BlackRock published a report this week warning that future quantum computing breakthroughs could crack the cryptography underpinning Bitcoin and Ethereum. The world's largest asset manager says networks need to start preparing for a post-quantum migration — and soon — even though no machine that can break current crypto exists today.
Bitcoin's exposed public keys
Bitcoin's SHA-256 hash function is considered relatively safe, but its elliptic curve cryptography (ECC) for transaction signatures is vulnerable to a sufficiently powerful quantum computer running Shor's Algorithm. According to the report, roughly 7 million BTC — 35% of all coins in circulation — sits in addresses where public keys are already exposed. That includes 1.9 million BTC in address types with unhashed public keys and another 5 million in reused addresses. Once a cryptographically relevant quantum computer (CRQC) arrives, those coins could be stolen.
Ethereum faces a steeper climb
Ethereum's post-quantum migration is more complex. Its proof-of-stake architecture, along with smart contracts, BLS signatures, KZG proofs, and zero-knowledge systems, all create additional attack surfaces. Vitalik Buterin has flagged these issues before. BlackRock notes that Ethereum's technical sprawl means the upgrade will take longer and require more coordination across the ecosystem than Bitcoin's.
Social consensus, not tech, is the real hurdle
BlackRock says the migration is technically feasible. The harder problem is getting a decentralized network to agree on a new cryptographic standard. “The main challenge is social consensus rather than technical implementation,” the report says. That's a tall order for communities that have struggled to agree on block size, fee models, and even simple protocol upgrades. Meanwhile, Google has moved its internal post-quantum migration deadline to 2029, and IBM expects large-scale fault-tolerant quantum computers between 2029 and 2033. The window to act is maybe a few years.
Lost coins complicate the math
Not all Bitcoin is at risk. Chainalysis estimates 2.3 million to 3.7 million BTC (11–19% of circulating supply) may be permanently lost — including roughly 1.1 million BTC in P2PK addresses attributed to Satoshi Nakamoto. Those coins can't be stolen, but they also can't be migrated. That puts more pressure on the remaining active supply to move before a CRQC goes online.
No Q-Day is here yet. But BlackRock's message is clear: the industry shouldn't wait until it arrives to start moving.
