BTC
$108,497.17
–
0.44%
ETH
$2,565.43
+
0.05%
USDT
$0.9999
–
0.01%
XRP
$2.3420
+
1.06%
BNB
$662.38
+
0.08%
SOL
$153.01
+
0.66%
USDC
$0.9999
+
0.00%
TRX
$0.2874
+
0.88%
DOGE
$0.1707
–
1.85%
ADA
$0.5895
–
0.40%
HYPE
$39.74
+
0.49%
SUI
$2.9168
–
1.53%
BCH
$497.43
+
0.99%
WBT
$44.87
–
0.29%
LINK
$13.67
+
1.27%
LEO
$9.0538
+
0.46%
XLM
$0.2563
+
4.54%
AVAX
$18.27
–
0.17%
SHIB
$0.0₄1172
–
1.51%
TON
$2.7901
–
5.21%
By Shaurya Malwa|Edited by Parikshit Mishra
Updated Jul 7, 2025, 1:11 p.m. Published Jul 7, 2025, 1:00 p.m.
- A security upgrade may have prompted the transfer of over $8 billion in bitcoin from dormant Satoshi-era wallets to modern addresses.
- The funds were moved to bc1q-style addresses, which offer enhanced security and efficiency compared to older formats.
- There is no evidence that the bitcoin is being sold, suggesting the move was a precautionary security measure.
A wallet security upgrade could be the reason why a long dormant Satoshi-era wallet moved over $8 billion worth of bitcoin
last week, according to on-chain analytics firm Arkham.
On-chain data shows eight wallets, each holding 10,000 BTC since 2011, moved their funds to modern bc1q-style addresses, a more secure and efficient format than the older legacy 1–prefix addresses.
Verhaal gaat verder
The new addresses are native SegWit formats that offer lower fees, improved transaction efficiency, and stronger protection against certain types of exploits.
Arkham, which flagged the transfers, said there’s no evidence the whale is selling any of the bitcoin. The funds remain untouched in the new wallets, suggesting that the move was proactive and likely part of a broader operational security measure rather than a response to market activity.
Meanwhile, Ledger CTO Charles Guillemet flagged on X that certain OP_Return messages sent to those wallets displayed legal notices intended for the owners of those wallets.
Days before the transfers, the old wallets received OP_RETURN messages claiming legal possession of the coins unless the owner responded by a set deadline.
While some feared a hack, Guillemet noted the sender never proved private key access and targeted many dormant wallets, not just these eight. The timing suggests the original owner was possibly spooked by the messages and may have acted preemptively to reassert control.
“In the past, private keys have been compromised due to poor cryptographic practices, such as predictable nonce usage or low-quality random number generators, but that doesn’t seem to apply here,” Guillemet said in an X post.
“Pure coincidence: the timing may be random. The real owner of the 80,000 BTC saw the OP_RETURN messages and moved the funds as a precaution,” he added alongside other observations.
OP_RETURN is a Bitcoin function that lets users attach short messages or data to a transaction, without affecting the transfer of actual coins.
Read more: $8B BTC Movements May Have Been Preceded by Covert Bitcoin Cash Test
Shaurya is the Co-Leader of the CoinDesk tokens and data team in Asia with a focus on crypto derivatives, DeFi, market microstructure, and protocol analysis.
Shaurya holds over $1,000 in BTC, ETH, SOL, AVAX, SUSHI, CRV, NEAR, YFI, YFII, SHIB, DOGE, USDT, USDC, BNB, MANA, MLN, LINK, XMR, ALGO, VET, CAKE, AAVE, COMP, ROOK, TRX, SNX, RUNE, FTM, ZIL, KSM, ENJ, CKB, JOE, GHST, PERP, BTRFLY, OHM, BANANA, ROME, BURGER, SPIRIT, and ORCA.
He provides over $1,000 to liquidity pools on Compound, Curve, SushiSwap, PancakeSwap, BurgerSwap, Orca, AnySwap, SpiritSwap, Rook Protocol, Yearn Finance, Synthetix, Harvest, Redacted Cartel, OlympusDAO, Rome, Trader Joe, and SUN.
