Quantum computing introduces a major challenge for digital security by questioning the mathematical foundations of modern cryptography. Traditional computers struggle with problems such as factoring large numbers or solving discrete logarithms, which is why public-key cryptography is considered secure today. Quantum algorithms, however, could solve these problems far more efficiently. For instance, Shor’s algorithm demonstrates how a sufficiently advanced quantum machine could break the cryptographic systems that protect digital signatures and key exchanges. Blockchains rely heavily on public-key cryptography to verify ownership and validate transactions, meaning their long-term security could be significantly affected.

Estimates from researchers suggest that the probability of a quantum computer capable of breaking RSA-2048 could increase significantly over the coming decades. Survey results indicate that the cumulative probability may approach about 50% within roughly 15 years and exceed 80% within 30 years.

Source: Global Risk Institute

Ethereum is structurally exposed to this threat. Its transparency means public keys, signatures, and cryptographic proofs are visible on chain, allowing hackers to collect information now and potentially exploit it later as quantum computing advances. This creates a long-term, systemic vulnerability that is particularly relevant for decentralised networks.

This looming threat is not just theoretical. Ethereum’s architecture contains specific components that are especially vulnerable to quantum attacks, and understanding these is key to planning effective defences.

Vitalik Buterin, Ethereum’s co-founder, shared a quantum-resistance roadmap on X on 26 February 2026. He identified four main sources of vulnerability: validator signatures involved in the consensus process, Ethereum’s data availability mechanisms, user wallet signatures used in daily transactions, and specific zero-knowledge proof employed by applications and layer-2 solutions.

Recognising these vulnerabilities, Vitalik Buterin has outlined a roadmap to gradually transition Ethereum toward post-quantum security. The strategy relies on targeted modifications across the protocol’s most sensitive cryptographic layers. The goal is to replace vulnerable primitives and to preserve Ethereum’s performance and scalability. As quantum-resistant cryptography often introduces higher computational costs, the proposed solutions emphasise efficiency and incremental deployment.

The first step focuses on Ethereum’s consensus layer, were validator signatures secure block production and finality. These signatures rely on BLS cryptography, which is vulnerable to Shor’s algorithm. Buterin proposes replacing them with hash-based signature schemes, such as variants of Winternitz signatures, which rely only on the security of hash functions and are therefore considered resistant to quantum attacks. To maintain efficiency, these signatures could be aggregated using STARKs (Scalable Transparent Arguments of Knowledge), a class of zero-knowledge proofs that does not depend on elliptic-curve assumptions. In the near term, Buterin also suggests simplifying the structure of consensus by moving toward a “lean available chain,” where each slot contains significantly fewer signatures, between roughly 256 and 1,024. Reducing the number of signatures per slot lowers aggregation complexity and allows the network to transition to quantum-safe primitives without sacrificing performance. An important design decision concerns the choice of hash function underpinning the system. Several candidates have been proposed, including Poseidon2 with additional rounds for stronger security, Poseidon1 as a well-tested alternative, or conventional high-performance hashes such as BLAKE3. Selecting the right primitive will be critical to balancing efficiency and long-term security.

Ethereum’s data availability layer currently relies on KZG commitments to ensure that rollup data is correctly stored and accessible. While highly efficient, KZG commitments depend on cryptographic assumptions that could be compromised by quantum computers. To address this vulnerability, Buterin proposes replacing KZG commitments with STARK-based proof systems. The transition introduces new challenges, particularly because KZG commitments possess a property called linearity that STARK constructions do not naturally replicate. As a result, additional mechanisms would be required to verify that blobs of transaction data have been constructed correctly. Buterin argues that Ethereum’s scaling roadmap does not require overly complex architectures. Maintaining a one-dimensional data availability sampling structure, such as PeerDAS, should be sufficient to achieve Ethereum’s throughput objectives. Recursive STARK proofs could then be used to manage proof sizes and verification efficiency. Although the transition would require significant engineering effort, it remains technically feasible and consistent with Ethereum’s modular scaling strategy.

Post-quantum security is increasingly becoming a strategic priority for Ethereum. Earlier this year, the Ethereum Foundation, the Swiss nonprofit supporting Ethereum’s core research and development, formally created a dedicated post-quantum team to coordinate research, tooling and protocol upgrades aimed at strengthening the network’s cryptographic foundations.

The initiative builds on several years of internal research and reflects a growing effort to prepare the network well before quantum computers become a practical threat. To accelerate progress, the foundation has begun organising bi-weekly technical discussions among developers focused specifically on quantum security and launched a $1 million incentive program encouraging researchers to improve quantum-resistant cryptography.

However, support from influential figures in the ecosystem such as Vitalik Buterin and from the Ethereum Foundation itself does not automatically translate into protocol changes. Ethereum’s governance model is highly decentralised, meaning that major upgrades require broad agreement across developers and stakeholders.

This dynamic was highlighted when researcher Justin Drake published a draft development plan for the network. The document is referred to as a “strawmap”, because of “the limits of drafting a roadmap in a highly decentralised ecosystem.” According to Drake, in a decentralised ecosystem with many independent contributors, defining a single official roadmap that reflects all participants is effectively impossible. The strawmap therefore represents one coherent scenario among many potential trajectories for Ethereum’s future development.