quantum

According to CoinDesk, while quantum computers cannot disrupt the Bitcoin mining mechanism or the blockchain ledger, they may potentially crack the elliptic curve encryption system that protects wallet ownership through Shor's algorithm. Currently, about 6.9 million BTC (approximately one-third of the total supply) face potential risks due to public keys being visible on-chain, including around 1 million early holdings by Satoshi Nakamoto; transactions generated after the Taproot upgrade in 2021 are also affected due to public key exposure.Ethereum has established a formal quantum resistance migration plan since 2018, with 4 full-time teams and over 10 independent development groups, and has launched a dedicated progress website at pq.ethereum.org. In contrast, Bitcoin currently lacks a unified response roadmap, and the existing BIP-360 proposal and BitMEX Research detection scheme have not received widespread support from core developers. Notable Bitcoin advocate Nic Carter pointed out that Bitcoin's response is "the worst," while Blockstream CEO Adam Back believes that current quantum systems are still in the laboratory stage, but he also agrees that optional upgrade solutions should be deployed in advance.Analysts point out that Bitcoin's anti-centralization governance culture makes coordinating large-scale security upgrades extremely difficult, and how to handle historical legacy issues such as Satoshi Nakamoto's holdings is particularly challenging. A related paper from Google warns that once quantum attacks become a reality, the window for response may have already closed.

Project Eleven today awarded the Q-Day prize to researcher Giancarlo Lelli, who successfully derived a 15-digit elliptic curve private key from a public key using publicly accessible quantum hardware, marking the largest scale demonstration of its kind to date, a 512-fold increase from the 6-digit demonstration in September 2025.Lelli used a variant of Shor's algorithm for the elliptic curve discrete logarithm problem, which is the mathematical foundation of the Bitcoin signature scheme, with the awarded hardware featuring approximately 70 qubits. Currently, no known quantum computer can crack real Bitcoin wallets, and the security of Bitcoin's 256-bit elliptic curve remains far beyond current quantum capabilities. Notably, Google lowered its resource estimates for ECDLP-256 on March 31 and set a target for the migration to quantum cryptography after 2029, followed by Cloudflare, and the UK's NCSC also set migration milestones from 2028 to 2035.On-chain data shows that approximately 6.93 million BTC are at potential quantum risk due to exposed public keys. The Bitcoin community has proposed BIP 360 and BIP 361 to promote the migration to quantum-resistant output types, but the coordination challenges of a decentralized network remain the biggest hurdle.

The "Quantum Computing and Blockchain Independent Advisory Committee" established by Coinbase has released its first position paper. The core conclusion of this position paper is that the core infrastructure of Bitcoin is fundamentally secure. Quantum computing does not pose a substantial threat to Bitcoin mining, hash functions, and the historical records of the blockchain. The real vulnerability lies at the wallet level, and Ethereum has laid out a clear roadmap to address this issue in the near future.Previously, Coinbase announced the establishment of the Quantum Computing and Blockchain Independent Advisory Committee in January this year, with committee members including researchers from Stanford University, the University of Texas at Austin, and the Ethereum Foundation.

According to Decrypt, Coinbase's Quantum Computing and Blockchain Independent Advisory Committee released a report on Tuesday stating that proof-of-stake (PoS) blockchains may face a greater risk of exposure to future quantum computing attacks, as the cryptography relied upon by the validator signatures that protect these networks could ultimately be cracked by sufficiently powerful quantum computers. The report points out that PoS networks like Ethereum and Solana rely on cryptographic signatures—Ethereum validators use BLS signatures, while Solana validators and users use Ed25519 signatures—to help the network reach consensus on blocks and maintain consensus.The advisory committee stated, "PoS chains have exposure risks in the signature schemes used by validators to protect the network, which means that the challenges faced by PoS are not just about upgrading wallets; parts of the core consensus mechanism itself may need to be redesigned." The report mentioned recent work by Ethereum developers, including a proposal by co-founder Vitalik Buterin in February to replace BLS validator signatures, KZG commitments, and ECDSA wallet signatures with quantum-resistant alternatives.The committee also listed the digital signatures used in cryptocurrency wallets as another major long-term vulnerability, estimating that about 6.9 million bitcoins belong to the category where the public keys are already visible on-chain. The report stated that the current cryptocurrency system remains secure, as quantum computers capable of breaking modern cryptographic signatures do not yet exist.

The Coinbase Quantum Computing and Blockchain Independent Advisory Committee has released its first position paper stating that sufficiently powerful quantum computers may be able to crack the encryption mechanisms used by mainstream blockchains to protect digital assets in the future. However, such devices do not currently exist, and encrypted assets remain secure for now. The industry should begin preparing for quantum resistance upgrades starting now.The document points out that there are currently no substantial risks associated with Bitcoin mining, hash functions, and on-chain historical records; the main vulnerability lies in the digital signatures at the wallet layer. Ethereum has proposed a clearer migration roadmap, and Solana, Algorand, and Aptos have also begun to provide or plan quantum resistance solutions.

ChainCatcher reported live that Justin Sun, the founder of TRON, shared a keynote speech titled "From TRON to B.AI: Infrastructure as the Game-Changer in the AI Era" at this year's 2026 Hong Kong Web3 Carnival.He introduced that TRON currently supports about 86.4 billion USDT, with other stablecoins bringing the total close to 90 billion dollars, and the global account number has reached 376 million, making it one of the largest stablecoin settlement networks in the world. He emphasized that the most important aspects of financial services are stability and security, rather than being cheap.He pointed out that the existing payment systems are not compatible with AI, as bank accounts require human identity for opening, and each payment needs manual authorization, which cannot support high-frequency decision-making by AI. B.AI is building the underlying financial infrastructure for AI agents, allowing each AI to operate without becoming human, managing keys and on-chain wallets through cryptography to complete payments, and can anonymously call the world's most

Ripple officially announced its quantum resistance roadmap, with the core goal of making the XRP Ledger (XRPL) quantum-resistant by 2028. The roadmap primarily addresses the potential attack mode of "harvest now, decrypt later," where attackers collect encrypted data now and wait for future quantum computers to mature before cracking it.The entire plan will be implemented in four phases:Phase 1: Q-Day Emergency Preparedness (Already Started). Establish a Q-Day emergency response mechanism. If the existing classical encryption system is suddenly compromised, the network will immediately stop accepting traditional public key signatures, forcing a migration to quantum-safe accounts. At the same time, explore asset ownership verification solutions based on Post-Quantum ZK-proofs, allowing existing account holders to safely recover funds in emergencies without exposing vulnerable keys.Phase 2: Risk Assessment and Algorithm Testing (First Half of 2026). Conduct a comprehensive assessment of the impact of post-quantum cryptography on the performance, storage, and bandwidth of the XRP Ledger network. Collaborate with Project Eleven to conduct validator-level testing and Devnet benchmarking, deploy NIST standardized ML-DSA quantum-safe signature schemes, and develop prototypes for post-quantum custodial wallets. Core engineer Denis Angell has already deployed ML-DSA signatures on XRPL's AlphaNet.Phase 3: Devnet Hybrid Integration (Second Half of 2026). Parallel integration of candidate post-quantum signature schemes with existing elliptic curve signatures on the developer network (Devnet), allowing developers to test performance and system impacts without affecting the mainnet. At the same time, explore post-quantum zero-knowledge proof primitives and homomorphic encryption technologies for Confidential Transfers to enhance the privacy and compliance capabilities of tokenized real-world assets on XRPL.Phase 4: Full Mainnet Upgrade (Target 2028). Submit a formal protocol amendment, which will be fully enabled on the mainnet after being approved by validator votes, to implement native post-quantum cryptography. Focus on production-ready optimization: throughput tuning, validator reliability assurance, and coordinated migration of the ecosystem, ensuring a complete transition without affecting network speed and settlement finality.

Sonic elaborates on its technological path towards the "post-quantum era," pointing out that most current PoS public chains rely on elliptic curve signatures (such as ECDSA, Ed25519), which are at risk of being cracked once quantum computing (like Shor's algorithm) matures.Sonic states that the industry is exploring post-quantum cryptographic solutions (such as hash-based XMSS, SPHINCS+, and lattice-based Dilithium, Falcon), but mainstream consensus mechanisms generally rely on BLS aggregate signatures and threshold signatures, making the transition to post-quantum systems face challenges in performance, bandwidth, and architectural reconstruction. In contrast, Sonic's SonicCS consensus protocol does not rely on aggregate signatures or global randomness, but instead uses single-node signatures and hash functions to construct a DAG structure. Therefore, when switching to post-quantum cryptography, only the signature algorithm needs to be replaced to complete the upgrade, without the need to adjust the consensus logic or network structure. Sonic emphasizes that this design will significantly reduce the complexity of future migrations to post-quantum security, enabling the network to have stronger adaptability when quantum computing threats arise.

ChainCatcher reported live that Hong Kong Legislative Council member (Technology and Innovation sector) Kenneth K.Y. Lau shared a keynote speech titled "Steady and Progressive Development Keeps Hong Kong at Forefront of Web3 Expansion" at the 2026 Hong Kong Web3 Carnival.He reviewed the development of Web3 in Hong Kong since 2022, from the licensing system for virtual asset service providers, the pilot of tokenized products, to last year's Policy Declaration 2.0 and the SFC ASPIRe roadmap, believing that regulatory clarity is the primary condition for the industry's development.He specifically compared the regulatory paths of the United States and Hong Kong, pointing out that although the U.S. has introduced important documents such as the Clarity Act, Genius Act, and the joint statement from the SEC and CFTC, the political situation may lead to legislative delays or even reversals; in contrast, Hong Kong provides a stable, transparent, and continuous development environment in terms of product classification, legislation, and infrastructure.He also mentioned the potential threat of quantum computing to the cryptocurrency industry, believing that at least five more years are needed, but the industry should prepare in advance at the cryptographic level. Finally, he emphasized that Hong Kong needs more technology developers and should promote cross-jurisdictional connectivity to form a positive flywheel for product issuance, investor participation, and innovator entry.

The UK-listed company Quantum Blockchain announced a placement of 142,857,142 new shares at a price of 0.35 pence per share to raise £500,000. In addition, the company announced the establishment of a new Bitcoin mining subsidiary, BlocKeeper, and the new funds will be used to accelerate its AI-driven Bitcoin mining research and development.

Blockstream CEO Adam Back stated that Bitcoin should adopt an optional quantum-resistant upgrade scheme, rather than the mandatory freezing of tokens at risk from quantum threats proposed in BIP-361.The BIP-361 proposal suggests phasing out addresses vulnerable to quantum attacks over five years and ultimately freezing un-migrated tokens, including assets held by Satoshi Nakamoto. Google's latest research indicates that a superconducting qubit system may need fewer than 500,000 physical qubits to crack Bitcoin encryption in just a few minutes. Currently, about 6.9 million BTC are at risk from such threats. In response to the quantum threat, BitMEX Research proposed establishing a canary fund that would implement a full freeze only when expenditures occur from the relevant addresses.

According to market news, Blockstream CEO Adam Back stated at the Paris Blockchain Week that he supports the optional advancement of Bitcoin's quantum resistance upgrade and opposes the proposal to forcibly freeze quantum-vulnerable addresses. He emphasized that "preparation is much safer than hasty responses in a crisis" and pointed out that the Bitcoin community has the coordination ability to respond quickly to urgent vulnerabilities.Previously, the BIP-361 proposal ("Post-Quantum Migration and Legacy Signature Sunset") put forward by developers Jameson Lopp and five others advocated for the gradual elimination of quantum-vulnerable addresses over five years, ultimately freezing coins that have not completed migration— including approximately 1.7 million Bitcoins held by Satoshi Nakamoto.

According to CoinDesk, Blockstream CEO Adam Back stated at Paris Blockchain Week that Bitcoin developers should advance optional quantum-resistant upgrades as early as possible, even though practical quantum computers are still far from being realized.He pointed out that Taproot's flexible design can support the introduction of new quantum-resistant signature schemes without affecting existing users. Previously, Jameson Lopp and others proposed BIP - 361, which aims to gradually phase out addresses vulnerable to quantum attacks within 5 years and freeze Bitcoin that has not completed migration. Adam Back believes that the Bitcoin community can quickly coordinate responses in emergencies without the need for pre-established freezing arrangements.

According to official news, BitMEX Research has released a new research article proposing that in response to the risk of future quantum computers potentially breaking elliptic curve signatures, the Bitcoin network could adopt an alternative soft fork mechanism to "directly freeze" to reduce controversy and increase flexibility.The proposal revolves around "quantum-vulnerable fund freezing," but suggests avoiding the direct freezing of all related assets without evidence, instead gradually implementing security strategies through a verifiable condition-triggering mechanism. The core of the proposal is to establish a "signal vault," which contains special addresses generated using "accidental numbers" to prove that no one possesses their private keys. If passive spending occurs from that address, it will be regarded as on-chain evidence that quantum computing capabilities genuinely exist, thereby immediately triggering a comprehensive freeze of quantum-vulnerable assets.At the same time, the fund could attract capital through a multi-signature structure as a "quantum bounty," aimed at incentivizing potential attackers to expose their capabilities. The article also mentions that there is currently a BIP-361 proposal promoting the phased disabling of the old signature system and ultimately freezing risky assets, but this proposal is controversial due to its involvement in "mandatory freezing."The newly proposed "signal-trigger + security window" mechanism aims to replace the fixed-time freeze path, reducing potential system shocks while retaining Bitcoin's censorship-resistant characteristics, but it also brings complexity and execution risk trade-off issues.

Bitcoin core developer Jameson Lopp stated that, compared to the potential quantum computing attacks that may arise in the future, he prefers to "freeze" about 5.6 million long-dormant BTC from the network rather than let them be acquired by attackers. These Bitcoins have not moved for over 10 years and may be permanently lost, valued at approximately $42 billion at current prices. If future breakthroughs in quantum computing lead to the decryption of old address private keys, this portion of assets could be re-transferred, triggering severe market fluctuations or even a crisis of confidence.Although the community recently proposed BIP-361, the proposal is still in its early stages and is not an officially promoted plan, but rather more like a contingency plan to address "extreme risks."

One of the Bitcoin contributors, Jameson Loop, along with other cryptographers, has proposed an initiative that may force Bitcoin holders to migrate their tokens to new quantum-resistant addresses, or else their tokens will be permanently frozen by the network itself. In this scenario, holders technically still own these coins but will lose the ability to transfer them. This is known as Bitcoin Improvement Proposal BIP-361, which was updated on Tuesday in Bitcoin's official proposal repository, titled "Post-Quantum Migration and Old Signature Retirement."BIP-361 builds on the BIP-360 proposal introduced in February. BIP-360 introduced a soft fork (a type of network upgrade) aimed at enabling a new transaction type called "Pay to Merkle Root" (P2MR). This approach draws on Bitcoin's Taproot (P2TR) framework but removes key-based spending paths, thereby eliminating an element widely considered to pose risks in the quantum era.The BIP-361 proposal divides the migration into three phases. Phase A starts three years after activation and prohibits anyone from sending new bitcoins to old, quantum-vulnerable addresses. You can still spend from these addresses, but you cannot receive any coins. Phase B starts five years after activation and will render old signatures (ECDSA and Schnorr) completely ineffective, with the network rejecting any attempts to spend coins from quantum-vulnerable wallets.Essentially, your coins will be frozen. Finally, there is Phase C, which is a rescue plan still under research: holders of frozen wallets may potentially prove ownership through zero-knowledge proofs (a method of proving knowledge of a secret without revealing the secret itself). If successful, the coins frozen in Phase B can be recovered.

According to market news, Cypherpunk Jameson Lopp and several experts in the field of Bitcoin quantum security have proposed Bitcoin Improvement Proposal BIP-361, which suggests freezing quantum-vulnerable addresses, including Satoshi Nakamoto's reserves, to prevent future quantum computers from stealing approximately 1.7 million Bitcoins.The proposal is to be implemented in three phases: first, prohibiting transfers to legacy addresses; second, invalidating legacy signatures and freezing untransferred assets after five years; and finally, allowing some users to recover frozen funds through a zero-knowledge proof mechanism. This proposal aims to promote the migration of the entire network to quantum-resistant addresses, but it has faced opposition from some community members who believe it contradicts the decentralized ethos of Bitcoin and has a predatory nature.

According to Cointelegraph, Bernstein stated that the previous pullback of Bitcoin has to some extent reflected the market's concerns about the risks of quantum computing, believing that this threat is "real but manageable," and is not yet an imminent systemic risk.Although research, including that from Google, suggests that future quantum computers could potentially crack commonly used blockchain encryption algorithms quickly under extreme conditions, advancements in zero-knowledge proofs and post-quantum cryptography have formed a hedge to some extent.Bernstein believes that Bitcoin developers still have about 3 to 5 years to advance the post-quantum upgrade path and mentioned the current BIP-360 proposal, which could reduce some quantum exposure risks through a soft fork. Additionally, institutional investors (including ETF issuers and corporate holders) are expected to play an active role in promoting consensus for the upgrade.However, industry opinions point out that the main challenge of the post-quantum upgrade lies in user migration and consensus formation, rather than the technical implementation itself.