You were told your private keys were unbreakable. You were told the math would protect your money for a hundred years. So why are NIST, Google, and Coinbase all issuing the same warning at the same time — and why does that warning sound like a deadline?
NIST finalized its first three post-quantum cryptography standards in August 2024, telling organizations to begin migrating immediately and setting a 2035 deadline to deprecate quantum-vulnerable public-key algorithms [1]. Coinbase’s advisory board followed, arguing that blockchains, wallet providers, exchanges, and custodians should prepare before urgency arrives — warning that unresolved migration decisions are already deterring investment [2]. In March, Google set an internal PQC migration timeline for 2029 and updated its threat model to prioritize authentication services [3].
Three independent institutions, three identical conclusions, one operative word: now.
The Technology Beneath the Ticking Clock
Google’s March research paper changed the math — literally. The team compiled circuits to break 256-bit elliptic-curve discrete logarithm problems using fewer than half a million physical qubits, a nearly twenty-fold reduction compared with prior resource estimates [3]. That means the cryptographic assumptions underpinning Bitcoin, Ethereum, and virtually every major blockchain are eroding faster than the industry assumed. Coinbase’s paper estimates roughly 13.6 million Bitcoin addresses whose public keys are already exposed on-chain — addresses a sufficiently powerful quantum computer could drain without the owner’s cooperation [2].
The technical migration is a full-stack problem. Coinbase maps the burden across consensus layers, execution layers, wallets, exchanges, custodians, key management systems, and hardware [2]. NIST defines crypto-agility as the ability to replace and adapt algorithms across protocols, applications, hardware, firmware, and infrastructure while preserving operations [1]. Against that definition, most crypto infrastructure providers cannot yet confirm their stack can absorb an algorithmic transition without disruption. Algorand claims it executed the first post-quantum transaction on mainnet in 2025 using Falcon signatures [8]. Optimism has published a January 2036 flag day, at which point ECDSA signing keys lose control of externally owned account assets [6]. Bitcoin’s core developers, by contrast, maintain a wait-and-see posture as the community discusses BIP 361 [2].
Trezor now markets its Safe 7 as having a “quantum-ready architecture,” extending the claim beyond transaction signing to firmware authenticity and hardware verification [4]. AWS KMS supports ML-DSA digital signatures and hybrid post-quantum TLS using ML-KEM, framing migration as a near-term priority [5]. The productization has begun. Whether it signals substance or marketing depends on what you demand from your providers.
The code is being rewritten. Whether the institutions behind it move fast enough is another matter entirely.
The Money: Where Credibility Meets Capital
The strongest argument against panic is this: a cryptographically relevant quantum computer does not exist yet, and timelines for its arrival remain speculative. If the threat is still a decade away, why spend billions migrating today?
Because credibility is already a market input, independent of when the attack arrives [3]. Coinbase’s paper states explicitly that unresolved public decisions around migration are deterring investment right now [2]. That is not a theoretical risk — it is capital flowing away from uncertainty and toward clarity. When institutions choose where to custody assets and which chains to build on, post-quantum readiness is becoming a due-diligence checkbox alongside proof-of-reserves and SOC reports [2].
The financial logic is straightforward. Firms that publish specific algorithms, public migration roadmaps, custody upgrade plans, and hardware support signal seriousness and crypto-agility [2]. Firms that offer vague “quantum-ready” claims without algorithm commitments signal operational ambiguity. The market is already sorting between the two. Trezor’s public marketing and AWS’s production PQC features show that reputational differentiation has started at the infrastructure layer [4][5].
The market priced in the future. The future just arrived with a different owner than advertised.
The Politics: Quantum Is a Geopolitical Coordination Problem
You might think post-quantum cryptography is a technical problem. It is not. It is a geopolitical coordination problem, and the governments are already moving.
China announced plans to develop national PQC standards within three years, prioritizing finance and energy [9]. The UK’s NCSC has laid out milestones for 2028, 2031, and 2035, stating those dates anchor investment decisions and broader security planning [7]. The US and South Korea are both working toward 2035 migration horizons, positioning crypto as one sector inside a coordinated global transition [1]. NIST frames PQC migration as a long-term, organization-wide program requiring hardware inventories, interoperability planning, governance, and budget allocation across every layer of operations [10].
Apply the honest lens here: is this enabling crypto or capturing it? The answer is both. Standardization creates the framework within which crypto can mature — that has always been true, from MiCA to SEC guidance. But it also means the entities best positioned to execute full-stack migration are the largest, most resourced, and most institutionally connected players. The EU’s MiCA framework, forward-thinking as it is, will eventually intersect with PQC requirements in ways that favor incumbents with compliance infrastructure [1].
Regulation came. It just came with a quantum deadline attached.
Real People, Real Stakes
If you hold Bitcoin in a self-custody wallet whose public key is already on-chain, you are trusting that today’s signatures remain unbroken for decades [2]. If your assets sit with a custodian that has no published post-quantum migration plan, you are making the same bet by proxy. Coinbase’s paper warns that hardware-based wallets and hardware security modules take time to update, and that MPC support may differ by algorithm [2].
This is not abstract. The 13.6 million exposed Bitcoin addresses represent real holdings belonging to real people [2]. A transition would require at least several months of coordinated work once a post-quantum path is adopted [2]. If you are not asking your wallet provider, your exchange, and your custodian what their post-quantum plan is, you are accepting their silence as a strategy.
The revolution was always about giving you control. The question is whether you still have it when the math changes.
What Comes Next?
Crypto succeeds or fails based on the depth of institutional adaptation. That is the thesis, and post-quantum readiness is its newest stress test. If one or two major ecosystems publish credible end-to-end migration plans, readiness graduates from a due-diligence question to a genuine institutional sales advantage [2]. The firms that demonstrate crypto-agility across the full stack — protocol, custody, hardware, and key management — will capture institutional relationships that competitors without roadmaps cannot easily match.
If vagueness becomes the dominant mode, silence and incomplete disclosure become evidence of operational immaturity [2]. Roadmaps without deadlines, no signature-scheme choice, no custody or hardware coordination — these are not plans. They are press releases.
Google argues that inaccurate or unsubstantiated resource estimates undermine confidence through fear, uncertainty, and doubt, even before a real attack occurs [3]. We agree. But the antidote to FUD is not silence. It is specificity.
— REFERENCES —
[1] NIST, “Post-Quantum Cryptography Standards: FIPS 203, 204, 205”, National Institute of Standards and Technology, 2024
[2] Coinbase Advisory Board, “Preparing for a Post-Quantum Future: Cryptocurrency Migration Challenges”, Coinbase, 2025
[3] Google Quantum AI, “Resource Estimates for Breaking Elliptic Curve Cryptography”, Google Research, 2025
[4] Trezor, “Safe 7 Quantum-Ready Architecture”, Trezor Support Documentation, 2025
[5] Amazon Web Services, “ML-DSA and ML-KEM Support in AWS KMS”, AWS Security Blog, 2025
[6] Optimism Foundation, “Post-Quantum Migration Flag Day: January 2036”, Optimism Governance, 2025
[7] UK National Cyber Security Centre, “Preparing for Post-Quantum Cryptography: Milestones 2028-2035”, NCSC, 2025
[8] Algorand Foundation, “First Post-Quantum Transaction on Mainnet Using Falcon Signatures”, Algorand, 2025
[9] China State Council, “National PQC Standards Development Plan”, PRC Government, 2025
[10] NIST, “Migration to Post-Quantum Cryptography: Preliminary Roadmap”, National Institute of Standards and Technology, 2024
——————
AI Disclosure: This post was created with the assistance of artificial intelligence. The ideas, analysis, and opinions expressed are my own — AI was used to help compose, structure, and refine my personal notes and thoughts into the final written content. Images, videos and music featured in this post were also generated using AI tools, based on my own creative prompts and direction.
