The problem of the quantum threat to crypto no longer seems like something from the distant future. After decisions by NIST, warnings from Coinbase and updates from Google , projects have to decide: is there a real plan behind the words about “quantum-ready,” or is it just marketing?
In August 2024, NIST approved the first three post-quantum cryptography standards and directly recommended starting the transition now. The deadline is strict — by 2035, vulnerable public key algorithms must be phased out of use.
Coinbase came to the same conclusions. In its recent report, the company’s advisors noted that blockchains, wallets, exchanges, and custodians should prepare in advance, without waiting for market pressure. At the same time, the lack of clear transition solutions is already starting to scare off some investors.
In March, Google also stated its position. The company set an internal deadline to transition to post-quantum cryptography by 2029 and updated its threat model, focusing on authentication systems.
In all these cases, the approach is the same: it’s no longer about a theoretical threat, but about readiness to act. As a result, the issue of post-quantum protection goes beyond cryptography and becomes a test for the projects themselves — their management, strategy, and trustworthiness.
The Problem of Transition at All Levels
The Coinbase report emphasizes that the transition to post-quantum cryptography affects not just individual components, but the entire infrastructure as a whole. This includes consensus, execution layer, wallets, exchanges, custodians, key management systems, and even hardware.
The main difficulty is that not all elements are ready to move at the same speed. Hardware wallets and security modules are updated slowly, MPC support may vary depending on the algorithm, and many major blockchains still haven’t chosen specific post-quantum signatures.
At NIST , this is called crypto-agility. Essentially, it’s the ability to quickly change algorithms at all levels, from protocols to hardware, without breaking the system. And this is exactly where most projects still don’t have a clear answer as to whether they are ready for such a transition.
A separate question is BTC. According to Coinbase, network developers are still taking a wait-and-see approach. But such caution creates uncertainty in the market. Already, about 13.6 million addresses have exposed public keys, and in the event of a transition, at least several months of coordinated work will be required.
See Also: The CLARITY Act Is Delayed Until May, but Rules for Stablecoins Are Already Moving Forward
While the community discusses possible solutions like BIP 361, other players are trying to act faster. The report notes that Ethereum already has a migration plan, and L2 solutions like Optimism, Arbitrum and Base have announced preparations for post-quantum protection. For example, Optimism even specified a concrete date — January 2036, after which old ECDSA keys will no longer control assets.
There are also more practical steps. Algorand reported that it conducted the first post-quantum transaction on its mainnet back in 2025, using Falcon signatures.
At the same time, infrastructure companies are picking up the topic. Trezor is promoting its devices with a focus on “quantum readiness,” including not only transaction signatures but also firmware and hardware verification. The situation is similar in the cloud. AWS has already added support for new algorithms and hybrid solutions, showing that the transition is not a distant prospect, but a task for the coming years.
In fact, the market has already begun to split. Companies that offer concrete solutions are gradually strengthening their positions, while those who limit themselves to statements risk losing trust.
The Trust Test
Readiness for the post-quantum era is gradually becoming a marker of maturity. Companies use it as a signal to the market, even before the threat itself becomes real. This is similar to how proof-of-reserves, audits, and security certificates worked in the past.
The Coinbase report directly states that communities should not delay decisions. The longer uncertainty persists, the more it affects investor behavior even now.
A similar approach is taken by NIST. There, the transition to post-quantum cryptography is viewed as a long-term program that affects the entire organization. It’s not just about algorithms, but also about hardware inventory, system compatibility, management, and budgeting.
Governments are also getting involved. China has stated that it wants to develop its own standards within three years, with a priority for the financial and energy sectors. The UK has outlined key milestones for 2028, 2031, and 2035, linking them to investment decisions and security strategy.
See Also: Banks Try to Slow Down the Implementation of the GENIUS Act on Stablecoin Regulation
The US and South Korea are aiming for the same horizon by 2035, considering the crypto market as part of a broader transformation.
Technological progress is also creating additional pressure. In March, Google presented research showing that breaking modern cryptographic schemes may require significantly fewer resources than previously thought. The requirements could be reduced by almost 20 times.
At the same time, Google notes that overestimated or inaccurate assessments also harm the market. They create unnecessary noise and undermine trust even before a real threat appears.
In the end, the picture is simple. The question is no longer just when quantum computers of the required level will appear. What matters is how projects behave now. As noted by Coinbase, trust has already become a market factor, regardless of whether this threat comes tomorrow or in years.
Two Scenarios for the Post-Quantum Transition
If at least a few major ecosystems show clear and detailed transition plans, the topic of post-quantum protection will quickly stop being just a checkbox. It will become a real competitive advantage when working with institutions.
This is already starting to show at the infrastructure level. Examples like Trezor and AWS demonstrate that “quantum readiness” is gradually turning from an abstract idea into a concrete product.
Against this backdrop, the market may go one of two ways.
In the first case, projects start to play openly. They publish specific algorithms, transition timelines, wallet and custody upgrade plans, and consider work with hardware and key management. For the market, this looks like a mature and serious approach.
Yes, the transition itself remains complex, but at least it is manageable. In this situation, readiness for the post-quantum era becomes an important factor when choosing partners. Those who work through everything at once, from protocol to infrastructure, win. Any gap in this chain, lack of deadlines, or clear plan is considered a failure.
In the second scenario, everything is limited to loud statements. Projects talk about “quantum-ready,” but do not disclose details. There is no choice of algorithms, no timelines, no understanding of how wallets, hardware, and key infrastructure will be updated.
See Also: Coinbase Assessed Quantum Risks and Highlighted Algorand and Aptos
From the outside, this looks like marketing without substance. Internally, it means that dependencies have not been worked out, and at the moment of real need, the transition may simply not happen. In this case, uncertainty starts to work against the project. Institutional players are more likely to choose those who are already showing concrete steps, even if their solutions are not yet perfect.
A separate problem is that there may be more and more of these “empty” roadmaps. Already, many blockchains have not even decided on basic things, such as the choice of post-quantum signatures. If the market moves toward vague promises, it will signal weak management.
In the end, those who move in sync along the entire chain will win. Not only L1 and L2 teams, but also wallet developers, hardware manufacturers, KMS providers, exchanges, and custodians. Only this approach allows for real preparation for the transition.
The main thing that is changing now is the context itself. After the actions of Coinbase, NIST and major tech companies, quantum risk is no longer something remote. Reputational separation has already begun, and projects that treat the post-quantum transition as a current task look much more reliable to the market.
