Quantum and blockchain: When should you really be worried?

The threat from quantum computers to blockchain is often completely misunderstood. Many people think that this security warning is just a matter of the future or, conversely, that blockchain needs to undergo a comprehensive transformation immediately. In reality, the situation is much more complex and varies greatly depending on the type of encryption system used.

Real Risks: Harvest Now, Decrypt Later

The most dangerous attacks are not in the future but are happening right now. Attackers store encrypted communications today, waiting until they have sufficient quantum computing power to decrypt them (called HNDL - Harvest Now, Decrypt Later). This means that national security data or personal information considered “safe” today could be fully exposed in 10-50 years.

With this awareness, systems that need long-term information protection must implement quantum-resistant encryption immediately. However, this applies only to encryption—not to digital signatures.

Signatures Have No “Storage Issue”

This is a key point that many overlook: digital signatures operate completely differently from encryption.

When you send an encrypted message, an attacker can store that ciphertext and later decrypt it if they have enough computational power. But signatures do not have “hidden private content” that needs to be decrypted.

Even if future quantum computers can forge signatures successfully, this would only affect future transactions and authorizations—signatures verified in the past remain valid. There is no way for a quantum attack to overturn historical verification or expose hidden information from old signatures.

Therefore, popular signature algorithms on blockchain like ECDSA and EdDSA, although needing upgrades in the future, do not need to be changed immediately.

ZKP: Lower Priority Level

Zero-Knowledge Proofs (zkSNARKs) have a completely different security model. Although zkSNARKs currently use elliptic curves, their “zero-knowledge” property remains secure against quantum computers. The reason: proofs do not contain personal data that quantum algorithms can recover. Thus, zkSNARKs pose no HNDL risk, and their upgrade priority is lower than signatures.

Practical Priority Order for Blockchain

• Most urgent: Long-term secure communication encryption
• Level 2: Signature upgrades (but not immediately)
• Level 3: Upgrading zkSNARKs and zero-knowledge proofs

Bitcoin: A Difficult Exception

Bitcoin is the only exception that needs to act now despite the distant quantum threat. The reason is not purely technical but due to the complexity of this blockchain:

First, Bitcoin updates its protocol extremely slowly. Any security change can cause controversy, splits, or hard forks.

Second, early Bitcoin used P2PK (public key addresses directly on-chain), with public keys visible. Quantum computers could use Shor’s algorithm to directly derive private keys from the publicly revealed keys. This is more dangerous than modern systems (hiding public keys via hashing).

Third, upgrading Bitcoin cannot automatically transfer assets because keys are held by users. This means millions of BTC from addresses that are lost, inactive, or abandoned will be permanently exposed to future quantum signature forgery.

Therefore, Bitcoin needs to develop an irreversible migration plan starting today—not because of an immediate threat, but due to the slow pace of implementation.

Warning: Rushed Upgrades Are Even More Dangerous

Although the quantum threat exists, rushing to a full transition carries greater risks:

Current quantum-resistant algorithms (ML-DSA, Falcon) have significant performance costs—signature sizes are tens to hundreds of times larger than current ones. They are vulnerable to side-channel attacks, floating-point errors, or parameter misconfigurations leading to key leaks. Some quantum-resistant algorithms have even been broken by classical algorithms (Rainbow, SIKE).

Practical Strategy for Blockchain

Instead of blindly switching, blockchain should:

• Use hybrid encryption for long-term secure communication (post-quantum + classical)
• Hash-based signatures for low-signature cases (firmware, system updates)
• Maintain a plan and research for public key layers, aligning with Internet PKI standards, and proceed cautiously
• Design abstract accounts or modular architectures, allowing signature upgrades in the future without breaking identity and asset history on the chain

This way, blockchain can prepare for the quantum era without creating an immediate security crisis today.