Coinbase Quantum Advisory Board: Crypto Is Safe Today, But The Clock Is Ticking

The Coinbase Independent Advisory Board on Quantum Computing and Blockchain has published its first position paper, concluding that while no quantum computer today can break blockchain encryption, the industry must begin preparing for one that eventually will.

The 50-page report was authored by some of the most credible names in cryptography and distributed systems research, including Dan Boneh, director of the Stanford Center for Blockchain Research; Justin Drake of the Ethereum Foundation; Sreeram Kannan, founder of EigenLayer; Yehuda Lindell, Coinbase's head of cryptography; and Dahlia Malkhi, an expert in resilient distributed systems. Researchers from UT Austin, Bar-Ilan University, and UC Santa Barbara also contributed. 

What Is The Coinbase Quantum Advisory Board?

Coinbase assembled the Independent Advisory Board on Quantum Computing and Blockchain specifically to ensure its security strategy is shaped by science rather than news cycles. The board's first position paper is a comprehensive assessment of what quantum computing means for the crypto industry, where the real risks lie, and what needs to happen next.

The board has high confidence that a "fault-tolerant quantum computer," one powerful enough to break the cryptography securing digital assets across major blockchains, will eventually be built. Most expert timelines suggest at least a decade away, but the report does not rule out a significantly shorter timeline.

That uncertainty is exactly why preparation cannot wait.

Where Are The Real Vulnerabilities In Crypto?

Not every part of a blockchain is equally at risk. The paper draws a clear line between what is safe and what is not.

What quantum computing does not threaten:

• Bitcoin mining and hash functions
• The historical transaction records of major blockchains
• Most core blockchain infrastructure

What is genuinely at risk:

• Digital signatures, the cryptography that proves ownership of assets
• Wallets where public key information is already visible on-chain
• Proof-of-stake validator signature schemes

For Bitcoin specifically, researchers estimate that approximately 6.9 million BTC fall into the most exposed category, held in addresses where the public key has already been revealed on-chain. A separate estimate in the report puts approximately 4.5 million Bitcoin in early or reused address types that carry similar exposure.

What Is A "Harvest Now, Decrypt Later" Attack?

One risk the paper identifies as beginning right now, not in the future, is the harvest now, decrypt later attack. Adversaries can collect encrypted blockchain data today and store it, waiting for quantum hardware to mature enough to crack it retroactively. For long-held assets in exposed address types, this is not a theoretical future risk. It is a present one.

Why Switching To Quantum-Safe Cryptography Is Harder Than It Sounds

The technical solution already exists. The U.S. National Institute of Standards and Technology (NIST) has already standardized several post-quantum cryptographic algorithms, and the cryptographic research community has been developing quantum-resistant alternatives for over 20 years.

The problem is rolling them out at blockchain scale.

Post-quantum digital signatures are significantly larger in data size than the signatures currently in use, in some cases tens to hundreds of times larger. The Coinbase report includes an estimate that replacing current signatures with quantum-resistant alternatives could expand block sizes by up to 38 times.

For Bitcoin, which operates under a strict block size limit and requires consensus across a fully decentralized set of stakeholders, a 38-times increase in signature data is not a minor adjustment. It is a fundamental architectural change touching every node, wallet, exchange, and application in the ecosystem.

Why Coordination Across Decentralized Networks Is Uniquely Difficult

Traditional financial institutions can push security upgrades through centralized systems. Blockchain networks cannot. Every user must take action. Millions of wallets need to migrate. And because there is no central authority to enforce a deadline, the coordination challenge is unlike anything conventional finance has faced.

What Major Blockchains Are Doing Right Now

The report reviews the current state of post-quantum preparation across several major networks:

• Bitcoin is exploring new address formats that better protect public keys. Bitcoin developers are actively debating BIP 361, a proposal for a structured migration away from legacy address types. No full upgrade plan has been committed to yet.
• Ethereum has published a detailed migration roadmap and has elevated post-quantum security to a top strategic priority, with a dedicated research team. The foundation's roadmap could also improve network scalability in the process.
• Solana, Algorand, and Aptos have each begun offering or planning quantum-resistant options for users.
• Optimism and other Layer 2 networks have announced transition plans with specific deadlines.
• Ripple published a four-phase XRPL post-quantum roadmap targeting completion by 2028.

What Happens To Wallets That Never Upgrade?

This is the hardest question the paper raises, and it has no clean answer.

Lost keys, inactive holders, and abandoned accounts mean that a meaningful portion of digital assets will inevitably remain in unupgraded wallets when quantum computers become powerful enough to matter. Each blockchain community will need to decide whether to freeze, revoke, or leave those assets vulnerable.

The advisory board recommends that these decisions be made and communicated publicly as soon as possible. The longer communities wait, the harder it becomes to act without causing market disruption.

What Coinbase Is Doing In Response

Coinbase states it is building its systems to be flexible enough to adopt new cryptographic standards quickly. The exchange is working with hardware and infrastructure partners on upgrade readiness and is sharing the research publicly on the grounds that quantum preparedness is an industry-wide challenge that no single company can solve alone.

The board's first position paper is described as the first output, not the last.

Conclusion

The Coinbase Independent Advisory Board on Quantum Computing and Blockchain has produced a technically grounded, credible assessment of a real but not yet immediate threat. 

The board's conclusion is measured: today's crypto holdings are secure, current quantum hardware is nowhere near capable of breaking blockchain encryption, and expert consensus points to at least a decade before a genuinely threatening machine exists. 

What the paper makes clear, though, is that upgrading decentralized ecosystems takes years, post-quantum signatures carry significant data overhead, and coordination across millions of independent wallet holders is a problem with no easy solution. The work of preparing has to start well before the threat becomes urgent, and by the board's own assessment, that time is now.

Resources

1. Report by Coinbase: Coinbase Quantum Advisory Council Publishes Position Paper on Quantum Computing and Blockchain

2. Report by CoinDesk 1: Coinbase advisory board says quantum computing threat is on the horizon, crypto needs a plan

3. BIP 361: Post Quantum Migration and Legacy Signature Sunset 

4. Ethereum’s Quantum Roadmap: Future-proofing Ethereum

5. Report by CoinDesk 2: Solana's quantum-threat readiness reveals harsh tradeoff: security vs speed

6. Aptos on X: Post on Dec. 18, 2025