Key Takeaways:

• Quantum computing threatens asymmetric cryptography used in blockchain signatures

• Traditional cryptographic transitions took 15+ years; blockchain may need even longer

• NIST standards provide algorithm guidance but lack blockchain-specific implementation plans

• "Crypto agility" offers strategic flexibility over immediate post-quantum migration

• Long-term timestamping could provide data integrity beyond individual cryptographic lifespans

The Silent Existential Risk

BGIN Block #12 in Tokyo confronted one of blockchain's most significant yet understated challenges: the looming threat of quantum computing to cryptographic foundations. As one cryptography expert bluntly framed the issue:

"Quantum computing isn't just another technical upgrade—it represents an existential risk to blockchain systems that rely on today's asymmetric cryptography. When the break happens, it will be sudden and catastrophic."

The session unpacked this complex challenge while exploring potential pathways for the industry to navigate what could be the most significant technical transition since the inception of blockchain technology.

Understanding the Quantum Threat

The quantum risk primarily targets asymmetric cryptography—the public-private key infrastructure that enables digital signatures in virtually all blockchain systems:

Vulnerable Components:

• Digital signatures (e.g., ECDSA used in Bitcoin and many other blockchains)

• Key exchange mechanisms

• Public-key encryption systems

More Resilient Components:

• Symmetric encryption (requiring larger key sizes)

• Hash functions (requiring larger output sizes)

"A sufficiently powerful quantum computer could use Shor's algorithm to break ECDSA in hours or days," noted a cryptographic researcher. "While symmetric cryptography and hash functions would require significantly more quantum resources to break, making them more resistant in the near term."

The Timeline Challenge

One of the most significant challenges in addressing post-quantum security is the uncertain timeline:

"Previous cryptographic transitions—like moving from SHA-1 to SHA-2—took more than 15 years, and that was with centralized coordination," explained a security specialist. "Blockchain's decentralized nature makes consensus-driven cryptographic changes exponentially more difficult."

Participants debated two competing timeline pressures:

1. Premature Migration Risk: Rushing to implement immature post-quantum solutions could introduce new vulnerabilities

2. Delayed Response Risk: Waiting too long could leave systems exposed when quantum capabilities suddenly advance

As one attendee observed: "The challenge is that we're trying to solve tomorrow's problem with today's tools, but we don't know precisely when tomorrow arrives."

NIST's Standardization Efforts

The session highlighted the National Institute of Standards and Technology's crucial role in standardizing post-quantum cryptography:

Selected PQC Schemes:

• CRYSTALS-Dilithium: A lattice-based signature scheme

• FALCON: Another lattice-based signature approach

• SPHINCS+: A hash-based signature scheme

• FAEST: A symmetric-key-based signature scheme

NIST's January 2025 transition document sets deadlines for federal agencies, but as one participant noted:

"NIST standards provide algorithm guidance, not blockchain-specific implementation plans. Blockchain networks need their own transition frameworks that account for decentralized governance and consensus."

Blockchain-Specific Risks

A 2016 paper referenced during the session outlined specific quantum vulnerabilities in Bitcoin:

• Broken SHA-256: Could enable theft and double-spending

• Broken ECDSA: Would allow transaction forgery and fake network alerts

• Layer 2 Implications: Solutions like zero-knowledge proofs would fail if underlying cryptography breaks

"The implications go beyond just Bitcoin," a researcher emphasized. "Any chain using vulnerable cryptography faces similar risks, and the effects cascade through the entire ecosystem, including layer 2 solutions, cross-chain bridges, and DeFi protocols."

Crypto Agility: A Strategic Alternative

The concept of "crypto agility"—the ability to rapidly switch cryptographic primitives if compromised—emerged as a key strategic alternative to immediate post-quantum migration:

"Rather than rushing to replace current algorithms with post-quantum ones, we should focus on building systems that can seamlessly transition between cryptographic schemes," suggested one architect. "This gives us flexibility to adopt the most secure solutions as they mature, rather than betting everything on today's post-quantum algorithms."

A 2017 approach was highlighted: wrapping old signatures with secure, long-term schemes that can be upgraded over time, providing a migration path without requiring immediate, wholesale replacement.

Blockchain-Based Long-Term Timestamping

A particularly innovative concept presented was blockchain-based long-term timestamping with algorithm renewal capability:

"Traditional timestamping authorities are vulnerable to compromise or cryptographic breaks," explained a researcher. "Blockchain provides decentralized, tamper-resistant timestamping, but its security is tied to the underlying cryptography. As algorithms weaken, we need renewal mechanisms to maintain timestamp validity."

The proposed scheme would:

1. Group Blocks: Periodically bundle blockchain blocks for efficient processing

2. Rehash Data: Apply stronger cryptographic functions before old ones weaken

3. Transfer Assets: Move to new keys using updated signature schemes

4. Client Options: Allow various renewal approaches based on privacy needs

"This approach could provide data integrity guarantees that outlive individual cryptographic algorithms," noted a participant. "Especially critical for data that must maintain verifiable integrity for decades—like government records, intellectual property, or digital art."

Strategic Options for BGIN and the Industry

The session concluded with a discussion of potential work items for BGIN and strategic approaches for the broader industry:

Potential BGIN Contributions:

• Define post-quantum requirements specific to blockchain systems

• Create transition frameworks for non-PQC chains

• Focus on signature schemes as the most critical component

• Consider encryption for long-term data confidentiality

Strategic Perspectives:

Some participants emphasized the market incentives already at play:

"Quantum 'treasure hunters' could claim unupdated Bitcoin once quantum computing reaches sufficient scale. There's a natural incentive to update vulnerable systems," argued one economist.

Others highlighted implementation realities:

"Browser updates happen cheaply and with central coordination. Bitcoin's decentralized nature makes it far more difficult and costly to update," countered a protocol developer.

Three Strategic Paths Emerged:

1. Warning First: Raise awareness about the catastrophic risk of quantum breaks before pushing specific solutions

2. Agility Focus: Prioritize flexible designs that can accommodate various post-quantum algorithms as they mature

3. Governance Solutions: Explore custody and hybrid signature models that simplify future transitions

"Past cryptographic migrations like SHA-1 took 20+ years," noted a security historian. "Bitcoin's signatures need to survive 20+ years from their creation date. The urgency is real even if the timeline remains uncertain."

BGIN's Direction

The group reached a consensus that BGIN should:

• Raise awareness about quantum computing risks to blockchain

• Promote crypto agility as a strategic approach

• Delay prescribing specific post-quantum algorithms until standards mature further

As one participant concluded: "The quantum threat to blockchain isn't going away, but neither is it here today. Our best approach is to build flexible systems now while continuing to monitor quantum advances, rather than rushing into potentially premature solutions."

Get Involved

The post-quantum transition represents one of blockchain's most significant technical challenges. BGIN invites cryptographers, blockchain developers, and security experts to contribute to this critical work.

We've launched a dedicated working group on Blockchain Crypto Agility - comment or join below.

This blog post is based on discussions from BGIN Block #12, Tokyo, Japan, March 3, 2025.

For more information about BGIN and upcoming events, visit [BGIN]

Join the conversation on our forum & Working Group Calls