.
The technology evolution needed between the scenario "crack a P2PK key from Satoshi's era in 1 year" and "crack a key in 10 minutes while the transaction is in the mempool" is huge. And only if this happens, the strategy of not reusing addresses isn't enough anymore and Bitcoin needs to upgrade.
You’re right in saying that not reusing addresses mitigates much of the current risk, especially for those still holding untouched cold wallets. But that only holds true while the public key hasn’t been revealed. Once a transaction is made and the pubkey is on-chain (as happens with any spent P2PKH, P2SH, multisig, Lightning, etc.), the address becomes a permanent target. At that point, “not reusing” is no longer sufficient.
People also tend to underestimate the time window during which a transaction sits in the mempool. Even new and seemingly “secure” addresses may have their public key exposed during that short gap between signing and confirmation. In a scenario where a quantum-capable actor can act within that timeframe, good key hygiene beforehand won’t matter, the risk becomes immediate.
As for the tech evolution: the jump from “breaking an old P2PK key in a year” to “doing it in 10 minutes” seems big, but progress in quantum computing is exponential, not linear. When that threshold is crossed, the security breach becomes retroactive, every already-exposed address will be compromised. That includes legacy multisig outputs, contracts, sidechains, and bridges. It’s literally a ticking time bomb already written into the blockchain.
And about the idea that “if it happens, we’ll just update”: it’s important to remember that Bitcoin is conservative by design. No change is trivial. Updating the user base, finalizing BIPs, ensuring backward compatibility - all while under the pressure of a live attack - would be chaotic. Having a transition plan ready is essential. Waiting to react is the real risk.
So this isn’t alarmism, it’s simply acknowledging that Bitcoin’s current cryptographic foundations (elliptic curves, ECDSA, etc.) have an expiration date in the face of quantum computing.