Every blockchain in existence runs on cryptography that quantum computers will eventually break. This is not speculation. It is mathematics proven three decades ago.
The question has shifted from “if” to “when” and more urgently, to “who is ready?”
NIST finalized its first post-quantum cryptography standards on August 13, 2024. The U.S. government has mandated federal systems phase out quantum-vulnerable encryption by 2035. Major tech roadmaps from IBM, Google, Microsoft, and Intel suggest cryptographically relevant quantum computers could arrive within 5-10 years.
The blockchain industry is responding. Some networks were built with quantum resistance from day one. Others are retrofitting defenses. A few have already deployed post-quantum transactions on mainnet. Here’s where the industry stands.
At Hedera DevDay 2026, Leemon Baird spoke on post-quantum readiness for Hedera, staking and protection of the network:"What about us at Hedera? Can we become post-quantum, eb safe against post-quantum comptuers."$HBAR pic.twitter.com/86MZMbNvLX
— ALLINCRYPTO (@RealAllinCrypto) February 19, 2026
The Threat: What Quantum Computers Will Break
Blockchain security depends on math problems that are impossible for today’s computers to solve. Quantum computers will solve them.
- Digital Signatures (Critical): When you sign a transaction, your public key is exposed. Today, no computer can reverse-engineer your private key from that public key. A quantum computer running Shor’s algorithm can. That means forged signatures, drained wallets, rewritten history.
- Hash Functions (Reduced, Not Broken): Hashing algorithms like SHA-256 get weaker but not broken. Quantum attacks cut their security roughly in half. Networks using stronger hashes (like Hedera’s SHA-384) have more margin.
How Much Is at Risk?
The exposure is measured in hundreds of billions of dollars.
Bitcoin
| Vulnerability Category | BTC Exposed |
|---|---|
| P2PK addresses (public key permanently on-chain) | 1.91 million BTC |
| Reused addresses (public key revealed via prior transactions) | Up to 4.98 million BTC |
| Total potentially vulnerable | ~6.89 million BTC |
That’s approximately 28.6% of circulating Bitcoin supply, over $600 billion at current prices.
The exposure includes an estimated 1.1 million BTC attributed to Satoshi Nakamoto, held in early P2PK format. These coins cannot be migrated because no one holds the private keys. If quantum computers arrive before Bitcoin upgrades, those coins either become a target or must be frozen through contentious protocol changes.
Ethereum and DeFi
Any Ethereum address that has sent a transaction has revealed its public key. The entire DeFi ecosystem, hundreds of billions in TVL across lending protocols, DEX, and bridges, operates on quantum-vulnerable signatures.
Ethereum’s account abstraction roadmap provides more flexibility for migration than Bitcoin’s UTXO model, but coordination across thousands of smart contracts remains complex.
The “Harvest Now, Decrypt Later” Problem
Even if quantum computers are a decade away, adversaries can record signed transactions and encrypted data today, then break them later. Nation-state actors are almost certainly archiving blockchain data and encrypted communications for future decryption.
For encryption, this is an immediate crisis. For signatures, the vulnerability materializes when quantum capability arrives, but the exposure is being created now.
Quantum computing isn't just a future tech milestone; it’s a present-day security risk.
— Cisco Enterprise Networking (@CiscoNetworking) February 11, 2026
With "Harvest Now, Decrypt Later" (HNDL) tactics, encrypted data intercepted today could be vulnerable the moment quantum computers scale.
That’s why @orangebusiness and Cisco are… pic.twitter.com/8wY6SvzfpH
Timeline: When Does This Become Real?
Current state:
- No cryptographically relevant quantum computer (CRQC) exists today
- Current systems have reached ~1,000+ physical qubits, but lack error correction for Shor’s algorithm
- Breaking secp256k1 requires an estimated 2,000-4,000 error-corrected logical qubits
- Each logical qubit requires hundreds to thousands of physical qubits
🚨 Google's new Quantum Computer completes the task in 6 seconds that would have taken one of the world's best computers 47 years.
— Barsee 🐶 (@heyBarsee) July 10, 2023
Quantum computers can change what we can build and how we understand the world.
Here's everything you need to know: pic.twitter.com/dkbA5odqmU
Expert estimates:
- Conservative: 2035-2040 for a CRQC capable of breaking blockchain cryptography
- Aggressive: Some researchers cite 20% probability before 2030
- Industry roadmaps: IBM, Google, Microsoft suggest 5-10 years for cryptographically relevant capability
- NIST guidance: 2035 deadline for federal post-quantum migration
The uncertainty cuts both ways. Quantum progress has surprised researchers before. And blockchain upgrades, especially Bitcoin’s, move slowly.
On the @Unchained_pod, leading cryptographer @ChrisPeikert, who has led Algorand's post-quantum security implementations, joined @laurashin for a discussion.
— Algorand Foundation (@AlgoFoundation) February 18, 2026
Chris discussed Algorand's readiness in a post-quantum world. pic.twitter.com/kzeFQgJZ3Q
How Networks Are Responding
Algorand: First Post-Quantum Transaction on Mainnet
Algorand executed the first post-quantum transaction on a live public blockchain on November 3, 2025, using NIST-selected Falcon-1024 signatures.
Approach:
- Native
falcon_verifyopcode in the Algorand Virtual Machine - Logic signatures embed Falcon public keys in stateless smart contracts
- State proofs already use Falcon-1024, making the ledger quantum-secure for cross-chain verification
- Developer tooling available for experimentation today
Team credentials: Algorand’s cryptography team includes Chris Peikert (co-author of the GPV framework underlying Falcon), Zhenfei Zhang (direct contributor to NIST’s Falcon proposal), and was founded by Turing Award winner Silvio Micali.
Status: Production infrastructure live. Full protocol-level migration (all accounts, consensus) on roadmap.
Quantum computing poses a risk to Bitcoin and other blockchains, as recently warned by @BlackRock.
— Algorand Foundation (@AlgoFoundation) May 27, 2025
As @Cointelegraph states, Algorand is ahead.
"Algorand has already integrated Falcon… backed by encryption that could hold up even if quantum machines go live tomorrow." pic.twitter.com/MNcDiwMtAf
Hedera: Quantum-Resistant by Design
Hedera was architected with quantum threats in mind from launch. At Hedera Dev Day 2026 in Denver on February 17, co-founder Dr. Leemon Baird laid out the network’s post-quantum roadmap:
“The good news is, yes, we can [become post-quantum safe]. At Hedera, we’re already planning for this. Our core technology, the asynchronous Byzantine Fault Tolerant system, or aBFT, gives us a strong foundation of inherent security. But we’re not stopping there. We’re looking at seamless upgrades that will protect key elements like staking and the overall network consensus.”
Dr. Leemon Baird
What’s already quantum-resistant:
Hedera follows the CNSA (Commercial National Security Algorithm) Suite, the same standard the U.S. government uses for Top Secret information:
- SHA-384 hashing: Provides 192-bit post-quantum security vs SHA-256’s 128-bit. Baird has stated SHA-384 “may very well be future-proof against quantum threats forever.”
- 256-bit AES encryption: For TLS connections between nodes
- Hashgraph consensus: The aBFT algorithm itself is post-quantum secure when paired with post-quantum signatures
Most blockchains use 256-bit hashes. Hedera uses 384-bit. This means the entire transaction history and hashgraph structure has been protected by quantum-resistant hashing since genesis.
Is $HBAR secure against quantum threats? Yes. Here's why with Leemon Baird:"You would not be able to break SHA-384, SHA-384 is thought to be secure against quantum computers forever.That's pretty good news.And we use SHA-384." pic.twitter.com/w2qtLUHP7D
— ALLINCRYPTO (@RealAllinCrypto) June 5, 2025
What’s coming in 2026:
Baird announced post-quantum TLS upgrades deploying this year:
“These upgrades won’t come with any added costs to users, and they won’t slow down the network. It’s all about making sure Hedera remains fast, secure, and scalable even in a quantum world. We’ll be layering in post-quantum TLS security through simple library updates, and this is happening this year.”
Dr. Leemon Baird
The upgrades align with NIST’s 2024 standardization, including CRYSTALS-Kyber for key encapsulation.
Why the urgency:
Baird cited an IBM study showing quantum computing could compromise up to 40% of current cryptographic systems without preparation:
“This proactive approach is what sets Hedera apart, especially for enterprise adoption. It boosts the appeal of HBAR for building scalable, secure applications, think real-world assets and AI integrations. We’re ready for the future.”
Dr. Leemon Baird
Architecture advantage: Hedera’s public addresses are not coupled to the cryptographic scheme, allowing signature algorithm upgrades with minimal disruption. When NIST post-quantum signature standards mature, Hedera can migrate without the coordination challenges facing Bitcoin or Ethereum.
Bitcoin: BIP-360 and the 7-Year Race
Bitcoin faces unique challenges. The network’s upgrade process is deliberately slow, requiring broad consensus for protocol changes. Millions of coins in legacy addresses cannot be migrated without owner action or contentious freezing.
BIP-360: Pay-to-Merkle-Root (P2MR)
Co-authored by Hunter Beast, Ethan Heilman, and Isabel Foxen Duke, BIP-360 proposes a new output type that removes the quantum-vulnerable “key-path spend” from Taproot addresses.
How it works:
- P2MR functions like Taproot (P2TR) but eliminates the spending method that exposes public keys
- Designed as a “conservative first step,” a quantum-resistant output type without requiring immediate signature scheme changes
- Future proposals will add post-quantum signature algorithms
JUST IN: Bitcoin Improvement Proposal 360 has been merged into the official Bitcoin BIPs repository, aiming to strengthen Bitcoin against quantum 👀 pic.twitter.com/kAAdHWqj2y
— Bitcoin Magazine (@BitcoinMagazine) February 12, 2026
QRAMP: Quantum-Resistant Address Migration Protocol
A companion proposal for migrating funds:
- Phase A: Ban sending to legacy ECDSA/Schnorr addresses 3 years after BIP-360 implementation
- Phase B: Eventually restrict spending from legacy addresses entirely
Timeline: BIP-360 co-author estimates Bitcoin may take 7 years to fully upgrade to post-quantum security, from proposal to widespread adoption.
The Satoshi problem: ~1.1 million BTC in Satoshi-era P2PK addresses cannot be migrated. The community must eventually decide: leave them vulnerable, or freeze them preemptively.
⚡️ INSIGHT: Can Bitcoin’s 21M cap hold up long-term?
— Cointelegraph (@Cointelegraph) June 7, 2025
QRAMP Protocol steps in with a new framework to help preserve it. pic.twitter.com/dm0vNPvYY6
Ethereum: The Lean Ethereum Roadmap
Ethereum’s roadmap includes post-quantum preparation as a long-term priority under “The Splurge” upgrade phase.
Approach:
- Account abstraction enables per-account signature scheme migration without hard forks
- zk-STARK proofs (already used in Layer 2s) are quantum-resistant
- “Lean Ethereum” proposal from Vitalik Buterin and Justin Drake (mid-2025) simplifies the base layer while adding quantum-resistant features
- Testing quantum-resistant algorithms on Layer 2 before mainnet deployment
2026 priorities: The Ethereum Foundation’s published roadmap includes advancing quantum-resistant security alongside gas limit increases and cross-chain interoperability.
Advantage: Ethereum’s flexibility allows gradual migration. Smart contract wallets can upgrade independently.
What’s next for the @ethereumfndn? And how is @ethereum tackling quantum risk?
— EthBoulder (@ethereumboulder) February 15, 2026
At #ETHBoulder, @tkstanczak gave a standout double-talk on the macro vision and post-quantum (PQ) future of the chain. 💥
The 2026 Roadmap
Tomasz set the stage for a "Lean Ethereum":
– Agentic… pic.twitter.com/lXm62OnxWH
Solana: Testnet Deployment and Winternitz Vault
Solana moved aggressively in late 2025, deploying post-quantum signatures on testnet and releasing an optional quantum-resistant vault for mainnet users.
December 2025: Post-Quantum Testnet
The Solana Foundation partnered with Project Eleven to conduct a comprehensive quantum risk assessment and deploy functioning post-quantum signatures on a Solana testnet. Matt Sorg, VP of Technology at the Solana Foundation, framed the initiative as ensuring Solana remains secure not just today, but decades into the future.
The testnet results demonstrated that post-quantum security is viable with current technology. Solana didn’t wait for quantum to become a headline problem. They invested early, asked the hard questions, and shipped working code.
Solana Foundation consulted with Project Eleven to assess quantum readiness.
— Capital Markets (@capitalmarkets) December 16, 2025
– Project Eleven evaluated potential quantum risks to the core infrastructure
– Deployed a working post-quantum signature system on testnet pic.twitter.com/BpEzN4lsB9
The Migration Challenge
Post-quantum security is not a simple software update. The challenges include:
- Signature size: Falcon signatures are ~10x larger than Ed25519 (64 bytes). Dilithium signatures are ~38-53x larger depending on parameter set. This directly impacts block size, fees, and throughput.
- Key management: Users must generate new quantum-safe keys and migrate funds. Lost keys mean lost funds. Rushed migrations invite errors.
- Coordination: Bitcoin requires broad consensus for protocol changes. Ethereum must coordinate across thousands of smart contracts. Both face years of upgrade cycles.
- Legacy exposure: Funds in addresses that have already revealed public keys remain vulnerable even after protocol upgrades, unless moved to new addresses.
- Economic incentives: Users holding coins in vulnerable addresses may not migrate until the threat feels immediate. By then, it may be too late.
What This Means
The quantum threat to blockchain is real, but not imminent. The window for preparation is measured in years, not months.
Networks in strongest position:
- Algorand: Production post-quantum transactions live, team invented core algorithms
- Hedera: Quantum-resistant hashing from genesis, clear migration path
- Solana: Post-quantum testnet live, optional quantum-resistant vault on mainnet
Key dates to watch:
- 2026: Solana quantum migration progress, BIP-360 advancement, Ethereum quantum research
- 2030: Aggressive CRQC estimates begin
- 2035: NIST federal migration deadline, conservative CRQC estimates
The infrastructure is being built. The cryptography is proven. The question is whether the industry moves fast enough.
When the first cryptographically relevant quantum computer comes online, it won’t announce itself. The networks that prepared will survive. The ones that didn’t will learn why cryptographers have been warning them for thirty years.
Disclaimer: News content provided by Genfinity is intended solely for informational purposes. While we strive to deliver accurate and up-to-date information, we do not offer financial or legal advice of any kind. Readers are encouraged to conduct their own research and consult with qualified professionals before making any financial or legal decisions. Genfinity disclaims any responsibility for actions taken based on the information presented in our articles. Our commitment is to share knowledge, foster discussion, and contribute to a better understanding of the topics covered in our articles. We advise our readers to exercise caution and diligence when seeking information or making decisions based on the content we provide.
