Is Stellar XLM Going Quantum-Resistant?

Yes, Stellar (@StellarOrg) is going quantum-resistant, but it is not there yet. The Stellar Development Foundation published its Quantum Preparedness Plan on June 9, 2026, a three-stage roadmap to move the network to post-quantum cryptography. By the end of 2027, every Stellar account should be able to add quantum-safe keys while keeping the same address. Enterprise wallets can start the switch as early as this year.

The timing is no accident. Researchers keep cutting the estimated cost of breaking the encryption that secures Stellar and nearly every other blockchain, and the deadline keeps moving closer.

What Is the Quantum Preparedness Plan?

The QPP is SDF's program to replace the network's current signature scheme, Ed25519, with quantum-safe alternatives before quantum computers can break it. Ed25519 belongs to the elliptic curve family that Shor's algorithm can defeat on a sufficiently powerful quantum machine.

The plan rolls out in three stages:

• Stage 1 (2026): Post-quantum signature verification gets added to Soroban, Stellar's smart contract platform, as native host functions. The first schemes are ML-DSA-44 and ML-DSA-65, the signature standards NIST finalized in 2024. Enterprises can move to quantum-safe contract accounts this year through Soroban's account abstraction.
• Stage 2 (2027): A protocol upgrade brings quantum-safe signers to regular accounts through the existing set_options operation. Wallets, SDKs and anchors will need updates to support the new keys.
• Stage 3 (timing open): Ed25519 gets deprecated. The network stops accepting the old signatures for new transactions. SDF says the readiness work finishes in 2027, but activation depends on how fast quantum computing actually progresses.

Why Stellar Has an Easier Path Than Most Chains

Stellar separates account identity from signing keys, and that decision pays off now. The G address is a stable identifier. The keys that authorize transactions can be rotated without touching it.

That means no new account, no address change, no balance migration. A user adds a quantum-safe signer to their existing account, then removes the old Ed25519 key. On most chains, rotating keys means moving everything to a fresh address and updating every system that references the old one.

There is a flip side. Stellar addresses directly encode the Ed25519 public key, while Bitcoin and Ethereum addresses are hashes of public keys. On those chains, a public key is only exposed after an account's first transaction. On Stellar, every address on the network is a target, including dormant accounts that have never signed anything. That makes the upgrade more urgent, even if the path is smoother.

Why Now?

The threat window keeps shrinking. In early 2026, researchers at INRIA showed that breaking 256-bit elliptic curves requires around 1,193 logical qubits, 44% fewer than earlier estimates. NIST moved its danger zone for "harvest now, decrypt later" attacks forward to 2029 and beyond. Google set 2029 as its own internal deadline for post-quantum readiness, and Google both builds quantum hardware and employs many of the researchers driving these advances.

The rest of the industry is moving too. Ethereum has drafted an emergency hard fork plan, Bitcoin has BIP-360 and Algorand has deployed Falcon-based state proofs. Regulators are adding pressure: CNSA 2.0 in the US and DORA in the EU both point financial infrastructure toward post-quantum migration.

What Still Needs Solving

The plan leaves a few hard questions open. Stellar has a large population of dormant accounts whose owners cannot be reached. Once Ed25519 gets switched off, those accounts must either be frozen with some recovery mechanism or locked permanently. SDF says it will put that decision to the community rather than impose one.

Zero-knowledge protocols are another gap. Several ZK systems on Stellar rely on pairing-based cryptography that quantum computers break for the same reason they break Ed25519, and there is no drop-in replacement yet. The foundation plans to convene ZK teams building on Stellar to work on a shared research agenda.

Network-level security also needs attention. Validator messages in the Stellar Consensus Protocol use Ed25519 signatures, and those will be upgraded separately. SDF calls that the more tractable problem since there are hundreds of validators rather than millions of accounts.

What It Means for XLM Holders

For regular users, nothing changes right now. Stellar's hashes, including SHA-256, are already considered post-quantum secure. The vulnerable part is the signatures, and the fix for those will arrive as an opt-in upgrade over the next 18 months.

The bigger story is positioning. Stellar courts institutions for payments, tokenization and real-world assets, and those potential customers care about long-term security guarantees. A concrete migration plan with NIST-standard cryptography, published before any crisis, is the kind of thing that compliance teams will notice. The network just removed one of the larger long-term risks hanging over it. Time will tell if that translates into demand for $XLM. 

Sources:

• Stellar Development Foundation Official QPP announcement by Nicolas Barry, June 9, 2026
• NIST Background on the ML-DSA and ML-KEM standards Stellar will adopt
• @BuildOnStellar Official X announcement of the Quantum Preparedness Plan