en.Wedoany.com Reported - A report commissioned by Coinbase and compiled by a group of top experts in quantum computing, cryptography, and blockchain technology states that the cryptocurrency industry should stop debating when quantum computers will become a threat and start preparing for their eventual arrival.

The report, released by the Coinbase Independent Advisory Board on Quantum Computing and Blockchain, brings together insights from researchers including University of Texas professor Scott Aaronson, Stanford professor Dan Boneh, Ethereum Foundation researcher Justin Drake, University of Washington professor Sreeram Kannan, Coinbase research scientist Yehuda Lindell, and UC Santa Barbara professor Dahlia Malkhi. The report concludes that large-scale fault-tolerant quantum computers capable of breaking today's most widely used public-key cryptography will likely eventually be built, despite significant engineering challenges remaining. Therefore, blockchains, exchanges, custodians, and wallet providers should begin implementing migration plans toward quantum-resistant security rather than waiting for a crisis to emerge.

The paper distinguishes between today's experimental quantum computers and the fault-tolerant machines needed to break cryptocurrencies secured by elliptic curve cryptography. The committee emphasizes that the threat from quantum computing is not imminent, but its credibility is sufficient to justify that delaying preparation introduces avoidable risks to digital assets. Current quantum devices remain noisy and limited in scale, while executing Shor's algorithm against modern cryptographic systems would require logical qubits protected by error correction and millions of operations running reliably over extended periods.

The report notes that essential building blocks are beginning to emerge: two-qubit gate fidelities on several hardware platforms have reached approximately 99.9%. Theoretical research suggests that if this level can be maintained as systems scale significantly, fault-tolerant quantum computing could be supported, although scaling itself remains a formidable challenge. The committee warns against relying on headline metrics such as raw qubit counts when assessing progress and identifies several milestones that would mark meaningful steps toward cryptographically relevant quantum computing, including demonstrating fault-tolerant logical qubits superior to underlying physical components, successfully implementing a fault-tolerant version of Shor's algorithm on small problems, and practically demonstrating quantum advantage in commercially important simulation tasks.

Interestingly, the committee points out that the primary economic driver for quantum computing investment is quantum simulation, not cryptography. The report states that applications involving chemistry, materials science, and physics are the most likely sources of near-term commercial value, and success in these areas could create a virtuous cycle: useful applications generate revenue, revenue funds improved hardware, and improved hardware eventually enables cryptographically relevant machines. If this commercial momentum stalls, the timeline for quantum threats to cryptography could be significantly extended, but for blockchain developers, timeline uncertainty does not eliminate the need for preparation.

The report indicates that quantum-resistant cryptography already exists. Unlike quantum key distribution, which requires dedicated quantum hardware, quantum-resistant cryptographic algorithms run on classical computers while resisting future quantum adversaries. The National Institute of Standards and Technology (NIST) has standardized several quantum-resistant algorithms, including ML-KEM for key establishment, ML-DSA and SLH-DSA for digital signatures, while others remain under evaluation. The challenge lies not in a lack of candidates, but in integrating them into blockchain systems without compromising performance, decentralization, or usability. Many existing blockchain systems rely heavily on digital signatures: validators use them to reach consensus, users depend on them to authorize transactions, and wallet providers and custodians build key management infrastructure around them, meaning replacing these systems will not be straightforward.

The report repeatedly notes that quantum-resistant signatures are significantly larger than the elliptic curve signatures commonly used today. For example, ML-DSA signatures may exceed 2400 bytes, while Ed25519 signatures are approximately 64 bytes; hash-based methods could be even larger. These size increases matter because blockchains are fundamentally constrained by storage, bandwidth, and computational costs. The report estimates that directly adopting quantum-resistant signatures could substantially reduce blockchain throughput, increase transaction fees, and accelerate chain growth. In a hypothetical Bitcoin example, replacing traditional signatures with ML-DSA signatures could reduce transaction capacity by several times, even considering Bitcoin's witness discount mechanism.

The impact extends beyond individual transactions: many proof-of-stake systems rely on aggregate signature schemes such as BLS signatures, which can efficiently compress attestations from thousands of validators; for example, Ethereum extensively uses BLS signatures in its consensus process. No equivalent quantum-resistant scheme with comparable efficiency currently exists. Although researchers are actively developing quantum-resistant threshold and aggregate signature systems, current approaches typically involve larger signatures, slower execution speeds, and interactive communication requirements that could complicate consensus protocols. The report recommends that blockchain communities begin planning migration strategies immediately, especially those whose security models heavily rely on aggregation techniques.

The committee does not advocate for an abrupt transition but favors a phased approach, including introducing periodic quantum-resistant checkpoints within existing chains, providing quantum-resistant signatures for selected blocks, and anchoring early parts of blockchain history to prevent future forgery attempts. This approach could allow networks to gain meaningful protection without immediately replacing every component of the consensus system. The committee simultaneously emphasizes the importance of crypto-agility—the ability to update cryptographic algorithms without extensive redesign. Networks that build flexibility into their protocols today may find migration much easier in the future.

The report notes differences among major blockchain ecosystems, suggesting that Ethereum's smart contract architecture may offer greater flexibility, as developers can implement alternative signature mechanisms without necessarily requiring full consensus-wide governance changes. Bitcoin faces different challenges, as protocol modifications typically proceed cautiously and require broad consensus, meaning migration strategies must minimize disruption while maintaining compatibility with existing infrastructure. Beyond technical considerations, user behavior may be a more difficult challenge. Migrating millions of users to new cryptographic standards may require large-scale coordination among exchanges, custodians, wallet providers, and blockchain communities. Hardware security modules may need upgrades, multi-party computation systems may require redesign, and software wallets need new features. However, some users may never migrate.

The report emphasizes that dormant wallets represent one of the most difficult governance problems facing the industry. If owners fail to transfer assets to quantum-resistant secure addresses before quantum attacks become feasible, blockchains may face awkward choices: vulnerable assets could face indefinite risk of theft, or communities might decide to invalidate or "burn" inaccessible funds. Neither outcome is likely to be universally accepted, so the committee reports that these decisions should not be postponed until a crisis emerges. Instead, the committee writes, blockchain communities should immediately begin discussing relevant policies and communicate them publicly to reduce uncertainty for investors and users.

The report ultimately rejects both extreme positions in the quantum debate. On one hand, it opposes complacency: the committee is highly confident that large-scale fault-tolerant quantum computers will eventually be built and cautions against assuming engineering difficulties will permanently prevent progress. On the other hand, the report warns against panic: fault-tolerant quantum computers capable of threatening modern blockchains do not yet exist, and significant scientific and engineering advances are still needed before they become practical. The advisory board believes the appropriate response is prudent preparation, adding that the cryptocurrency industry has previously navigated major technological transitions, from scaling upgrades to consensus changes. Migration to quantum-resistant cryptography may ultimately become another chapter in that history. Although the timeline remains uncertain, the committee reports that this uncertainty strengthens rather than weakens the case for action. If preparation begins early, blockchain ecosystems can adapt gradually and deliberately; if the industry waits until the threat becomes urgent, choices may become much more difficult.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com