Coinbase Explores Post-Quantum Encryption For Blockchain

Quantum computers are expected to be built at a size that is commercially useful in a mere few years, from maybe just 2028 to the mid-2030s, depending on the estimate and the exact capacity targeted.

This would be great for solving extremely complex mathematical problems to solve questions about material sciences in semiconductors, aerospace, battery, or solve proteins 3d configuration, or discover new lifesaving pharmaceuticals.

But the same capacity could be used to break encryption methods on which the modern world is built. This is why, for example, all major US banks are being forced to speed up their adoption of lattice-based cryptography, a method that is believed to be quantum-proof.

In the same way, cryptocurrencies could be in danger if the encryption that makes cryptos so secure could suddenly be broken.

وهذا يمثل مشكلة خاصة حيث يمكن لأجهزة الكمبيوتر الكمومية المستقبلية كسر تشفير البيانات التي يتم جمعها اليوم، حتى وإن كانت لا تزال غير قابلة للكسر، ولكن يمكن فك تشفيرها لاحقًا، وهي طريقة تسمى "الحصاد الآن، فك التشفير لاحقًا" (HNDL).

In that context, the leading actors in blockchain and cryptocurrencies are moving fast as well to prepare for the eventual emergence of quantum computers.

واحد منهم هو Coinbase, which published its report “Quantum Computing & Blockchain” addressing these concerns and looking into the possible solution the blockchain community could and should adopt in time to avoid any real security issue.

“We have high confidence that a large-scale, fault-tolerant quantum computer (FTQC) will eventually be built. As such, blockchains and the wider cryptographic ecosystem must prepare for this eventuality.”

Coinbase’s Quantum Report Overview

In the overview of this report, Coinbase starts by reminding that the National Institute of Standards and Technology (NIST) recommends that post-quantum (PQ) migrations should be carried out by 2035. It also points out that this timeline for preparation, leaving only 9 years, might even be optimistic.

“We are not confident that cryptographically relevant quantum computers (CRQC) will not exist by 2035 or later, as recent research raises the possibility that the timeline may be shorter.”

The report is divided into 6 major segments plus an annex of “additional readings”, covering the topic extensively:

1. Quantum Computing Overview and the Current State of the Art.
2. Post-Quantum Cryptography (PQC).
3. Post-Quantum Cryptography and the Consensus Layer.
4. Post-Quantum Cryptography and the Execution Layer.
5. Post-Quantum Plans for Major Blockchains.
6. Post-Quantum Security Beyond Signing.

Quantum Computing Overview

This first part resumes what a quantum computer is, what it can do, and how the technology has progressed so far.

In short, quantum computers use superposition and other quantum effects to grow their computing power exponentially for each additional “qubit” (the quantum equivalent of normal computer bits), instead of linearly.

“ The power of quantum computers is directly related to the fact that, to describe a superposition with N qubits, one needs a list of 2^N parameters. When (say) N=1000, this is already more parameters than could be written down in the observable universe.”

As mentioned, such a computer would be ideal for simulations of the physical world and breaking encryption. It could also be used to train more efficiently AIs, a topic we uncovered previously in our article “Does Quantum Computing Have A First Real-World Use Case".

The main limit in building a quantum computer is the hardware, which is incredibly hard to manufacture and to keep in a quantum state long enough that qubits can be trusted and perform any useful calculation.

This can be improved from two fronts: reducing the physical error rate for two-qubit gates and designing fault-tolerance schemes able to cope with higher error rates.

“To perform fault-tolerant quantum computation (FTQC), one will also constantly need to measure the physical qubits, to find out where errors have occurred and what needs to be done to correct them.”

Recent improvement in error correction indicates that 99.9% accurate two-qubit gates

might be sufficient, a much lower and realistically achievable number than initially expected (99.9999%). More importantly, this has already been achieved by Quantinuum (part of هانيويل (HON ), اتبع الرابط للحصول على تقرير الاستثمار المرتبط) and Google for individual qubits.

If this accuracy can be maintained when scaling to tens or hundreds of thousands of physical qubits, it will theoretically suffice for FTQC.

The report also gives an overview of the main hardware type being explored by quantum computing companies and researchers:

• Superconducting.
• Trapped-ion.
• Neutral atom.
• الفوتونيات.
• طوبولوجي.

In conclusion, the article notes that while not immediately ready, there is no reason to assume that quantum computers will not be able to break the highest levels of current encryption, and blockchain/cryptocurrencies will not exist.

تشفير ما بعد الكم (PQC)

Post-quantum cryptography is essential if we want the financial system as a whole, as well as military systems, to stay safe from quantum computers.

This type of encryption should also be able to run on normal-design and capacity computers.

“Post-quantum cryptography is run on classical computers and is secure against quantum attackers. This is in contrast to things like QKD (quantum key distribution), which requires the (honest) users to use quantum systems.”

Two of the leading methods are lattice-based and hash-based:

• Lattice-based: Traditional cryptographic methods like RSA and ECC are built on periodic structures in groups that Shor’s algorithm can solve efficiently by finding their “period”. In contrast, lattice-based cryptography does not rely on such structures.
• Hash-based: A very secure, but also very computing-power-hungry encryption method.

“The faster signing variant of SLH-DSA hash-base cryptography has signatures about 250 times larger than ECDSA with signing time about 1,000 times slower. Deploying these schemes on blockchains will clearly be very challenging.”

المصدر Coinbase

The NIST plays a major role in setting the tone here. In 2024, the National Institute of Standards and Technology (NIST) finalized three different post-quantum cryptography (PQC) standards :

• FIPS 203 – ML-KEM – آلية تغليف المفاتيح (KEM) القائمة على التشفير الشبكي، والتي تهدف إلى أن تكون اللبنة الأساسية لإنشاء مفاتيح آمنة من الكم (على سبيل المثال، في TLS أو VPNs).
• FIPS 204 – ML-DSA – مخطط توقيع رقمي أساسي، يعتمد أيضًا على الشبكة، ويهدف إلى حالات استخدام مثل توقيع البرامج والشهادات والمصادقة.
• FIPS 205 – SLH-DSA- مخطط توقيع قائم على التجزئة بدون حالة، تم بناؤه عمدًا على افتراضات مختلفة كـ "نسخة احتياطية" في حالة كشف الأبحاث المستقبلية عن نقاط ضعف في الأنظمة القائمة على الشبكة.

المصدر نيست

Post-Quantum Cryptography and the Consensus Layer

This segment of the report concerns itself with how blockchain specifically could be impacted by quantum-proof encryption, with a focus on the consensus layer.

“Generally, key concerns in migrating to PQ safety is the size of data and cost of computation. An additional challenge is orchestrating active switchover of cryptographic keys by users. ”

The main vulnerabilities stem from Shor’s algorithm, which a powerful PQ computer may use to break classical public-key cryptography.

Blockchains that migrated away from energy-intensive Proof-of-Work and instead rely on solutions to the Byzantine Fault Tolerance (BFT) problem could be more vulnerable. Here it is Shor’s algorithm that is the main threat, as the math behind this method could be solved by quantum computers.

The situation is even worse for blockchains that rely on aggregate and threshold signatures for consensus.

In this system, notably used by Ethereum, votes may be aggregated or thresholded in order to reduce the costs associated with sending validator signatures, verifying, and storing them. هذه البلوكشين do not have any easy plug-and-play replacement in order to make them post-quantum secure.

However, the report explained that  Bitcoin’s Proof-of-Work-based Nakamoto Consensus (NC) is only theoretically threatened by another decryption method,  Grover’s attack on hash functions

“In practice, however, Grover’s quadratic speedup does not translate to a real speedup for the puzzle sizes due to the much slower time per qubit operation in a quantum computer versus a highly optimized ASIC used for mining today. Thus, Nakamoto consensus mechanisms are essentially post-quantum secure. ”

Post-Quantum Cryptography and the Execution Layer

This segment of the report concerns itself with how blockchain specifically could be impacted by quantum-proof encryption, with a focus on the execution layer.

Cryptographic signatures attached to transactions authenticate the sender and authorize state changes. All compact signature schemes, such as ECDSA and Schnorr, would need to be replaced with PQ alternatives.

One risk is that the new post-quantum encryption systems are a lot less tried-and-tested than the traditional ones.

“Regarding lattice-based schemes like ML-DSA or FN-DSA, we may be actually downgrading security, since we will be moving to a signature scheme which has much less mileage and has not been studied to nearly the depth of schemes like ECDSA and EdDSA.”

Any scheme for the adoption of post-quantum signing will ideally meet fully a series of criteria defined in this report:

• P1: The transition does not compromise our current security posture.
• P2: The new scheme provides post-quantum security, either as-is or by enabling a fast switch to post-quantum security.
• P3: The new scheme does not add significant cost to the current way of working, at least as long as no quantum threat is imminent.
• P4: The new scheme requires minimal (if any) changes to the blockchain and current way of working, as long as no quantum threat is imminent.

The report then explores different possible strategies and compares them.

Strategy 1 generates private keys as hash outputs. This method allows, when the quantum threat is coming closer, to sign using ECDSA or EdDSA, as a signature can be constructed based on the owner’s knowledge of the preimage of the private key.

Strategy 2 moves to 2-out-of-2 hybrid/double signing. This strategy works by adding a post-quantum signature scheme and requiring that every transaction include both an ECDSA/EdDSA signature as well as a post-quantum signature (e.g., ML-DSA).

Strategy 3 moves to 1-out-of-2 (or more) signing. Similar to strategy 2, but instead of requiring both signatures, it suffices to provide a signature either using the elliptic-curve scheme or the post-quantum scheme.

المصدر Coinbase

All these methods will require account holders to transfer their balances to new accounts protected by PQ signature schemes, which will be a problem in itself.

“There are millions of owned accounts UTXOs, and at the current transaction rates of blockchains like Bitcoin and Ethereum, it may take months just to commit the sheer volume of switchover transactions. ”

وبشكل عام، Coinbase recommends using the “move to 1-of-2” strategy, as it deals with the threat without adding cost until it is needed.

Post-Quantum Plans for Major Blockchains

إلى البيتكوين

Bitcoin’s current approach is to ensure that all UTXO public keys can be hidden behind a hash function. This could be mitigated with a change in how public keys are managed.

"The BIP-360 proposal introduces a new taproot output type called Pay-to-Merkle-Root (P2MR) that removes this public key altogether. Once this proposal is enabled on Bitcoin main net, transitioning a P2TR output to a P2MR output will remove this vulnerability.”

في هذه الأثناء، some core إلى البيتكوين ديفعاملs are exploring hash-based signatures for Bitcoin. At least, proof-of-work is making the mining network rather secure, which is a strong point for Bitcoin from a quantum risk perspective.

However, a wait-and-see approach is mostly favored at the moment. Coinbase points out that this is not without causing issues, notably as it could damage the prospect of Bitcoin as people start to worry about quantum-related risks.

“We remark that the wait-and-see approach has a price in that it causes market uncertainty. Thus, waiting for the exact migration plan can make sense, but it should come with a clear statement of strategy and preparation to enable speedy migration if needed.”

إثيريم

While more vulnerable to a quantum computer, the Ethereum community also published a detailed plan for mitigating the related issues.

The current plan is to transition to hash-based signatures for both the consensus and execution layers. If a standard cryptographic hash function is used, then this does not introduce new security assumptions to Ethereum.

A debate is still ongoing between stateless and stateful signature options, with stateful shorter signatures a better option for the consensus layer and stateless for the execution layer, so that account owners are protected from mistakes in state management.

وبشكل عام، Coinbase visualized a post-quantum Ethereum where “validators attest to each block using a stateful hash-based signature scheme, and all the attestations on a specific block will be aggregated into a single proof using a hash-based succinct proof system”.

الاستلقاء تحت أشعة الشمس

Solana created a new vault type, called the قبو سولانا وينترنيتز, a hash-based signature scheme that has a manageable signature size (although signatures are two orders of magnitude bigger than ECDSA signatures).

Once Solana token holders have moved their assets to a new Winternitz-based address, the assets are no longer exposed to a quantum attacker.

In itself, this could prove a major advantage for Solana, as it is a lot more ahead than Bitcoin & Ethereum when it comes to being quantum-ready.

Others: Algorand, Sui, Aptos

Algorand ضمن the first blockchain platforms to deploy post-quantum (PQ) signature schemes in production across both consensus-related mechanisms and the execution layer. This is still partially a work in progress, but it also demonstrates that blockchain technology can move to be quantum-ready quickly in some cases.

أبتوس uses a system where the user’s address is not derived from the hash of the user’s public key. Thus, users who want to become post-quantum secure need only sign a transaction that updates their authentication key to a post-quantum public key. There is no need to move assets to a new account.

في هذه الأثناء، سوي وقد أوجز a number of strategies for migrating to a post-quantum secure chain, but it is not yet clear which of these strategies will be deployed.

Post-Quantum Security Beyond Signing

Transaction signatures and integrity of the blockchain are not the only topics where quantum computers could wreak havoc by breaking encryption.

ومن الأمثلة على ذلك threshold signatures, which are used to protect signing keys throughout the blockchain ecosystem.

In that case,  MLDSA, a lattice-based analogue of the Schnorr signature scheme, could be used. A hash-based signature scheme, such as either variant of SLH-DSA, could also be used for applications that need a stronger security assurance.

شيء آخر collision-resistant hash functions, used in Merkle trees, Patricia trees, and hash-based proof systems. A priori, this is not a topic where quantum computers are a threat. But potentially, some new quantum algorithm could change that.

The pre-quantum TLS protocol is at risk of an attack called harvest-now-decrypt-later (HNDL). Luckily, post-quantum TLS is already widely deployed on the Internet. For example, in February 2026, over 60% of Cloudflare’s Internet traffic uses the hybrid post-quantum secure cipher suite X25519MLKEM768.

في هذه الأثناء، أنظمة إثبات المعرفة الصفرية, used in privacy systems, should not be affected. Other privacy systems with quantum-vulnerable transaction data that is meant to remain hidden forever could be more at risk of harvest-now-decrypt-later threats.

الاستثمار في Coinbase

هذا التقرير من Coinbase on quantum risks and readiness of the cryptocurrency and blockchain ecosystem is an important one, and reflects on the role played by the company in being a leader of the industry and its innovation. This is a direct consequence of the size and importance the company has taken on over the past few years.

في 2025، Coinbase كان لديه 8 ملايين حساب نشط، وكان أكبر أمين على بيتكوين في العالم، إذ يمتلك 2.4 مليون بيتكوين. وهذا يمثل ما لا يقل عن 12% من إجمالي المعروض من بيتكوين.

Today, besides Coinbase’s main app and crypto exchange, the company has a series of complementary offerings:

• Coinbase واحد، وهي خدمة عضوية مميزة تقدم رسوم تداول صفرية، ومكافآت مشاركة معززة، وصفقات مع شركاء مثل حاسبة ضريبة العملات المشفرة، وأبحاث العملات المشفرة، وما إلى ذلك.
• Coinbase متقدم، للمتداولين المحترفين في مجال العملات المشفرة.
• Coinbase محافظ، لحفظ العملات المشفرة ذاتيًا خارج البورصات، بالإضافة إلى NFTs.
• Coinbase كسب، وهي خدمة تكديس حيث يمكن لمالكي العملات المشفرة قفل عملاتهم المشفرة من أجل كسب الفائدة من الشبكة، حيث تم كسب 230 مليون دولار من خلال Coinbaseعملاء الشركة في عام 2023.
• Coinbase بطاقةبطاقة خصم Visa لإجراء عمليات شراء باستخدام العملات المشفرة، مع استرداد 1% بعملة Bitcoin عند الدفع بالدولار الأمريكي، و1.5% بعملة USDC عند الدفع باستخدام ETH. يتم قبول البطاقة في كل مكان يتم فيه قبول بطاقات الخصم Visa.
• عملة الدولارتسعى USDC، وهي عملة رقمية مستقرة بقيمة تساوي الدولار الأمريكي، إلى إنشاء "دولار رقمي".

Coinbase تعد شركة أرامكس شريكًا رئيسيًا للعديد من صناديق الاستثمار المتداولة في البورصة التي تحتفظ فيها بعملات البيتكوين، مما يجعلها جهة فاعلة مهمة في الصناعة لهذه المنتجات، مما يجعل ملكية الصناديق المتداولة في البورصة أسهل للمستثمرين الأفراد والمؤسسات.

مؤخراً، حقق محل Coinbase has been actively working on “tokenizing” its stock (and other securities), currently listed “normally” on the Nasdaq.

من بداية مبكرة وطموحة، Coinbase has grown into becoming a cornerstone of the Bitcoin and crypto industry, especially in the US markets.

This has by far not been a smooth ride, Coinbase having to deal with cybersecurity attacks, unclear regulations, and lawsuits by the SEC, and see its customer services and safety protocol playing catch-up with the company’s growth.

Volatility and risks are a given in the crypto space (and really all investments), and quantum computing could bring some disruption.

But in any case, today’s more mature and dominant Coinbase is well-positioned to capitalize on crypto becoming increasingly mainstream through the growing trends of Bitcoin ETFs, stablecoin, and stock tokenization.

(You can read more from us about the pros and cons of Coinbase كبورصة للعملات المشفرة في "Coinbase Review – Is it Really the Best Platform?.

يمكنك أيضا قراءة المزيد عن Coinbase in تقريرنا الاستثماري المخصص للشركة.)

الأحدث Coinbase (COIN) أخبار وتطورات الأسهم