ETH is already 20% way to quantum resistance.
Antonio Sanso, a cryptography researcher at the Ethereum Foundation, is confident that the blockchain will be quantum secure long before a quantum attack takes place.
“We, as the Ethereum Foundation (EF) and the Ethereum community, are working extensively on this topic,” Cointelegraph said.
“The research part is probably the part that was already thought of. And we will start with the implementation stage. And we are sure that we will meet the deadline and the deadline.
EF has made post-quantum (PQ) security a high strategic priority. On January 24, he announced the formation of a post-quantum group led by Thomas Koratger. Sanso is leading the new bi-weekly All Core Devs Calls on Post-Quantum Security starting February 4th.
It is a big task. He explained that Ethereum's performance, communication and data access layers all need improvement.
“When we talk about having a post-quantum solution, we're not talking about one segment – there are all different big macro areas of Ethereum that need to migrate,” he said.
“The good thing is that we've been working on it for years, if not months. So we have a clear plan in mind and we're going to implement it in the coming years.”
One fifth of the way to the finish line
Asked to quantify how far the work has progressed to date, Sanso says solutions for different layers are moving at different speeds, “so there's not one percent for all three. But we're like a ballpark, maybe 20%.”
The new biweekly call will discuss the benefits and tradeoffs of different approaches. Multi-client post-quantum devnets are now live, and PQ's roadmap will be released soon, which EF researcher Justin Drake says will lead to “a complete transition with no loss of funds and zero downtime in the coming years.”
Making Ethereum quantum resistant is part of a complete overhaul of the entire blockchain as part of Lean Ethereum. The aim is to make Ethereum faster, simpler and more decentralized using zero-knowledge (ZK) technology to withstand quantum attacks.
Comparison with Bitcoin
Ethereum's enthusiasm for quantum proof stands in stark contrast to Bitcoin, with leaders from Adam Back to Michael Saylor downplaying the need for change, pointing to speculation that quantum computing could be years or decades away.
Which is true, but with caveats. At DevConnect in Buenos Aires, co-founder Vitalik Buterin said that while the media forecast for a quantum computer to crack confidential data is 2040, there is still a 20% chance of it happening in 2030.
But as it turns out, Bitcoin (BTC) is less vulnerable to quantum attacks, with roughly 6 million BTC currently at risk, mostly due to older addresses exposed to most public keys.
Related: Bitcoin Doesn't Have 20 Years Because Quantum Risk Is Already Here
However, most of Ethereum is vulnerable – and all of Solana. While very large PQ signatures remain a major problem, the proposed fixes for Bitcoin are also relatively simple.
Sanso said: “From a technical point of view, migration is easy. But on a human level, they can have problems … getting agreement on what to do.
“Ethereum, we don't have this problem, but… technologically, we have a lot of things to migrate to,” he said. “We share the same fact that we have to change the signatures of performance marketing, but of the problems we have – between the performance layer, agreement and data availability – the performance layer is very simple. So, the other two are a little more complex.”
What happens if quantum computers come early?
Sanso's own best guess for a quantum computer's deadline is the mid-2030s. Lin expects Ethereum to be completed sometime between 2028 and 2032.
Given how large language models and ZK-proofs have suddenly arrived (in the latter case, earlier than expected), it may be possible to crack the blockchain before quantum computers are fully developed.
Since public keys are not exposed (quantum computers use Shor's algorithm to work backwards to obtain private keys from the public), you can now increase security for Ether (ETH) by sending them to a new, unused address.
In the future, smart wallets will protect your ETH using account abstraction and post-quantum signatures.
“The idea is to have a new algorithm that's post-quantum, maybe based on lattices or hashes. And basically, we're going to integrate it with account abstraction.”
PQ signatures are too large.
At DevConnect in November, Zknox demonstrated a hardware wallet with a quantum dilithium signature that is compatible with the Ethereum infrastructure.
However, post-quantum signatures are huge, and the simplest one, called Falcon, is still 10 times faster than the Elliptic Curve Digital Signature Algorithm (ECDSA).
Sanso explains that coding the lattice solution in Solidity costs a lot of money in gas. There is an Ethereum Improvement Proposal (EIP) for pre-packaged to automatically handle this outside of the core protocol, which will speed things up and reduce costs.
The broader issue of including 10 times more signatures in the chain than currently exists will probably require different measures, including using ZK-STARKs to reduce the size.
Emergency quantum improvement
But Buterin has developed a contingency plan to deal with a quantum attack in March 2024, a hard fork and a mechanism for ETH owners to prove they are the rightful owners of a particular address before transferring to PQ addresses holding the equivalent balance.
Sanso has been working on a way to use ZK-proofs to reliably verify that this plan is in progress and that ETH holders have the correct address seed.
It's something we're actively working on. Hopefully, there will be a project that demonstrates this, either at EthCC Cannes or DevCon in India.
Depending on which EIPs, this system can be used as part of the proposed conversion to PQ signatures. Individuals can verify ownership of an address and delete the existing quantum-exposed ECDSA part of the account.
“We have this EIP that you can enable yourself, and say I'm going to kill the ellipse curve part on my EOAs. So you have the same address, and the only way to get things out of your address is a combination of account summary and this pedigree.”
“Maybe, it will be explained in the next forks, and if you ask me I think I'm on the right track.
Sanso pointed out that choosing which EIPs to include is a long process and ultimately decided by the community.
The first All Core Devs PQ “Breakout room” call is scheduled for February 4, 2026, he said.
According to Drake, the biweekly sessions will “focus on user-centric security, covering specific presets, account abstraction, and long-term transactional signature collection with leanVM.”
Journal: Bitcoin and the Threat of Quantum Computing – Timeline and Solutions (2025-2035)
Cointelegraph Features and Cointelegraph Magazine publish long-form journalism, analysis, and narrative prepared by Cointelegraph's in-house editorial team and external contributors handpicked with subject matter expertise. All articles are edited and reviewed by Cointelegraph editors in accordance with our editorial standards. Contributions of external writers are commissioned for their experience, research or opinion and do not reflect the views of Cointelegraph as a company unless expressly stated. Content published in features and magazines does not constitute financial, legal or investment advice. Readers should conduct their own research and consult qualified professionals when appropriate. Cointelegraph maintains full editorial independence. The selection, mission and publication of features and magazine content are not influenced by advertisers, partners or commercial relationships.
