exchange token
Bitget Token BGB
Bitget Token (BGB) is a standard ERC-20 token on Ethereum that also serves as the native gas and governance token on Morph chain (Ethereum L2). Under QRI Token Inheritance Rule (7.2), BGB inherits Ethereum's quantum-vulnerable posture: all spend authorization is ECDSA-only, all Ethereum EOAs that have transacted have exposed public keys, and no production PQC protection exists on either host chain. BGB's own ERC-20 contract is minimal and non-upgradeable with no admin functions, which limits token-specific contract-level attack surface, but large value pools are concentrated in classical ECDSA multisig custody wallets controlled by Bitget exchange and the Morph Foundation. Bitget has published general educational content acknowledging quantum threats (Stage 1 awareness), but no BGB-specific cryptographic inventory, quantum risk assessment, PQC deployment, or migration plan exists. The QRI Score of 5 reflects the lowest Stage 1 readiness with no meaningful quantum protection in production. The score is constrained by the Factor Score (5.28), which is lower than both the Stage 1 cap (20) and the Readiness & Risk Cap (10, triggered by absence of public cryptographic inventory).
Token Inheritance: Ethereum L1Exchange TokenQuantum Risk AcknowledgedMorph EcosystemNo Quantum-Specific Audit
Category breakdown
QRI Factors
Algorithm & Implementation Assurance
3.53 / 20
Migration Mechanism, Governance & Ecosystem Coordination
0 / 15
Migration Status & Value-at-Risk
1 / 25
Production Cryptographic Protection
0 / 35
Security Assessment & Evidence Preparedness
0.75 / 5
Critical Quantum Blockers
- All BGB spend authorization on Ethereum relies on ECDSA (secp256k1), which is vulnerable to Shor's algorithm. Active production spend authorization remains entirely ECC-only.
- Bitget exchange holds a significant portion of BGB supply in classical ECDSA multisig cold storage, and the Morph Foundation treasury (220M BGB) relies on classical ECDSA signatures — material long-exposure quantum-vulnerable value pools with no migration path.
- No public cryptographic inventory exists for BGB, its host chains, or its custody infrastructure.
- Morph chain consensus, bridge infrastructure (Chainlink CCIP), and sequencer operations inherit Ethereum's quantum-vulnerable cryptographic assumptions with no independent PQC mitigation.
Key Risks
- HOST-CHAIN INHERITANCE: BGB inherits Ethereum L1's quantum vulnerability. All BGB transfers require ECDSA signatures on secp256k1, which Shor's algorithm can break. Ethereum has no production PQC protection as of June 2026 (LayerQu QRI: 25/100, Stage 2).
- LONG-EXPOSURE PUBLIC KEYS: Every Ethereum EOA that has sent a BGB transaction has exposed its public key on-chain. These represent offline-attackable quantum targets with no time constraint ('harvest now, decrypt later'). BGB has ~21.8K on-chain holders, many with transacted balances.
- EXCHANGE CUSTODY CONCENTRATION: Bitget exchange holds a significant portion of BGB supply in cold storage using classical ECDSA multisig wallets. A quantum compromise of these custody keys could enable theft of exchange-held BGB reserves.
- MORPH FOUNDATION TREASURY: The Morph Foundation holds 220M BGB (released at 2% monthly cap) in treasury wallets secured by classical cryptography, representing a long-duration, high-value quantum target.
- MORPH CHAIN DEPENDENCY: BGB is the native gas and governance token of Morph chain. Morph is an Ethereum L2 with no published quantum security posture, no PQC roadmap, and no quantum risk assessment. Any quantum attack on Morph's sequencer, bridge (Chainlink CCIP), or consensus would directly impact BGB utility and value.
- CROSS-CHAIN BRIDGE RISK: BGB uses Chainlink CCIP for cross-chain transfers between Ethereum and Morph. While CCIP provides classical security guarantees, its quantum resistance is unassessed.
- NO MIGRATION PATH: There is no published plan, mechanism, or timeline for migrating BGB holders, exchange custody, or Morph chain operations to quantum-safe cryptography.
- DORMANT/UNMIGRATABLE HOLDINGS: A portion of BGB supply is held in dormant or inaccessible addresses. With no freeze, burn, or salvage policy for quantum-vulnerable unmigratable value, these holdings would remain perpetually vulnerable.
Assurance Notes
- No quantum-specific audit exists for the BGB ERC-20 contract, Morph chain deployment, or Bitget custody infrastructure. The only known audit (CertiK, August 2023) covers BitKeep Wallet cross-chain bridge (BKB), not the BGB token contract, and has no quantum scope.
- The BGB ERC-20 contract (0x54D2252757e1672EEaD234D27B1270728fF90581) is a minimal, non-upgradeable OpenZeppelin ERC-20 with no admin functions — reducing token-specific contract-level attack surface. Quantum risk is concentrated in custody wallets (exchange cold storage multisigs, Morph Foundation treasury) and host-chain (Ethereum/Morph) spend-authorization paths.
- Bitget Academy has published educational content about post-quantum cryptography and quantum threats (March 2026), demonstrating organizational awareness. However, no BGB-specific cryptographic inventory or quantum risk assessment has been published.
- Morph chain, where BGB serves as native gas and governance token, has no published quantum security posture, PQC roadmap, or quantum risk assessment. As an Ethereum L2, Morph inherits Ethereum's quantum vulnerabilities.
- No formal quantum-specific incident-response playbook, security contact for quantum disclosures, or bug bounty program covering quantum vulnerabilities has been identified.
- The CertiK Skynet score of 87.43 (AA) for BGB is a general security rating with no quantum-specific evaluation.
Non-Scoring Caveats
- The BGB ERC-20 contract is a minimal non-upgradeable contract with no admin functions — this is a positive architectural feature that limits token-specific contract-level attack surface, but it does not mitigate quantum risk at the custody or host-chain layers.
- Bitget's educational content about PQC (March 2026) is a positive signal of organizational awareness but does not constitute a formal quantum risk assessment, cryptographic inventory, or migration plan for BGB.
- BGB's 2024 Ethereum contract migration and 2026 Morph CCIP token swap were classical token swaps with no cryptographic changes — these do not advance quantum readiness.
- Morph chain's Chainlink CCIP integration for cross-chain BGB transfers introduces an additional bridge dependency whose quantum security posture is not independently assessed in this evaluation.
- Per the Note-Only Caveat Rule (7.4), the absence of a quantum-specific incident-response playbook, formal benchmark, and recent quantum audit are recorded as assurance caveats — they do not independently reduce the QRI Score since the quantum-critical vulnerabilities are already fully captured by the absence of any PQC deployment.
Evidence record
Claims and Caveats
Token Inheritance
Host-chain quantum posture (Ethereum L1)
Claim: BGB is a standard ERC-20 token on Ethereum and inherits Ethereum's quantum-vulnerable cryptographic model (ECDSA spend authorization, exposed public keys, BLS consensus signatures, KZG commitments).
Coverage basis: Token Inheritance Rule (7.2) — BGB shares Ethereum L1 QRI posture.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Ethereum L1 has no production PQC; ECDSA spend authorization is entirely quantum-vulnerable. LayerQu rates Ethereum QRI at 25/100 (Stage 2, Acknowledged).
Assurance: Ethereum Foundation has a dedicated Post-Quantum Security team and active devnets, but production PQC is not yet deployed (target ~2029 for L1 upgrades). This is roadmap-level, not production protection.
Verified ERC-20 contract on Etherscan. Contract is minimal (constructor mints 2B tokens to vault), non-upgradeable, with no admin functions.
Token Contract
Token-specific admin/governance keys
Claim: The BGB ERC-20 contract has no admin functions, no mint, no burn, no pause, no ownership transfer, and no proxy upgrade mechanism. There are no token-specific contract-level admin keys.
Coverage basis: Verified contract source code — no privileged functions exist in the deployed bytecode.
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: note-only
Assurance: Contract source code is verified on Etherscan (Exact Match). The contract extends OpenZeppelin ERC20 with no additional functions beyond the standard ERC-20 interface. No independent audit exists specifically for this contract address, but the code is trivially verifiable.
Positive architectural feature: absence of admin keys means no token-specific contract-level quantum attack surface for minting, burning, pausing, or upgrading. Quantum risk remains at custody layer (exchange multisigs, Morph Foundation treasury) and host-chain spend-authorization layer.
Custody
Critical wallet & custody quantum exposure
Claim: Bitget exchange holds a significant portion of BGB supply in cold storage using classical ECDSA multisig wallets. The Morph Foundation holds 220M BGB in treasury. All custody paths use quantum-vulnerable classical signatures.
Coverage basis: Public reports confirm Bitget uses offline multisig wallets; Morph Foundation treasury is on-chain verifiable.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Major BGB value pools (exchange cold storage, Morph Foundation 220M treasury) are secured by classical ECDSA multisig wallets on Ethereum with no PQC migration path.
Assurance: Coin Bureau report (October 2023) may be stale but is consistent with publicly reported practices. Exact multisig configuration, key management practices, and public-key exposure status are not publicly documented. Confidence is Medium due to reliance on secondary sources rather than direct attestation.
The December 2024 token burn of 220M BGB was executed from multisig address, confirming classical multisig custody. The September 2025 transfer of 440M BGB to Morph Foundation further concentrated value in foundation-controlled classical wallets.
Security Assessment
Public cryptographic inventory and quantum threat model
Claim: Bitget has published general educational content about post-quantum cryptography and quantum threats via Bitget Academy, but no BGB-specific cryptographic inventory or quantum risk assessment exists.
Coverage basis: Educational content demonstrates organizational awareness; no formal inventory published.
Implementation score: 0.25 · Evidence confidence: Medium
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Quantum blocker: No public cryptographic inventory exists for BGB. This triggers the 'No public cryptographic inventory' Readiness & Risk Cap at QRI 10.
Assurance: Educational content from Bitget Academy is a positive signal of organizational awareness. However, the articles are generic and do not inventory BGB's specific cryptographic dependencies (ERC-20/ECDSA, Morph chain dependencies, multisig custody, CCIP bridge).
Implementation Score of 0.25 reflects public acknowledgment of quantum risk equivalent to 'draft specification or research plan' tier. This is the highest status supported by evidence.
Security Assessment
Public evidence record supporting assessment
Claim: No BGB-specific quantum evidence record exists — no code references, specs, audits, transaction examples, or reproducible analytics for quantum risk.
Coverage basis: No quantum-specific evidence artifacts identified for BGB.
Implementation score: 0 · Evidence confidence: None
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: No quantum-specific audits, formal verification, penetration tests, or analytic reports exist for BGB's quantum attack surface.
While the ERC-20 contract is verifiable on Etherscan and the general Ethereum quantum threat model is well-documented by the Ethereum Foundation, no BGB-specific evidence record links these general findings to BGB's particular risk profile, value-at-risk concentration, or custody infrastructure.
Production Cryptographic Protection
Spend authorization / transaction signatures
Claim: All BGB transfers on Ethereum require ECDSA signatures on secp256k1. No PQC or hybrid-PQC spend authorization exists.
Coverage basis: BGB inherits Ethereum's ECDSA-only spend authorization model under Token Inheritance Rule (7.2).
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Active production spend authorization remains entirely ECDSA-only. Triggers Readiness & Risk Cap at QRI 40.
Assurance: Ethereum's ECDSA vulnerability is well-understood and publicly documented. EIP-8141 (account abstraction for PQ signatures) is targeted for Hegotá hard fork (H2 2026) but is not yet in production.
BGB on Morph chain uses the same ECDSA-based transaction model inherited from Ethereum's EVM compatibility. No independent PQ signature support exists on Morph.
Production Cryptographic Protection
Account, address, public-key exposure, and key-derivation design
Claim: BGB is held in standard Ethereum EOAs. Any EOA that has sent BGB has exposed its public key on-chain (long-exposure attack surface). Ethereum's address model provides only pre-spend obscurity, not quantum resistance.
Coverage basis: Standard Ethereum account model — all sent-from addresses have exposed public keys.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Material long-exposure quantum-vulnerable value exists in transacted EOAs with no migration, freeze, or deprecation path.
Assurance: BGB has ~21.8K on-chain holders (CoinMarketCap). A significant portion of these addresses have sent transactions, exposing public keys. The exact percentage with exposed keys is not measured but is expected to be high for actively traded exchange tokens.
Accounts that have only received BGB and never sent have not exposed their public key, providing an additional (but not quantum-resistant) layer of obscurity. However, for an exchange token with high velocity, most active addresses have likely sent transactions.
Production Cryptographic Protection
Critical wallet, custody, HSM, and hardware-wallet workflows
Claim: No PQC or hybrid-PQC wallet, custody, or HSM workflows exist for BGB. Bitget exchange custody uses classical ECDSA multisig. No hardware wallet supports PQ signing for BGB.
Coverage basis: No evidence of PQ wallet support for BGB on any platform.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Major value pool (exchange custody) remains quantum-vulnerable with no migration path.
Assurance: No public attestation from Bitget, Morph Foundation, or any custody provider regarding quantum-safe key management for BGB holdings. No hardware wallet vendor supports PQ signing for Ethereum ERC-20 tokens in production as of the evaluation date.
Bitget Wallet (mobile/web) does not advertise any PQ signature support.
Migration Status
Value-at-risk coverage (percentage protected)
Claim: 0% of BGB value-at-risk is protected from quantum key-recovery attacks. No PQC protection exists for any BGB holdings, custody paths, or transaction workflows.
Coverage basis: All BGB value (circulating supply ~699M, FDV ~$1.83B) is held or transacted through quantum-vulnerable ECDSA paths.
Implementation score: 0.05 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Material long-exposure quantum-vulnerable value exists with no migration, freeze, deprecation, burn, recovery, or policy path.
Assurance: Coverage of <25% maps to Implementation Score 0.05 (1/20) per Section 9.3.1. The effective protection is 0%.
BGB's market cap of ~$1.4B (June 2026) with 0% quantum protection represents one of the larger unprotected value pools among exchange tokens.
Migration Status
Critical wallets migrated or protected
Claim: No critical BGB wallets (exchange custody, Morph Foundation treasury, bridge contracts, major holders) have been migrated to or protected by quantum-safe mechanisms.
Coverage basis: Zero critical wallets have published PQ migration or protection.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Major value pool, treasury, and custody path remain quantum-vulnerable with no migration path.
Assurance: No public attestation, migration notice, or PQ key registration from Bitget exchange, Morph Foundation, or any major BGB custodian.
Bitget and Morph Foundation control a supermajority of BGB supply through exchange custody and foundation treasury. Their migration status is the single most important factor for BGB's value-at-risk coverage.
Migration Status
Legacy vulnerable pools identified, measurable, deprecated
Claim: No effort has been made to identify, measure, deprecate, or freeze quantum-vulnerable BGB pools. No salvage, freeze, or burn policy exists for unmigratable vulnerable value.
Coverage basis: No public identification or measurement of quantum-vulnerable BGB value pools.
Implementation score: 0 · Evidence confidence: None
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: No public analytics, dashboard, or report categorizes BGB holdings by quantum exposure.
The BGB token burn mechanism (December 2024, 800M total planned) operates at the tokenomics layer and is unrelated to quantum risk management.
Migration Mechanism
Public migration or protection roadmap
Claim: No quantum migration or protection roadmap exists for BGB, Bitget exchange, or Morph chain.
Coverage basis: No roadmap, proposal, or plan published.
Implementation score: 0 · Evidence confidence: None
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: Bitget's educational content about quantum threats does not include any BGB-specific migration timeline, activation criteria, or dependency analysis.
BGB would ultimately depend on Ethereum's PQC migration (EIP-8141, account abstraction) and Morph chain's independent PQC adoption. Neither host chain has production PQC as of the evaluation date.
Migration Mechanism
Migration accessibility and defaults
Claim: No PQ/hybrid account creation, wallet tooling, transaction paths, custody paths, user-facing warnings, education, or migration prompts exist for BGB.
Coverage basis: No PQ migration tooling or user guidance exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: This is not unique to BGB — no Ethereum ERC-20 token has independent PQ migration tooling as of June 2026.
Bitget Wallet and Bitget Exchange do not provide any quantum-specific warnings, migration prompts, or PQ account creation flows for BGB.
Migration Mechanism
Migration enforcement and coordination
Claim: No enforcement mechanisms exist for BGB quantum migration. Bitget has operational capability for token swaps (demonstrated in 2024 and 2026) but has not applied it to quantum readiness.
Coverage basis: No quantum-specific enforcement mechanisms exist.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: Bitget exchange has demonstrated the ability to coordinate token swaps (2024 Ethereum migration, 2026 Morph CCIP migration), but these were classical migrations with no quantum-security component.
The Morph chain's CCIP integration and token swap infrastructure could theoretically be leveraged for future quantum migration coordination, but no such plans exist.
Migration Mechanism
Emergency disclosure, incident-response, or governance process
Claim: No quantum-specific vulnerability disclosure process, incident-response playbook, or emergency governance mechanism exists for BGB or its supporting infrastructure.
Coverage basis: No public quantum-specific IR documentation exists.
Implementation score: 0 · Evidence confidence: None
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: Per Note-Only Caveat Rule (7.4), the absence of a formal quantum-specific incident-response playbook does not independently reduce the QRI Score unless it leaves a current quantum-vulnerable path unresolved.
Bitget likely has general security incident-response processes as a major exchange, but no quantum-specific procedures have been published.
Algorithm Assurance
Uses NIST-standardized or broadly reviewed PQC/hybrid-PQC algorithms
Claim: BGB has no PQC deployment and does not use any NIST-standardized PQC algorithms.
Coverage basis: No PQC deployment exists in any BGB-related context.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Assurance: NIST finalized three PQC standards in August 2024 (FIPS 203, 204, 205). No evidence that Bitget or Morph Foundation has evaluated any of these for BGB integration.
This subfactor is scored at 0.00 because no PQC algorithms are deployed, not because of algorithm quality issues.
Algorithm Assurance
Independent cryptographic and implementation audit
Claim: No quantum-specific audit exists for the BGB token contract, Morph chain deployment, or Bitget custody infrastructure.
Coverage basis: No quantum-scope audit identified for any BGB-related component.
Implementation score: 0 · Evidence confidence: None
Issue classification: assurance-only caveat · Score treatment: note-only
Assurance: The only identified audit (CertiK, August 2023) covers BitKeep Wallet cross-chain bridge (BKB), not the BGB token contract. Per Note-Only Caveat Rule, the absence of a quantum audit does not independently reduce the QRI Score since there is no PQC implementation to audit.
If BGB were to deploy PQC, a current, in-scope independent audit of the quantum-critical implementation would be required to achieve higher Algorithm & Implementation Assurance scores.
Algorithm Assurance
Open-source, reproducible implementation
Claim: The BGB ERC-20 contract is verified open-source on Etherscan with exact-match source code. The implementation is minimal and reproducible.
Coverage basis: Verified contract source code on Etherscan (Exact Match).
Implementation score: 1 · Evidence confidence: High
Issue classification: none · Score treatment: note-only
Assurance: The contract is trivially reproducible — extends OpenZeppelin ERC20 with no custom logic beyond constructor minting.
Open-source verification applies to the classical ERC-20 implementation. It does not confer quantum security benefit but supports transparency and independent review.
Algorithm Assurance
Parameter agility and future upgrade path
Claim: No parameter agility or documented upgrade path exists for BGB's cryptographic dependencies. The ERC-20 contract is non-upgradeable by design.
Coverage basis: No PQC deployment means no cryptographic agility documentation exists.
Implementation score: 0 · Evidence confidence: High
Issue classification: quantum-critical uncertainty · Score treatment: score-reducing
Assurance: The non-upgradeable nature of the BGB ERC-20 contract prevents malicious upgrades but also means the token contract itself cannot be upgraded for PQC without a full token swap migration.
Future cryptographic agility for BGB would depend on Ethereum's account abstraction (EIP-8141) for spend authorization, not on token contract upgrades.
Morph Chain
Morph chain quantum posture (BGB as native gas/governance token)
Claim: BGB is the native gas and governance token of Morph chain (Ethereum L2). Morph has no published quantum security posture, no PQC integration, and no quantum migration plan.
Coverage basis: Morph chain documentation and public materials contain no quantum-related content.
Implementation score: 0 · Evidence confidence: Medium
Issue classification: quantum-critical vulnerability · Score treatment: score-reducing
Quantum blocker: Morph chain's consensus, bridge (Chainlink CCIP), and sequencer infrastructure rely on quantum-vulnerable Ethereum-compatible cryptography with no independent PQC mitigation.
Assurance: Morph chain is relatively new as BGB's native home (strategic partnership announced September 2025). The absence of quantum documentation may reflect early-stage development rather than deliberate neglect.
Morph's focus on payments infrastructure (PayFi) makes quantum readiness particularly important — payment systems process long-duration value flows where 'harvest now, decrypt later' attacks are relevant.
Report metadata