BITWU.ETH 🔆|Dec 10, 2025 04:05
A16z Annual Analysis Helps You Understand the True Threat of Quantum Attacks | Quantum Computing x Blockchain: A Severely Misunderstood Future Threat
In recent years, there has been a panic circulating in the industry: with the arrival of quantum computing, the encryption of blockchain will be disrupted.
The analysis of a16z is the second professional article I have seen that explains this matter clearly:
Quantum is not the thing we should be most afraid of right now, what is truly dangerous is the wrong decisions we make in panic.
I have summarized the core points of this article into only three:
one ️⃣ Quantum attacks for at least 10 years,
two ️⃣ PQC is immature, with a huge migration link and complex implementation.
three ️⃣ The potential damage caused by early migration is greater than the quantum attack itself.
Below, I will try my best to explain in the simplest and least technical way whether quantum will pose a threat to blockchain, and why "premature migration to post quantum cryptography (PQC)" is the greater risk.
one ️⃣ Quantum attacks are greatly exaggerated (at least 10 years away)
The media often says, "Quantum will soon be able to crack private keys
But the fact is completely different.
To use quantum to crack ECDSA/RSA, a special type of quantum computer is needed——
Large scale, perfect error correction, and extremely high stability.
This type of equipment is currently not even 1% complete.
A16z's viewpoint is:
The most optimistic scenario for a 'cryptography level quantum machine' that can truly crack encryption is 10+years.
So, there is no such thing as' quantum will destroy blockchain next year '.
The industry has been in a panic for too long.
two ️⃣ What should we be most afraid of now? The answer is surprising: PQC (Post Quantum Cryptography) itself.
Many people think, 'Quantum will come, so let's quickly switch to a new encryption algorithm (PQC)!'! ”
But a16z's warning is very clear: migrating too early is more dangerous than not migrating at all.
Why?
Because PQC's current state is like a newly released L1 that has not undergone stress testing:
There are not enough attacks in the real world
Immature protocol implementation
Libraries, compilers, and toolchains are all rapidly changing
Performance and security are constantly being overturned and updated
Lack of sufficient wallet, node, and infrastructure ecosystem support
let me put it another way:
It's not unsafe, but 'not yet proven safe'.
Transferring all assets of the chain to PQC is like transferring a trillion level system to a test network level encryption algorithm. This is not evolution, it's a gamble.
three ️⃣ Greater risk: not 'immature algorithm', but 'migration itself is a systemic risk'
This is the most crucial insight and also the easiest to overlook.
Migrating to PQC is not as simple as a "wallet update version", it will trigger a chain reaction throughout the entire ecosystem:
Wallet All Swap Logic
Change the address format to another set
All user assets must be re signed
The contract needs to be upgraded
Nodes need to be synchronized
The cross chain bridge needs to be redesigned
Multiple signatures MPC、 Rewrite all threshold keys
Any incorrect code, signature, or key management logic in any step may result in:
Faster, wider range, and irreversible losses than quantum attacks.
The quantum threat is 10 years away, and migration failure could happen tomorrow.
That's why a16z said:
Fear of migrating too late is misguided.
The real danger is migrating too early.
four ️⃣ What is the real current threat of blockchain? Not quantum, but ourselves.
If you carefully look at all the large-scale losses in the past few years:
Multiple signature implementation vulnerability
Wallet seed leak
Contract logic error
The cross chain bridge has been hacked
Node consensus failure
Social engineering attacks
These have nothing to do with quantum.
A16z's viewpoint is very clear:
What the industry truly needs is engineering stability, not new panic.
We signed multiple contracts MPC、 Why do you fantasize that changing to PQC can solve everything when the key management locking model has not truly achieved 100% security?
five ️⃣ What should that industry do? The answer is not 'conversion method', but 'prepare an upgradable path'.
The future quantum will definitely come, but the future solution is definitely not the PQC of today.
What we need is not a panic upgrade, but:
Address format reserved upgrade capability
Wallet can be seamlessly migrated
Reserved soft fork entry for protocol
Test the transferable process (drill)
Switching keys in stages
Modular Signature Scheme
Allow users to flexibly transition between old and new signatures
let me put it another way:
Now it's not about changing parachutes, but about ensuring that we can change parachutes in the future.
This is the practice of mature industries.
six ️⃣ The last point, which is also my strongest personal opinion:
The biggest misconception in the industry about quantum is that it is an imminent survival crisis.
The bigger misconception is that changing PQC is a simple matter.
What we really need is an upgrade path based on reality, engineering, and long termism.
Instead of another round of technological panic.
I hope this article and my interpretation can help everyone understand the true form of quantum attacks.
If you find it useful, please help me like and forward it!
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink