A recent report suggests that over $3 trillion in digital assets could face risks from theft in the next four to seven years due to advances in quantum computing. The report comes from Project Eleven, which specializes in post-quantum security and the transition of digital assets. They’ve partnered with the Solana Foundation to help prepare networks against potential quantum threats.
The report underscores that the entire digital asset space, valued at more than $3 trillion, relies on a specific type of cryptography—elliptic curve digital signatures—that could be compromised by quantum computing attacks. It’s important to note that this concern extends beyond just cryptocurrencies; the same cryptography is integral to banking systems, cloud infrastructures, authentication networks, and even military communications.
According to the 110-page report, a sufficiently advanced quantum computer could exploit Scholl’s algorithm to derive private keys from public keys, enabling attackers to forge signatures and gain access to wallets and other accounts protected by elliptic curve cryptography. This paints a broader picture—potential vulnerabilities affect not just Bitcoin and Ethereum, but also banking infrastructure, military communications, and various digital identity systems.
Project Eleven indicates that a “Q-Day” scenario—when a quantum computer capable of breaking widely used public-key cryptography arrives—could happen as early as 2030 or as late as 2033. They mention that, based on current trends, it’s likely to occur by 2033, but there’s also a possibility it could happen sooner. The report emphasizes that the timeline for transitioning to post-quantum cryptography is tightening.
Transitioning complex systems typically takes five to ten years or more, making the situation more complex. The report raises the question of how this migration will unfold since moving all quantum-vulnerable systems to a secure network requires synchronized action from users, exchanges, custodians, wallet providers, and miners.
Project Eleven notes that the real challenge isn’t technological; it’s about achieving coordination, urgency, and a willingness to invest in migration costs. This situation is particularly concerning for Bitcoin, where upgrades have been historically slow and often fraught with political disputes. For example, the relatively minor SegWit upgrade took over two years to implement, leading to significant debate and a chain split.
Given the decentralized nature of blockchain networks, moving to post-quantum cryptography could take longer than it would for centralized systems—potentially a decade or more. Co-author Alex Pruden cautions that transitioning Bitcoin to post-quantum cryptography may be tougher than previous upgrades like Taproot due to the level of coordinated effort required from various stakeholders. He has suggested that, personally, he might lean toward “recycling” the 5.6 to 6.9 million vulnerable BTC tokens, valued at around $500 billion, instead of allowing them to be wiped out by quantum threats.
Ultimately, the report highlights a tension between Bitcoin’s commitment to a fixed supply and its dedication to property rights.
