A new report from Quantus, a layer-1 blockchain built from day one with post-quantum cryptography, is sounding the alarm that quantum computing advances are rapidly closing the window for the $2.7 trillion crypto ecosystem to migrate to quantum-resistant security. Titled State of Quantum Computing: What Crypto Can’t Afford to Ignore, the report warns that the "Great Quantum Filter" — the moment capital begins fleeing vulnerable chains for quantum-secure ones — may arrive sooner than many expect.
The research highlights a dramatic compression in the estimated resources needed to break Bitcoin's secp256k1 elliptic curve. A March 2026 paper from Google Quantum AI suggested that Shor’s algorithm could break the curve with fewer than 500,000 physical qubits under certain hardware assumptions. Over roughly a year, three separate papers reduced the projected quantum resources required by nearly an order of magnitude. While no existing machine can currently break Bitcoin encryption, the trajectory is concerning.
The crypto industry faces unique challenges that traditional internet companies do not. Blockchains permanently expose public keys on public ledgers, creating a "harvest now, crack later" risk. Quantus warns that between 2.3 and 3.7 million Bitcoin — including wallets believed to belong to Satoshi Nakamoto — are likely inaccessible, meaning they cannot be migrated and will become permanent targets once quantum attacks become practical. Auryn Macmillan, co-founder of Gnosis Guild, proposes a hard deadline after which vulnerable accounts would be frozen.
NIST finalized post-quantum encryption standards in August 2024, and companies like Google, Signal, Apple, and Cloudflare are already deploying protections. In crypto, Ripple has set a 2028 deadline to quantum-proof the XRP Ledger, acknowledging the threat as credible. However, Bitcoin’s transition is especially thorny due to governance coordination, scaling concerns, and the risk of introducing new bugs. Stanford cryptographer Dan Boneh, co-author of the Google paper, cautions that a rushed migration could be more dangerous than the quantum threat itself, advocating a gradual, hybrid approach.
Hardware limitations also loom: ML-DSA-87 signatures would increase transaction sizes by 74x, straining block space and hardware wallets. Quantus’s own Wormhole Addresses technology uses Plonky2, STARK-style proof aggregation, and Poseidon2 to move verification off-chain and dramatically reduce post-quantum storage costs.
