Section III: Quantum-Resistance Transition — Quantum Resistance

Having established the threat landscape and vulnerability patterns, we now turn to how major blockchain networks are responding. Each network faces unique architectural constraints and governance challenges that shape their migration strategies. Bitcoin must balance immutability with security upgrades, while Ethereum leverages its more flexible upgrade culture. The technical solutions exist, but implementing them requires navigating complex social coordination problems that test the limits of decentralized governance.

Bitcoin's Approach

The Bitcoin developer community is actively working on concrete plans to protect the network against future quantum threats, with several serious proposals now under review. The vulnerable legacy outputs discussed in Section II, including coins from Bitcoin's earliest days, represent a disproportionately large amount of value concentrated in a small number of exposed transactions.

The technical solutions under consideration are sophisticated, building on Bitcoin's existing upgrade mechanisms. One prominent proposal, BIP-360, would introduce a new address type designed specifically for quantum resistance. The approach builds on Taproot's architecture but disables the features that expose public keys, replacing them with quantum-safe alternatives. This represents a gradual approach that could be adopted without breaking existing functionality.

However, the core challenge isn't technical but social and economic: should Bitcoin force users to migrate, or make it optional? Proposed solutions span a wide spectrum. Jameson Lopp's QBIP proposal outlines a multi-year deprecation plan with phased changes, including a widely publicized "flag day" about five years after activation for invalidating vulnerable spends. Agustín Cruz's more aggressive "QRAMP" protocol proposes hard deadlines for the upgrade, though this faces pushback over potentially making dormant funds unspendable. Other proposals explore commitment schemes allowing current holders to prove ownership and move assets safely, or deadline-based systems with grace periods.

The debate intensifies when considering what should happen to dormant holdings that can't or won't be moved before quantum computers arrive. Some propose permanently burning the at-risk assets to prevent quantum seizure. Others suggest doing nothing and allowing quantum-equipped actors to claim abandoned coins, treating it as a kind of digital salvage. A third approach would allow vulnerable coins to be claimed but impose transaction limits that slow the drainage process, creating competition among would-be claimants and driving fees to miners rather than letting the value be easily extracted.

Each option faces significant philosophical resistance within the Bitcoin community. The ethos strongly opposes burning holdings that are rightfully owned, even if the owner is presumed dead or absent. The principle of immutable property rights runs deep in Bitcoin culture; many view Satoshi-era holdings as legitimately belonging to their original owners, and any protocol change that makes them unspendable, whether through burning or redistribution, violates the fundamental promise that "your keys, your coins" means permanent ownership. This creates a painful tension: protecting the network from quantum attack may require violating the very property rights that make Bitcoin valuable in the first place.

Ultimately, for truly lost or abandoned assets where private keys are genuinely gone, developers face this difficult choice: either these funds will be stolen by whoever possesses quantum computing capabilities first, or they will become unspendable through protective consensus changes. While Satoshi himself discussed in 2010 the need to adopt a new cryptographically sound system in response to a cryptographic break, this solution only works for those who still control their private keys. No consensus has emerged on timelines or enforcement, but Bitcoin Optech continues tracking these debates as they evolve from early concepts toward potential consensus rules.

Ethereum's Approach

Unlike Bitcoin's philosophical tensions around property rights and coin burning, Ethereum faces primarily technical engineering trade-offs. The community's more flexible upgrade culture allows for iterative solutions, though the practical obstacles remain substantial. The signature schemes currently used by both user accounts and validators would be susceptible to the attacks discussed earlier.

The upgrade strategy centers on a multi-pronged, staged approach rather than a single protocol-wide switch. For user transactions, EIP-7932 proposes supporting multiple signature algorithms to enable post-quantum schemes while maintaining backward compatibility with existing accounts. Account Abstraction is serving as a key on-ramp, allowing smart wallets to implement these quantum-safe signatures without requiring immediate protocol changes. The Ethereum Foundation is actively funding research into post-quantum multi-signature schemes to address the larger signature sizes that come with quantum-resistant algorithms.

However, these new algorithms come with significant practical trade-offs. The most immediate challenge is the dramatic increase in data size. A current Ethereum signature is just 65 bytes. Quantum-resistant alternatives range from around 2,400 bytes to over 29,000 bytes depending on the algorithm and security level chosen. That represents a 37x to 450x increase in signature size.

These size increases directly impact blockchain operation in multiple ways. Transactions become larger, leading to increased storage requirements and blockchain bloat. Higher transaction fees follow naturally from the increased data that must be processed and stored. Slower verification times can also affect block processing and network throughput, presenting a major engineering hurdle for protocol developers who must balance security against usability.

Beyond user accounts, researchers are exploring alternatives for Ethereum's broader architectural foundations. The cryptographic techniques used for data availability, like KZG commitments discussed in Chapter II, also need quantum-resistant replacements. Hash-based and STARK-style constructions are promising candidates because they only face Grover's more manageable speedup rather than Shor's devastating advantage. The Ethereum Foundation is funding this research, and there are proposals for an emergency recovery fork that could quickly freeze exposed accounts if quantum breakthroughs happen suddenly.

Solana’s Approach

Solana faces a more immediate exposure concern: most Solana account addresses directly reveal the public key from the moment they are created, unlike Bitcoin or Ethereum where the public key can remain hidden until a transaction is made. This means every Solana address is already visible to potential future quantum attackers. In December 2025, the Solana Foundation collaborated with Project Eleven on a threat assessment and a testnet prototype using post-quantum digital signatures, treating this as a forward-looking migration exercise rather than an emergency response.

The prototype work focuses on stress-testing how quantum-resistant signatures would affect throughput, compute costs, and fees if adopted broadly. Meanwhile, Solana's ecosystem has experimented with opt-in wallet-level protections using hash-based one-time signatures for users who want extra security now. This approach is useful as a stopgap, but not a full network-wide migration plan.