A recent position paper from Coinbase’s Independent Advisory Board makes a point the crypto industry should take seriously: the quantum threat may not be imminent, but the migration work is already overdue. The report focuses on the cryptographic foundations underpinning Bitcoin and Ethereum, specifically elliptic curve cryptography (ECC), which secures private keys and transaction signatures across both networks.
This framing is important because it shifts the conversation away from when quantum computers will arrive, and toward whether blockchain systems can realistically transition in time. That distinction is often overlooked in more optimistic takes.
For example, Adam Back has previously argued that Bitcoin faces no meaningful quantum threat for at least 20 to 40 years, suggesting the network can upgrade well before any cryptographically relevant quantum computer emerges. That view assumes the threat only begins when quantum machines can break keys in real time. The Coinbase paper implicitly challenges that assumption. The issue is not just the arrival of quantum capability, it is whether the ecosystem can complete a complex, global migration before that point.
The threat is not binary, and it’s already accumulating
One of the key takeaways from the Coinbase analysis is that quantum risk does not appear overnight. It builds gradually, particularly in systems like blockchains where data is permanently exposed. Public keys and transaction histories can be harvested today and exploited later, a “store now, decrypt later” dynamic that fundamentally changes how risk should be assessed.
This is not a theoretical edge case. Estimates from Deloitte suggest that around 4 million Bitcoin, around 25% of the usable supply, sit in addresses with exposed public keys. These are precisely the types of assets that could be vulnerable if quantum capabilities advance faster than expected.
And this is not unique to Bitcoin. Ethereum and most blockchain networks rely on ECC, which is widely understood to be vulnerable to Shor’s algorithm once sufficiently advanced quantum systems are available. Vitalik Buterin has already outlined emergency procedures for such a scenario, acknowledging that the risk, while uncertain in timing, is credible enough to plan for.
The “upgrade later” assumption is structurally weak
The idea that Bitcoin can simply adopt post-quantum cryptography when needed underestimates the complexity of doing so. Upgrading Bitcoin’s signature scheme can’t be considered minor patchwork, it is a fundamental protocol change requiring coordination across a decentralized and often ideologically divided community.
Even modest upgrades have historically taken years. Taproot, for example, required prolonged debate and careful coordination before activation. A transition to post-quantum cryptography would be significantly more complex, both technically and politically.
The timeline is tightening
While some still view quantum computing as a distant concern, recent developments suggest the timeline may be accelerating. IBM has indicated that advances in chip design and error correction could enable quantum advantage as early as 2026, with early fault-tolerant systems potentially arriving by 2029.
At the policy level, governments are already responding. The European Commission and EU Member States have released a coordinated roadmap for transitioning to post-quantum cryptography, with initial strategies required by 2026, adoption in critical sectors by 2030, and broader completion by 2035.
These timelines are not predictions of immediate disruption, but they do suggest that institutions are planning for a scenario where quantum risk becomes relevant sooner rather than later. In that context, a 20-to-40-year window begins to look less certain.
Assessing the market consequences of delayed action
What makes this issue particularly significant for crypto is not just the technical risk, but the potential market impact of a delayed response.
If quantum capabilities were used to derive private keys from dormant wallets, large volumes of long-inactive Bitcoin could suddenly move, affecting liquidity and price stability. Similarly, if quantum advantages were applied to mining, it could disrupt the competitive balance of proof-of-work systems.
Even before such scenarios materialize, perception matters. Institutional investors are increasingly focused on infrastructure risk. If quantum preparedness becomes part of that evaluation, networks that appear slow or uncertain in their migration path may face higher risk premiums or reduced participation.
The Coinbase advisory paper points to a more practical conclusion: the question is not whether quantum computing will arrive tomorrow, but whether systems are prepared to transition when it does.
Preparing before the deadline
Post-quantum cryptography is necessary, but it is not a simple switch that can be flipped at the last moment. It requires planning, coordination, and time. The longer the industry waits, the more compressed and disruptive that transition becomes. The crypto ecosystem has spent more than a decade building systems designed to be resilient and trustless. Quantum computing introduces a different kind of challenge, one that tests whether those systems can adapt under pressure.
The takeaway from the Coinbase paper is that the threat may not be immediate, but preparation cannot be deferred indefinitely.
Adam Back may be right that fully capable quantum systems are years away, but the migration problem exists today, and in this case, the timing of the response may matter more than the timing of the threat itself.
