The Coinbase Quantum Advisory Board (CQAB) released a new report on June 11, 2026, urging the cryptocurrency industry to accelerate its transition to quantum-resistant cryptography. The board warned that billions of dollars in digital assets could eventually be vulnerable to theft once quantum computing technology reaches a sufficiently mature stage.
While existing hardware cannot yet break current encryption, the CQAB highlighted that approximately 6.9 million Bitcoins are held in wallets where the public keys are already visible to the network, making them potential targets for future attacks.
Coinbase CEO Brian Armstrong has personally prioritized this challenge, describing quantum computing as a “solvable engineering challenge rather than an existential threat” during an announcement on April 2, 2026. Armstrong and Philip Martin, the Chief Security Officer (CSO) of Coinbase, are advocating for proactive defense measures.
They emphasized that engineering solutions for Bitcoin and other blockchains need implementation sooner rather than later to stay ahead of rapid hardware advancements in the quantum sector.
The technical risk centers on the elliptic curve cryptography (ECC) used to generate digital signatures for wallets. While Bitcoin’s proof-of-work hashing is mostly resistant to quantum acceleration, ECC is more fragile.
According to research from the Google Quantum AI division published on March 31, 2026, a quantum computer with fewer than 500,000 physical qubits could theoretically crack the elliptic curve cryptography protecting Bitcoin wallets. Separate research from the same division in March 2026 estimated that breaking 256-bit ECC—the standard for Ethereum—could require roughly 1,200 logical qubits.
Addressing abandoned coins and legacy wallet vulnerabilities
A specific concern for the CQAB is the status of “abandoned coins” held in legacy P2PK (Pay-to-Public-Key) addresses. There are roughly 1.7 million Bitcoins in these early addresses, which likely include the holdings of Satoshi Nakamoto. Because these addresses have made their public keys visible on the blockchain permanently, they are uniquely exposed.
If Bitcoin signals market structure analysis 2026 suggests long-term holders are staying put, it also means those assets remain in older, more vulnerable formats.
The board’s co-author, Yehuda Lindell, who leads Coinbase’s cryptography team, outlined several options for the community to manage these risks. These include rate-limiting how many vulnerable coins can move per block or allowing users to pre-commit to migrations without moving funds publicly.
The CQAB noted that blockchain communities will eventually face difficult governance decisions, such as whether to freeze assets that fail to migrate before a specific security deadline.
Current quantum machines from companies like IBM and Google contain only hundreds of physical qubits, leaving them orders of magnitude away from the power required to run Shor’s algorithm against real-world keys.
However, expert surveys indicate “Q-Day”—the point when a quantum computer can break current encryption—has over a 50% probability of occurring between 2030 and 2035. This timeline aligns with Bitcoin price 77000 market confidence 2026 analysis that suggests the industry must resolve these technical hurdles to maintain investor trust over the next decade.
Adopting post-quantum cryptography standards
The path forward involves integrating post-quantum cryptography (PQC) standards designed to withstand quantum attacks. The U.S. National Institute of Standards and Technology (NIST) released the final versions of its first three PQC standards—FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA)—on August 13, 2024.
NIST has recommended that organizations finish migrating to these standards by 2035, though it continues to develop backups, such as the Hamming Quasi-Cyclic (HQC) algorithm expected to be finalized in 2027.
Implementing these standards in decentralized networks presents a significant engineering hurdle because post-quantum signatures are much larger than current ones. A Dilithium-3 signature, for instance, requires about 3.3 KB of data, whereas current Elliptic Curve Digital Signature Algorithm (ECDSA) signatures use just 64 bytes.
This size difference would likely increase transaction costs and slow down confirmation times across the network. Despite this, Ethereum and other chains like Solana and Algorand have already begun developing roadmaps for quantum resistance.
Blockchain developers are also watching how governments react to these shifts. For instance, U.S. Treasury CBDC rejection by key figures suggests that private cryptocurrencies will remain the primary digital asset infrastructure, making their long-term security even more critical.
The CQAB concluded that while the threat is not yet imminent, the engineering work to support new signatures must begin immediately to ensure a smooth transition for the millions of wallet owners worldwide.