Blockchains and the Quantum Threat: Progress Since Bitcoin’s First Wake-Up Call

Jun 19th 2026

Blockchains and the Quantum Threat: Progress Since Bitcoin’s First Wake-Up Call

In 2018, researchers published a paper with a title that now seems remarkably prescient: “Committing to Quantum Resistance: A Slow Defence for Bitcoin Against a Fast Quantum Computing Attack.” The authors warned that Bitcoin’s cryptographic foundations could eventually be threatened by large-scale quantum computers capable of breaking the elliptic-curve cryptography that secures Bitcoin transactions. Rather than advocating panic, they proposed a gradual migration strategy that would allow Bitcoin users to move funds into quantum-resistant addresses before a practical attack became possible.

Stewart, I., Ilie, D., Zamyatin, A., Werner, S., Torshizi, M.F., & Knottenbelt, W.J. (2018). Committing to Quantum Resistance: A Slow Defence for Bitcoin Against a Fast Quantum Computing Attack. Royal Society Open Science, 5(6), 180410. https://doi.org/10.1098/rsos.180410
Paper: https://royalsocietypublishing.org/doi/10.1098/rsos.180410

The paper’s central insight was deceptively simple: while developing a quantum-resistant blockchain would take years of coordination, engineering, and user adoption, a successful quantum attack could unfold rapidly once sufficiently capable quantum computers emerged. Consequently, the defense would need to be slow, but it would also need to begin early.

Eight years later, that warning looks increasingly relevant.

Quantum computers still cannot break Bitcoin or Ethereum today. However, the conversation has shifted dramatically. What was once an academic concern has become an active engineering problem. Governments, standards bodies, blockchain developers, and financial institutions are now preparing for a future in which quantum computers may be capable of defeating the elliptic-curve cryptography that secures most digital assets.

The question is no longer whether blockchains should prepare for quantum computing. The question is whether they can complete the transition before the threat arrives.

The Biggest Change Since 2018: Post-Quantum Cryptography Is Now Standardized

The most significant development since the original paper is that post-quantum cryptography is no longer experimental.

In August 2024, the U.S. National Institute of Standards and Technology (NIST) finalized the first three post-quantum cryptographic standards: FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA). NIST simultaneously encouraged organizations to begin migration planning immediately.

Sources

This marks a major milestone. Blockchain developers now have standardized cryptographic tools that can be evaluated for future deployment rather than relying solely on academic proposals.

The challenge is that these algorithms were not designed specifically for blockchains. Many post-quantum signature schemes require dramatically larger keys and signatures than Bitcoin’s Schnorr signatures or Ethereum’s ECDSA signatures. The resulting increase in transaction size could place significant pressure on blockchain throughput and storage requirements.

Bitcoin Has Moved From Theory to Concrete Proposals

The Bitcoin ecosystem has made meaningful progress since 2018, although it has not yet adopted any quantum-resistant signature scheme at the consensus level.

The most important recent development is the emergence of BIP-360, a proposal for a new output type known as Pay-to-Merkle-Root (P2MR). The proposal removes Bitcoin’s quantum-vulnerable key-path spending mechanism and creates a framework that could support future post-quantum spending methods.

Sources

Importantly, BIP-360 is not itself a complete quantum-resistant solution. It is better understood as infrastructure that could make a future migration practical.

Bitcoin developers have also discussed broader migration proposals, including phased transitions away from legacy signature systems. The debate has increasingly focused on a difficult question: What should happen to coins that remain in quantum-vulnerable addresses?

This issue is particularly important because millions of bitcoins reside in addresses whose owners may be inactive, deceased, or simply unaware of the risk. Any proposal to invalidate vulnerable outputs could protect the network from future quantum theft, but it would also raise significant questions regarding property rights and Bitcoin’s immutability.

As of 2026, Bitcoin appears to be taking its first substantive steps toward a quantum-resistance roadmap, but the migration remains in the planning stage rather than deployment.

Ethereum Has Made Post-Quantum Security a Strategic Priority

Ethereum may be further along organizationally than Bitcoin.

The Ethereum Foundation has established a dedicated post-quantum security initiative and launched a public portal outlining its roadmap for quantum-resistant cryptography.

Sources

Ethereum’s strategy emphasizes cryptographic agility—the ability to replace cryptographic primitives without destabilizing the network.

This approach is particularly important because Ethereum’s ecosystem extends far beyond simple payments. Smart contracts, rollups, bridges, validators, account abstraction systems, and zero-knowledge protocols all depend upon cryptographic assumptions that may eventually require modification.

In early 2026, the Ethereum Foundation elevated post-quantum security to a top strategic priority and began coordinating dedicated interoperability test networks and research efforts.

Additional Sources

Ethereum’s challenge is not merely replacing signatures. It must ensure that its broader ecosystem—including smart contracts and scaling solutions—remains secure during a years-long transition.

Infrastructure May Become Quantum-Safe Before Blockchains Do

One lesson from the broader cybersecurity industry is that migration often begins at the infrastructure layer.

Banks, cloud providers, VPN vendors, and software companies have already begun implementing hybrid post-quantum systems that combine classical cryptography with quantum-resistant algorithms.

For example, following NIST’s 2024 standards release, companies such as NordVPN began deploying post-quantum encryption across production systems while emphasizing “cryptographic agility” as a long-term strategy.

Source

https://www.techradar.com/vpn/vpn-privacy-security/post-quantum-encryption-is-not-the-end-nordvpn-aims-for-world-first-security-milestones-in-2026

The same pattern may emerge in crypto.

Custodians, exchanges, ETF sponsors, stablecoin issuers, and institutional wallet providers may adopt quantum-resistant key-management systems years before Bitcoin or Ethereum modify their base-layer consensus rules.

If so, the first practical quantum defenses may appear around blockchain infrastructure rather than inside blockchains themselves.

The Regulatory Clock Is Beginning to Tick

Government agencies increasingly view quantum preparedness as a near-term security priority rather than a distant concern.

NIST has repeatedly urged organizations to begin migration planning now. U.S. cybersecurity agencies have warned of “harvest now, decrypt later” attacks in which adversaries collect encrypted information today with the intention of decrypting it once quantum computing becomes powerful enough.

Sources

This pressure will inevitably reach cryptocurrency markets.

Exchanges, custodians, stablecoin issuers, and tokenized-asset platforms may soon be expected by regulators and institutional clients to demonstrate credible quantum-risk mitigation strategies.

How Much Progress Has Actually Been Made?

The honest answer is mixed.

Compared with 2018, the ecosystem has made remarkable progress in planning:

Post-quantum cryptographic standards now exist.
Bitcoin has concrete migration proposals under active discussion.
Ethereum has established a dedicated post-quantum initiative.
Financial institutions have begun migration planning.
Governments are encouraging immediate preparation.

However, deployment remains limited.

Bitcoin still relies on quantum-vulnerable signatures.

Ethereum still relies on cryptographic assumptions that would ultimately be threatened by a sufficiently powerful quantum computer.

Most cryptocurrency holders continue to use traditional wallets that offer no post-quantum protection.

In short, the blockchain industry has solved much of the intellectual problem but relatively little of the deployment problem.

Conclusion

The central insight of the 2018 paper remains remarkably durable.

As Stewart and his co-authors observed, the challenge is asymmetrical. A successful defense against quantum computing must be slow because migration is socially and technically difficult. Consensus must be achieved. Wallets must be upgraded. Users must move funds. Infrastructure must evolve.

Yet the attack, if and when it becomes practical, may be fast.

The encouraging news is that blockchain developers are no longer treating quantum computing as science fiction. Bitcoin and Ethereum have both begun serious planning. Standardized post-quantum cryptography now exists. Research has become engineering.

The remaining challenge is execution.

The future of blockchain security may ultimately depend less on whether quantum computers arrive and more on whether the industry completes its migration before they do. The blockchain ecosystem is finally beginning the “slow defence” envisioned in 2018.

Whether it is moving quickly enough remains one of the most important unanswered questions in cryptocurrency.