Major blockchain networks including Bitcoin and Ethereum should accelerate migration to post-quantum cryptography to counter evolving threats, even as fault-tolerant quantum computers capable of widespread attacks remain years away, according to a new position paper from the Coinbase Independent Advisory Board on Quantum Computing and Blockchain.
Coinbase Advisory Board Urges Quantum Upgrades for Bitcoin, Ethereum
21 April 2026 - 19:27 CEST
By Stu Clelland
Post-quantum cryptography means new security methods resistant to quantum attacks. The report calls for crypto-agility – the ability to swap cryptographic tools easily – and early planning to prevent market uncertainty and user disruptions.
It follows Google Quantum AI's March 2026 white paper, which showed that breaking the elliptic curve cryptography protecting most blockchains could need roughly 20 times fewer physical qubits than earlier estimates, with attacks potentially running in minutes on advanced hardware using under 500,000 physical qubits.
Shor's algorithm versus Grover'sQuantum computers use qubits that can represent multiple states simultaneously, unlike classical bits limited to 0 or 1. This enables solving certain maths problems much faster.
Shor's algorithm can crack public-key systems like ECDSA – the signature method used to authorize Bitcoin and Ethereum transactions – by quickly deriving private keys from exposed public keys. In simple terms, it acts like an ultra-efficient map that instantly reveals a hidden path classical computers would take years to find.
Grover's algorithm offers only a modest quadratic speedup for search tasks, such as trying many possibilities to break hashes. The overhead makes it largely impractical for threatening Bitcoin's proof-of-work mining or other core functions in the near term, the report says.
The Coinbase advisory paper expresses high confidence that fault-tolerant quantum computers will eventually arrive but stresses no precise timeline exists. NIST, the US standards body, targets full post-quantum migration by 2035 to guard against "harvest-now-decrypt-later" attacks, where data is stolen today for future decryption.
Recent Google research, involving Ethereum Foundation researcher Justin Drake as co-author, sharpens the case for preparation without creating panic. It optimizes Shor's algorithm for the secp256k1 curve used in Bitcoin and Ethereum, requiring as few as 1,200 logical qubits in one variant.
Exposed assets create clear risksBitcoin (BTC) faces notable exposure where public keys are visible. Roughly 6.9mn BTC sit in vulnerable unspent outputs, including about 1.7mn BTC in old Pay-to-Public-Key addresses – many potentially abandoned early "Satoshi-era" coins, according to the report.
Ethereum wallets (externally owned accounts) rely on ECDSA, with keys often revealed after spending. Its consensus layer uses BLS signatures also at risk. Similar concerns apply to layer-2 solutions and certain privacy tools.
Other chains show progress. Solana offers Winternitz vaults for protection. Algorand has run post-quantum transactions using FN-DSA. Aptos lets users switch to SLH-DSA keys without moving assets.
Bitcoin Core developers discuss proposals like BIP-360 to better hide keys, with some viewing quantum risk as secondary to everyday issues like fees and scaling.
Migration paths balance security, performanceThe report recommends hybrid "1-of-2" approaches that accept either current or post-quantum signatures, allowing gradual upgrades at low immediate cost to users. Ethereum eyes ML-DSA precompiles and account abstraction, with Drake calling it a "clean slate" chance to remove technical debt and build the first major post-quantum financial system.
New signatures like SLH-DSA are much larger – up to thousands of bytes versus 64 for common alternatives – which could raise fees or slow networks if not handled carefully through aggregation techniques such as SNARKs, the report said.
Abandoned assets raise governance questions. Options include a flag day to revoke exposed funds (risking backlash) or treating them as incentives for quantum development monitoring.
Forward-looking implications for networks and investorsUpgrades may influence competition, with Ethereum's dedicated team and 2029 target potentially giving it an edge. Bitcoin's decentralized process could move slower but benefits from ongoing research.
Short-term effects might include higher fees or storage needs during transition, plus wallet and exchange costs for new key management. Long-term gains could come from quantum advances in simulation and optimization.
The report urges major networks to publish clear roadmaps soon, coordinate on handling dormant assets, and invest in efficient quantum-resistant tools. Investors should track milestones and favour proactive projects while avoiding address reuse on Bitcoin.
With standardized post-quantum algorithms already available, the industry has the building blocks. The Coinbase board emphasizes acting early to turn a potential weakness into stronger, future-proof infrastructure.
