Coinbase warns that some of the world’s largest proof-of-stake (PoS) blockchains-specifically naming ecosystems like Ethereum and Solana-may be more exposed to future quantum computing threats than other types of networks, if those networks don’t begin preparing for a cryptographic upgrade in time.
The concern comes from a report released by Coinbase’s Independent Advisory Board on Quantum Computing and Blockchain. The group examined how rapidly advancing quantum technologies could undermine the cryptographic foundations that secure digital assets today, with particular attention to how validator signatures and wallet schemes are currently designed.
According to the report, proof-of-stake chains rely heavily on digital signatures that would, in principle, be vulnerable to sufficiently powerful quantum computers. These signatures verify that validators are authorized to propose and attest to blocks, and they also authenticate user transactions. Most major blockchains currently use schemes based on elliptic curve cryptography-exactly the type of math that quantum algorithms like Shor’s could eventually break.
A spokesperson for the Coinbase Advisory Board emphasized that this is not a call for panic, but for planning. Customer funds, they stressed, are secure under today’s conditions, as practical quantum computers capable of breaking production-grade cryptography do not yet exist. However, waiting until a threat is imminent would be a strategic mistake.
“The right time to prepare for a cryptographic transition is before it becomes urgent,” the spokesperson said. “Our view is that customer assets are safe today, but the industry should not confuse ‘not imminent’ with ‘not important.'”
Why Proof-of-Stake Looks Especially Exposed
The report highlights a structural difference between proof-of-work (PoW) and proof-of-stake systems that could matter in a quantum era.
In many PoW designs, a significant portion of coins sit in addresses that have never exposed their public keys on-chain. Until a user spends funds from one of these addresses, only a hash of the public key is visible, which provides an additional layer of protection against key-recovery attacks-including hypothetical quantum ones.
By contrast, PoS validators typically operate with keys that sign messages frequently and publicly. On networks like Ethereum after the transition to PoS, validators are required to submit attestations and block proposals regularly. That means their signature public keys are continuously visible on-chain and in network messages, offering more potential material for a future quantum attacker to target.
The same logic extends to staking pools, delegators, and certain smart contract designs that rely on long-lived validator or operator keys. If a future adversary with a powerful quantum machine could derive private keys from public keys, they might be able to seize validator positions, redirect rewards, or disrupt consensus.
Wallet Cryptography in the Quantum Crosshairs
It’s not just validators that could be at risk. The Coinbase advisory group also points to everyday wallet infrastructure as a critical area of concern.
Most modern crypto wallets use elliptic curve-based schemes such as ECDSA or EdDSA. These are efficient and battle-tested against classical attacks, but they are exactly the kind of primitives that quantum algorithms are expected to defeat once large-scale quantum computers become practical.
In a worst-case scenario, any address that has revealed its public key by sending a transaction could become a potential target. A quantum-equipped attacker could, in theory, reconstruct the private key and take control of the assets. For chains where most users have already spent funds from their addresses-or where public keys are otherwise exposed-this could lead to systematic risk.
While such a scenario remains theoretical today, the report argues that the migration path away from quantum-vulnerable cryptography will be complex enough that it cannot be safely postponed until the last minute.
Quantum Threat: Not Today, But Not Fiction
The advisory board is careful to situate these warnings in realistic timeframes. No existing quantum computer can break the cryptography used by Ethereum, Solana, Bitcoin, or other major networks. Building a device with enough stable qubits and error correction to do so is widely regarded as a multi-year, possibly multi-decade challenge.
Still, the report notes that the crypto industry has a long planning horizon. Assets may need to remain secure for decades. Blockchains are also notoriously hard to upgrade at the foundational level: every node must agree to new standards, and billions of dollars in value ride on avoiding mistakes in the transition.
That combination-long asset lifetimes, global coordination requirements, and potentially slow governance-means that developers and institutions cannot wait for a definitive quantum “deadline.” By the time a credible attacker appears, it may already be too late to perform an orderly migration.
What a Post-Quantum Upgrade Might Involve
Moving a major blockchain to quantum-resistant cryptography is not as simple as swapping one algorithm for another.
First, researchers must agree on which post-quantum schemes to use. A number of candidates exist, including lattice-based, hash-based, and code-based signature algorithms, but they come with trade-offs in key size, signature size, performance, and implementation complexity. Many are still being evaluated and standardized in the broader cryptography world.
Second, blockchains need to design upgrade paths that let users and validators transition their keys safely. That may involve:
– Supporting hybrid signatures that combine current elliptic curve schemes with post-quantum ones.
– Providing tools for users to move funds from “old” addresses to “quantum-safe” ones.
– Updating consensus rules so that nodes accept new signature types without forking the network uncontrollably.
Third, there’s the problem of legacy assets: coins sitting in wallets whose owners have lost keys, died, or simply gone inactive. If public keys for those addresses are already known, they could become vulnerable in a quantum era. Networks will have to decide whether such dormant funds are simply exposed by design or whether special mechanisms are needed to mitigate systemic risk.
Governance, Politics, and Economic Incentives
The Coinbase report implicitly raises a question that is as political as it is technical: who decides when to move, and under what conditions?
For large, decentralized networks, any major cryptographic change requires buy-in from core developers, validators or miners, infrastructure providers, and the broader community of users and institutions. Different stakeholders may have different risk tolerances and time horizons.
Validator operators and exchanges might support proactive upgrades to avoid becoming attack targets. Some developers might prefer to wait for more mature post-quantum standards to avoid locking into an imperfect choice. Users may resist any change that threatens compatibility with existing wallets or introduces migration friction.
These conflicting incentives could slow decision-making precisely when speed and coordination are needed. The Coinbase advisory body’s message is effectively to start the conversation well in advance-while there is still time to test, debate, and iterate.
How Proof-of-Stake Protocols Can Reduce Quantum Exposure
Even before a full post-quantum switch, PoS networks can adopt design choices that make life harder for future quantum attackers.
Possible steps include:
– Short-lived validator keys: Rotating validator signing keys more frequently so each key is exposed for less time.
– Separation of duties: Using different keys for withdrawal rights and for ongoing validation, reducing the blast radius if a validator key is compromised.
– Avoiding unnecessary public key exposure: Designing wallets and smart contracts to keep public keys hidden until funds are moved, similar to how some UTXO-based systems operate.
– Encouraging best practices: Educating validators and users on key hygiene, including the risks of reusing keys across services and chains.
These won’t eliminate the fundamental vulnerability of elliptic curve cryptography to quantum attacks, but they can lower the practical risk and buy time for a more comprehensive transition.
Institutional Preparedness and Regulatory Angle
Institutions that custody large amounts of digital assets-exchanges, funds, custodians, and financial platforms-are likely to be on the front line when quantum risk becomes more tangible.
The Coinbase advisory board suggests that these players should begin mapping their exposure: which assets rely on which signature schemes, how many customer addresses have exposed public keys, and what internal processes would need to change in a post-quantum world.
Regulators may also weigh in over time, especially if quantum risk begins to be seen as a systemic financial issue rather than a purely technical one. Supervisory bodies could eventually expect regulated entities to demonstrate some level of quantum readiness, similar to how they now require robust cybersecurity and operational resilience frameworks.
By surfacing the issue early, Coinbase’s board appears to be nudging both industry and policymakers toward a more informed, proactive stance.
What This Means for Everyday Users
For now, the practical takeaway for individual users is more about awareness than immediate action.
There is no need to rush to move funds or abandon current wallets. However, users should recognize that, over the lifespan of a long-term holding strategy, cryptographic standards are likely to evolve. Just as the internet migrated from insecure HTTP to HTTPS, the crypto ecosystem may undergo a gradual shift toward post-quantum schemes.
When that happens, users will probably be asked to update wallets, rotate keys, and possibly move funds to new address formats. Those who pay attention to network announcements and follow reputable guidance will be best positioned to transition smoothly.
The Strategic Message: Time Is the Real Asset
The central point of Coinbase’s quantum advisory report is less about imminent danger and more about how the industry values time.
Blockchains were built on the assumption that their core cryptographic primitives would remain secure for decades. Quantum computing challenges that assumption on a long enough horizon. Whether or not that challenge materializes in 10, 20, or 30 years, the complexity of a global cryptographic migration means that early preparation is a strategic advantage.
Proof-of-stake networks like Ethereum, Solana, and others are highlighted because their validator and wallet architectures put more public-key material into the open, potentially making them more attractive targets in a future quantum landscape. But the broader message applies to nearly every digital asset system in use today.
Quantum computers capable of breaking today’s cryptography are not here yet. When-or if-they arrive, the security of the crypto ecosystem will depend less on last-minute heroics and more on the groundwork laid years in advance. Coinbase’s advisory board is effectively arguing that, for anyone serious about the long-term survival of digital assets, that groundwork needs to start now.