Without it the accounts are sitting ducks. Big fat juicy ducks just waiting to be poached.

In Bitcoin public keys are hashed when publicly exposed, in the optimal case the ECDSA public keys are visible for only a period of a few minutes between broadcast of a transaction, and it being confirmed.

It is not an incompatible change to add new signature methods, a conservative implementation would have the public key commit to both an ecdsa key, and a quantum safe signature type, and use the committed ECDSA signature until such a time as it is no longer safe. This would result in no gain in signature size today, but allows for instant upgrades in place in the future with no additional transactions required.

Not anymore. Taproot keys are public.

You can recover a bitcoin public key from a valid signature.

But couldn’t it be stolen just as easily from the thief?