Zcash plans to roll out a quantum-recoverable wallet within the next month, the first major deliverable on its post-quantum cryptography roadmap. The privacy-focused project aims to shield users from future threats posed by quantum computers, with a full post-quantum security milestone targeted for 2027.
Quantum computing isn't hypothetical anymore. Researchers have demonstrated quantum circuits capable of factoring small numbers, and the NIST has been standardizing post-quantum algorithms since 2024. A crypto wallet that can recover funds even if its private keys are compromised by a quantum attack is a practical hedge — not just a research paper.
What the wallet does
The quantum-recoverable wallet lets users restore their funds using a backup scheme that doesn't rely on traditional elliptic-curve cryptography. Zcash's current shielded addresses use zk-SNARKs, but the underlying key generation is still vulnerable to Shor's algorithm. This wallet replaces that with a lattice-based or hash-based recovery mechanism, though the devs haven't published the exact algorithm yet.
Timeline and next steps
The wallet is expected to hit the testnet within weeks, followed by a mainnet release before mid-June. Zcash's longer-term goal is to migrate its entire protocol to post-quantum security by 2027 — a timeline that aligns with estimates of when a cryptographically relevant quantum computer could appear. The foundation is also working on a post-quantum upgrade for its consensus layer, but that's further out.
Zcash isn't the only privacy coin eyeing quantum resistance. Monero has research underway, but hasn't committed to a launch date. Bitcoin's Taproot upgrade made some moves, but full quantum hardening there is years away. Zcash's wallet launch, if it sticks to the one-month window, will make it the first major cryptocurrency to offer users a concrete tool against quantum threats — at least for fund recovery.
The code is expected to go open-source alongside the testnet release. The foundation says it will invite third-party audits before the mainnet launch. No date for those audits has been set yet.
