⚠ Disclaimer: This section may contain incomplete, out of date, or inaccurate entries. It is AI-maintained on a best-effort basis. Do not rely on it as a sole source — verify claims independently using the source materials listed in individual entries.
Overview
Phase 2 — Now Active
This section documents the post-quantum cryptography exposure of major cryptocurrency and blockchain networks, the migration mechanisms proposed or under development, and the governance challenges involved in transitioning decentralized protocols to quantum-resistant cryptography.
Unlike enterprise networking, where a vendor can ship a firmware update, cryptocurrency PQC migration requires decentralized consensus across miners, validators, developers, exchanges, and end users. The technical challenge is significant; the social coordination challenge may be greater.
The urgency accelerated in late 2025 and early 2026. Google Quantum AI published a paper on March 31, 2026 reducing CRQC resource estimates — under optimistic error rate assumptions, fewer than 500,000 physical qubits might suffice to break ECDLP-256, with a 2029 migration target. The Federal Reserve published a staff paper analyzing harvest-now-decrypt-later risks for distributed ledgers. Citi Institute estimated ~$648B in digital assets at quantum risk.
Key Context: Google’s March 2026 Paper
Google Quantum AI’s March 31, 2026 paper (“Safeguarding Cryptocurrency by Disclosing Quantum Vulnerabilities Responsibly”) materially reduced estimated resource requirements for a cryptographically relevant quantum computer:
- Fewer than 500,000 physical qubits under optimistic error rate assumptions (previous estimates were in the millions)
- Under 1,200 logical qubits + 90M Toffoli gates theoretically sufficient for ECDLP-256
- Sets 2029 as a migration target — consistent with NSA CNSA 2.0 timelines
This has accelerated urgency across the cryptocurrency ecosystem, with Ethereum, Bitcoin, Solana, and Cardano all intensifying PQC research and roadmap activity in Q1 2026.
Platform Status Summary
| Platform | Signature Scheme | PQC Status | Primary Candidate | Hard Fork | Notable |
|---|---|---|---|---|---|
| Bitcoin | ECDSA secp256k1 / Schnorr | BIP-360 testnet (Mar 2026); BIP-361 draft | FN-DSA (Falcon) | Phases B/C of BIP-361 | ~28–35% supply long-exposure vulnerable |
| Ethereum | ECDSA secp256k1 / BLS12-381 | Devnets active; EIP-8141 proposed; 2029 target | ML-DSA + leanSig | ~7 hard forks | Most organized response; dedicated PQ team |
| Solana | Ed25519 | Testnet (Dec 2025), 3,000 TPS Dilithium | ML-DSA | Protocol upgrade | Firedancer multi-sig backend key enabler |
| Cardano | Ed25519 extended | Project Nightstream (Feb 2026) | ML-DSA (lattice) | Hard fork | Google/Microsoft collaboration |
| Algorand | Ed25519 / Falcon (State Proofs + accounts) | Falcon live on mainnet (Nov 2025) | FN-DSA (Falcon) | N/A — live | Most advanced; VRF still vulnerable |
| QRL | XMSS → ML-DSA/SLH-DSA | Fully PQC; v2 testnet (Mar 2026) | ML-DSA-87 | N/A — purpose-built | First PQC blockchain (2018) |
Entries
- Bitcoin PQC — UTXO exposure analysis, BIP-360/BIP-361 proposals, algorithm candidates, Lopp vs. Back governance debate
- Ethereum PQC — Account model exposure, EIP-8141 frame transactions, leanSig/leanXMSS, Strawmap 2029 roadmap
- Other Chains — Solana, Cardano (Nightstream), Algorand (Falcon live), QRL (purpose-built PQC), exchange and wallet readiness