The slow-moving threat that blockchains can’t ignore
Quantum computers still look like lab toys: Racks of hardware, error-prone qubits and almost no real-world applications. Yet if you check the roadmaps of major layer-1 blockchains, a new priority now sits next to scaling and modularity: post-quantum security.
The concern is simple even if the math isn’t. Most major blockchains rely on elliptic-curve signatures (ECDSA and Ed25519) to prove that a transaction came from the owner of a private key. A sufficiently powerful quantum computer running Shor’s algorithm could, in theory, recover those private keys from their public counterparts and let an attacker sign fake transactions.
There is also a “harvest now, decrypt later” angle. Adversaries can copy public blockchain data today and wait for quantum hardware to catch up. Once it does, old addresses, long-dormant wallets and some smart contract patterns could become vulnerable even if networks switch to safer algorithms later.
For long-lived public ledgers that cannot be rolled back, quantum planning is becoming an important long-term consideration. With the National Institute of Standards and Technology (NIST) publishing formal post-quantum standards and governments setting 2030-plus migration timelines, layer-1 teams now treat quantum safety as a slow-moving and irreversible risk, and a few networks are already shipping their first countermeasures.
What quantum computers actually threaten in crypto
Quantum computers don’t magically “break blockchains”; they target specific algorithms.
The big one for crypto is public key signatures.
Bitcoin, Ethereum and many other chains rely on elliptic-curve schemes (ECDSA and Ed25519) to prove that a transaction came from the holder of a private key. A sufficiently powerful quantum computer running Shor’s algorithm could recover those private keys from their public keys, making it possible to forge signatures and move funds without permission.
Not everything breaks equally. Hash functions like SHA-256 and Keccak are much more robust. Quantum search algorithms such as Grover’s algorithm provide only a quadratic speed-up there, which designers can mostly offset by increasing hash sizes and security margins. The area most likely to need future upgrades is signatures rather than proof-of-work (PoW) hashing or basic transaction integrity.
For blockchains, these areas will require long-term cryptographic upgrades to maintain expected security properties as standards evolve.
Old unspent transaction outputs (UTXOs) in Bitcoin, reused addresses on account-based chains, validator keys and signature-based randomness beacons in proof-of-stake (PoS) systems all become attractive targets.
Because cryptography migrations in critical infrastructure often take a decade or more, layer 1s have to start planning well before quantum machines are strong enough to attack them.
Did you know? The term “Y2Q” is used informally to describe the year in which quantum computers become cryptanalytically relevant, similar to how “Y2K” referred to the “year 2000.” Some early estimates suggested a 2030 horizon.
Why quantum security just jumped onto layer-1 roadmaps
Quantum risk has been discussed in academic circles for years, but it only recently became a concrete roadmap item for layer-1 teams. The turning point was the shift from theory to standards and deadlines.
From 2022 to 2024, the NIST selected and began standardizing the first wave of post-quantum algorithms — including lattice-based schemes such as Cryptographic Suite for Algebraic Lattices (CRYSTALS)-Kyber for key establishment and Dilithium for digital signatures — alongside alternatives such as Stateless Practical Hash-based Incredibly Nice Collision-resistant Signatures (SPHINCS)+. This gave engineers something they could design around instead of a moving research target.
At the same time, governments and large enterprises began talking about “crypto agility” and setting migration timelines for critical systems that extend into the 2030s. If you run a public ledger that is meant to hold value and legal agreements for decades, being out of sync with that transition becomes a governance problem.
Layer 1s also respond to headlines. Each time a major hardware or research milestone is announced in quantum computing, it revives the conversation about long-term security. Teams begin to question whether today’s signature schemes will remain safe across the full lifetime of a network. They also consider whether it is better to build post-quantum options now, while they are still optional rather than under pressure later.
Did you know? The National Cyber Security Centre in the UK has indicated that organizations should identify quantum-safe cryptography upgrade paths by 2028 and complete migration by around 2035.
The first wave: Which layer-1 networks are preparing
A small but growing group of layer 1s has moved…
cointelegraph.com