Quantum Computing Threats to the Blockchain Industry

Research Industry Research
Quantum Computing Threats to the Blockchain Industry

Executive Summary

DOWNLOAD the full report here!

Quantum computing has moved from theoretical concern to active planning issue for the blockchain industry. The threat is not that today's quantum computers can break major blockchains — they cannot. The concern is that future fault-tolerant quantum computers may break the public-key cryptography that blockchains depend on to authorize transactions, secure validators, operate bridges, control smart contracts, and manage custody infrastructure.

Our report finds that digital signatures are the primary exposure. Most major blockchain ecosystems rely on elliptic-curve signature schemes whose security rests on mathematical assumptions vulnerable to Shor's algorithm. If a sufficiently capable quantum computer can recover a private key from an exposed public key, an attacker can produce signatures that appear valid to the network — and a blockchain has no native mechanism to distinguish a forged transaction from a legitimate one.

The timeline remains uncertain, but public planning signals are tightening. The main algorithmic threat has been known since the 1990s, resource estimates for blockchain-relevant attacks are becoming more concrete, and major governments, standards bodies, technology companies, and financial-sector groups are planning post-quantum migration around the late 2020s to mid-2030s. A 2026 Google resource estimate paper focused specifically on cryptocurrency signatures, and an open benchmark arena called ecdsa.fail has already reported a 15.1% improvement over Google's circuit as of June 2026. For blockchain ecosystems, the key issue is that migration may need to begin long before a cryptographically relevant quantum computer is publicly confirmed.

Mitigation is possible, but it is not a simple algorithm swap. NIST-standardized post-quantum signatures — ML-DSA, SLH-DSA, and the forthcoming FN-DSA — provide important building blocks, but blockchain migration must also address transaction size, fees, wallet UX, validators, smart contracts, bridges, custodians, dormant accounts, governance processes, and operational readiness.

Key Insights

  • Quantum risk is a credible future planning issue, not an immediate threat. No public quantum computer can currently break production blockchain signatures. The concern is that future fault-tolerant machines may be able to, and blockchain migration requires coordinating many stakeholders before that moment arrives.
  • Digital signatures are the primary blockchain exposure. Most major blockchain ecosystems rely on elliptic-curve schemes whose security depends on assumptions vulnerable to Shor's algorithm. A successful key-recovery attack would allow an attacker to produce signatures that the network treats as valid.
  • Public key visibility determines exposure. Keys that have already appeared on-chain may be targetable if funds or authority still depend on them. Wallets that reuse addresses, dormant accounts, bridge signers, validator keys, and governance multisigs represent higher-risk categories than fresh keys not yet revealed.
  • Bitcoin, Ethereum, and Solana face distinct migration challenges. Their account models, address designs, signature schemes, validator architectures, and upgrade governance processes create different exposure profiles and different paths to post-quantum migration.
  • Public planning timelines cluster around 2029–2035. Google has set a PQC migration target of 2029, the UK NCSC recommends completing highest-priority migration by 2031, and G7 financial-sector guidance points to 2035 as an overall target, with critical systems prioritized around 2030–2032. Expert surveys put the probability of a cryptographically relevant quantum computer at 28–49% within 10 years.
  • Resource estimates are becoming more blockchain-specific. Google's 2026 whitepaper estimated that attacking 256-bit elliptic-curve signatures could require fewer than half a million physical qubits under stated assumptions. The ecdsa.fail benchmark arena is making optimization of blockchain-relevant quantum circuits open and publicly verifiable.
  • NIST post-quantum standards exist, but standards alone do not migrate blockchain assets. ML-DSA (FIPS 204) is the primary candidate, SLH-DSA (FIPS 205) provides assumption diversity with heavier signatures, and FN-DSA (FIPS 206, forthcoming) may offer compact signatures suited to high-throughput environments. Each involves tradeoffs in transaction size, verification cost, and implementation complexity.
  • Bridges, custodians, and governance systems may need to migrate earlier than ordinary users. Concentrated value and long-lived signing keys make these systems priority targets. Migration for these infrastructures is an operational transition, not only a cryptographic one.
  • Cryptographic agility is the strongest near-term posture. Systems designed so that signature schemes can be replaced or supplemented — without emergency redesign — will be better positioned regardless of how the quantum timeline develops.

Read the full report to learn more about quantum computing threats to blockchain security and the migration paths available to protocols, validators, custodians, and ecosystem participants.

FAQs

Can quantum computers break Bitcoin or major blockchains today?

No. Today's quantum computers cannot break Bitcoin or other major blockchain signatures. The concern is a future scenario where fault-tolerant quantum computers recover private keys from public keys, enabling attackers to forge valid-looking transactions. This is a planning issue, not an immediate threat.

What is the primary quantum threat to blockchain systems?

Digital signatures are the primary concern. Most major blockchains rely on elliptic-curve signature schemes that are vulnerable to Shor's algorithm. If a sufficiently capable quantum computer can derive a private key from an exposed public key, it can authorize transactions that the network treats as valid, without any visible sign of compromise.

When do blockchain ecosystems need to complete post-quantum migration?

Public planning signals increasingly cluster around 2029–2035. Google has set a 2029 migration target, the UK NCSC recommends completing highest-priority migration by 2031, and G7 financial-sector guidance points to 2035. Because blockchain upgrades require coordinating protocols, wallets, validators, custodians, and users, migration must begin well before a cryptographically relevant quantum computer arrives publicly.

Which blockchain assets and systems are most exposed?

Exposure is uneven. The highest-risk systems include wallets with already-revealed public keys, reused addresses with remaining funds, dormant wallets whose holders may not migrate in time, and high-value infrastructure such as bridges, multisigs, custodians, and governance keys that concentrate signing authority.

What post-quantum signature standards are available for blockchain migration?

NIST finalized two post-quantum digital signature standards in August 2024: FIPS 204 (ML-DSA), a lattice-based scheme considered the primary candidate for broad migration, and FIPS 205 (SLH-DSA), a hash-based alternative offering assumption diversity with larger signature sizes. A third standard, FIPS 206 (FN-DSA, derived from Falcon), is still under development and may offer more compact signatures suited to high-throughput chains like Solana.

Why is blockchain quantum migration harder than for centralized systems?

Blockchains are public, permanent, and decentralized. Historical transaction data, including exposed public keys, remains visible indefinitely. Transactions generally cannot be reversed once finalized. And protocol upgrades require coordination across independent validators, wallet providers, exchanges, custodians, bridges, and users — all of whom may move at different speeds. This makes quantum migration an ecosystem coordination problem, not just a cryptographic one.

Related Blogs

Skynet 2026 Stablecoin Threat Intelligence Report

Skynet 2026 Stablecoin Threat Intelligence Report

CertiK's Skynet 2026 Stablecoin Threat Intelligence Report examines the two defining stablecoin security threats of 2026: escalating attacks on interconnected financial infrastructure and the rise of state-sponsored sanctions evasion through A7A5, a Russian-ruble-backed stablecoin that processed over $110 billion in transactions within its first year.

Post-Quantum Signatures, Part 2: From Trees to Forests

Post-Quantum Signatures, Part 2: From Trees to Forests

XMSS builds on one-time signatures by organizing OTS keys into Merkle trees and hyper-trees, delivering a practical post-quantum signature scheme with compact proofs, fast verification, and a critical trade-off: strict state management.

Skynet DPRK Crypto Threats Report

Skynet DPRK Crypto Threats Report

Our Skynet DPRK Crypto Threats Report discusses key North Korean hacker trends, including amounts stolen, number of incidents, and the most substantial hacks over the past 10 years.