In August 2024, NIST finalized its initial trio of post-quantum cryptography standards, urging organizations to start migrating immediately with a deprecation deadline set for quantum-vulnerable algorithms by 2035.
Coinbase’s advisory board echoes this urgency in their recent report, emphasizing that blockchain entities, wallet providers, exchanges, and custodians should proactively prepare. The delay in decision-making around migration is already impacting investment interest.
Google has internally scheduled a PQC migration for 2029 and updated its threat model to focus on authentication services.
The convergence of these directives underscores readiness as the primary concern. This shift moves post-quantum planning from cryptographic discussions into governance and credibility tests.
Coinbase’s analysis maps migration challenges across various crypto stack layers, including consensus and execution layers, wallets, exchanges, custodians, key management systems, and hardware. It highlights that updating hardware-based wallets and security modules takes time, with many major blockchains yet to commit to specific post-quantum signature algorithms.
NIST defines crypto-agility as the ability to adapt algorithms across protocols, applications, hardware, firmware, and infrastructure without disrupting operations. Crypto providers must now evaluate if their systems can handle algorithmic transitions smoothly.
Coinbase’s report indicates that Bitcoin developers adopt a wait-and-see stance on migration details, contributing to market uncertainty. It also notes approximately 13.6 million exposed Bitcoin addresses on-chain, necessitating coordinated efforts for transition once a post-quantum path is chosen.
While the largest crypto network debates BIP 361, other chains and infrastructure providers are positioning concrete planning as an operational credibility marker. Ethereum and layer-2 networks like Optimism and Arbitrum have announced post-quantum plans.
Optimism has set a flag day for January 2036 when ECDSA signing keys will lose control over assets. Algorand executed the first post-quantum transaction using Falcon signatures on its mainnet in 2025.
Trezor’s Safe 7 is marketed as quantum-ready, with features extending beyond transaction signing to firmware and hardware verification. AWS KMS now supports ML-DSA digital signatures and hybrid post-quantum TLS for users needing long-term confidentiality.
Post-quantum readiness signals maturity before actual risks emerge, akin to proof-of-reserves or security certifications. Coinbase recommends publicizing migration decisions promptly to reduce investment uncertainty.
NIST envisions PQC migration as a comprehensive program requiring hardware audits and governance across operations. China aims to develop national PQC standards within three years, prioritizing finance and energy. The UK’s NCSC has set milestones for 2028, 2031, and 2035, influencing investment decisions.
The US and South Korea align their migration plans towards 2035, viewing crypto as part of a global transition. Google’s research highlights the urgency, demonstrating circuit designs to break elliptic-curve problems with significantly fewer qubits than previously estimated.
Coinbase suggests that credible end-to-end migration plans could transform post-quantum readiness into an institutional sales advantage. Trezor and AWS exemplify this trend at the infrastructure level.
Firms with comprehensive planning across protocol, custody, hardware, and key management layers can capture institutional relationships more effectively than competitors lacking roadmaps.
The market rewards clear migration plans with specific algorithms, timelines, and governance processes, while vague claims risk being seen as mere theater. Projects that transparently address dependencies and implementation paths may gain credibility even if their migration efforts are incomplete.
Coinbase’s report, NIST’s push for migration, and commercial initiatives by vendors like Trezor and AWS indicate that quantum risks are already influencing reputational dynamics. Projects treating post-quantum planning as a current governance obligation may enhance their credibility with institutions and users.