Is Nic Carter Right? How Serious Is Bitcoin's Quantum Risk?

We face this very uncertain timeline of when and if quantum computers will emerge to the point where they can break our crypto. It's a very interesting kind of intellectual level, right? How do you apportion your resources? How do you measure the risk? How do you predict? Well, we've got a long migration ahead of us. When do we start?

If you have the fast flavor, for example, you have Google working on the superconducting stuff. The estimate for the time it takes to crack a key is on the order of minutes, roughly 10 minutes. And so what you could imagine is that Satoshi's coins would actually be stolen at the same rate at which they were mined in the early days.

Hi everyone, welcome to Unchained, your no hype resource for all things crypto. I'm your host Laura Shin. Thanks for joining this live stream.

Before we get started, a quick reminder, nothing you hear on Unchained is investment advice. This show is for informational and entertainment purposes only, and my guest and I may hold assets discussed in the show. For more disclosures, visit unchainedcrypto.com.

Quick note before we get into today's episode. Bits and Bips now has its dedicated feeds. We're spinning up from the Unchained feed and moving to a new podcast and YouTube channel. So, if you want to keep up with our weekly live streams and macro meets crypto breakdowns, make sure to subscribe to Bits and Bips directly. We won't publish there until March, but subscribe today so you can be ready for launch. Be sure to subscribe to the new feeds at unchainedcrypto.com/bitsandb.

Did you know that Figure is giving away $25,000 in USDC? They're a decentralized digital asset platform for earning, borrowing, and lending. Download the Figuremarkets app using our link figurearkets.co/chained DP. Deposit into their democratized prime pools and earn about 9% APY paid hourly while you enter. Every dollar you keep in for 25 consecutive days counts as an entry. Again, the link is figurearkets.co/chained dp for full details.

If crypto taxes feel overwhelming, you are not alone. That's why Cryptotaxgirl, a team that's been helping crypto investors since 2017, is offering $100 off on one-on-one crypto tax help. To get $100 off your crypto tax services, go to cryptotaxgirl.com/unchained. Again, that's cryptotaxgirl.com/unchained.

Today's topic is the quantum threat to crypto. Welcome Justin and Chris.

So everyone, I know we're a bit late to this topic in the sense that others have been talking about this for a while, but we're also quite early because the threat to crypto that quantum poses is going to happen at some indeterminate point in the future. However, this threat is already influencing investment and it is the kind of threat that will take a lot of coordination and planning to overcome which is why we are discussing it now.

So, let's just start by laying the groundwork. Justin, why don't you start by explaining what quantum computing is and what threat it poses to crypto?

Sure. So, quantum computing is a form of computing that leverages microscopic physics that is hidden to the day-to-day world that we live in but is very much present. And using this hidden structure, you can run computation theoretically faster for certain classes of algorithms including algorithms that break the cryptography that we have right now in terms of elliptic curves.

The major threat for crypto is that it breaks the current cryptography that we have. So for Ethereum specifically there's three pieces of cryptography that are vulnerable. The first one for user transactions is called ECDSA. The second one is at the consensus layer we have something called BLS signatures. And then finally at the data layer for the blobs we have something called KCG. And the common thread for all these three layers is elliptic curve cryptography which would get broken by quantum computers.

And Chris, how would you describe quantum computing and the threat that it poses to crypto?

Yeah, I think Justin said it perfectly. You know, this is a technology that is still in somewhat early and even speculative stages, but there's been a lot of progress in building these quantum computers by efforts that have invested billions of dollars toward engineering these devices.

At a theoretical level and also at an engineering level, we know and have known for several decades now that quantum computers, if they are built at large enough scale, can and would break all of the cryptography that we've been using heavily on the internet and in blockchain applications and all around the world for several decades now.

And so I know timelines can be difficult to project, but I was curious when you both personally thought that quantum computing would pose a threat to crypto. You know, how many years from now? And either of you can answer.

Well, I started kind of going all in on quantum resistant cryptography research about 21 years ago. So at the time I thought, this is going to matter. This is going to be important someday. In those 21 years we still haven't seen a quantum computer but the level of effort and investment that's gone in has really skyrocketed in recent years.

Most people who are experts in this domain, I'm not sure I consider myself one of them in terms of actually building quantum computers, but most people who are experts in this domain do believe that we will have them at some point in time and those timelines range from well how likely do you think a quantum computer is to emerge within a certain amount of time.

I think most people believe that in the next three to five years very unlikely but perhaps at the 10 year 15 years out from now it starts to become more of a significant probability and then predicting the future even 20 years out is a fool's game. I don't think anybody can do that.

Justin, what do you think of the timeline?

Yeah, so at the Ethereum Foundation, we've been thinking about this since 2018. We actually gave a large grant several millions of dollars to Starkware back then to start building this technology.

With all of the progress that we've seen recently, both on the quantum computing side of things, but also on the algorithmic side of things, my personal date is now 2032. I've partially stolen this from a friend in Cambridge who happens to be the founder and CEO of Riverlane, one of the top error correction companies in the world and we both have a son who sons who are in the same class which is how I met him and he's been in the space for 15 years and his date 15 years ago was 2032.

So, I'm feeling pretty good about it. And going back to what Chris said, like very few people believe that we're going to have so-called cryptographically relevant quantum computers by the end of this decade. So we're talking 2030s.

I think there's a reasonable chance for example that in 2031 maybe a 1% chance 2% chance maybe more that we'll have a quantum relevant computer and then it really increases steeply the probability of having a cryptographically relevant quantum computer.

One of the things that I can share is that there's been this really big improvement on the algorithmic side of things. So if you rewind the clock 2 three years ago, the best known algorithm for breaking Ethereum cryptography required about 10 million physical cubits. A year ago, so last year in 2025, we had a paper bringing that down to 1 million cubits. And in 2026, we're going to have another paper that brings it down even further.

I wouldn't be surprised if the endgame is much closer to 100,000 cubits. We have these two curves. Eventually we will cross and because of the time it takes to migrate to new cryptography we have to be thinking about this several years in advance and if indeed I'm right that 2032 is the date then today is when we really need to get started and explain what a cubit is.

So a cubit is the fundamental quantum building block which is the equivalent of the bit. So a bit can take two values. A cubit can be in a superposition of states and it can also be entangled with other cubits. This is what gives it its power.

When we talk about cubits there's two flavors. There's the logically perfect cubic which we call a logical cubit and this is what the theoretical quantum algorithm designers will be using. Then you have what's called the physical cubit which is the physical instantiation using atoms or photons or whatever it is.

Because of the noise involved you have to do so-called error correction. So you have to take a collection of physical cubits in order to form one perfect logical one. This ratio between physical and logical is very important and it might be on the order of a thousand or 100 or maybe 10,000.

This is very much in the engineering stage, but one thing that we should expect in addition to the algorithms improving is that the error correction will improve so that the ratio will improve and of course we should see more and more physical cubits in the same way that we have Mo's law that increases the number of bits and transistors that we have on a single chip.

So as you said in the beginning, the threat that quantum computing poses to crypto is kind of limited to a certain area. Just explain what that means in practical terms like what are the actual dangers that everyday users would perceive that businesses would perceive? What are the things that could happen if the crypto industry and all these different chains don't come up with ways to protect themselves against the quantum threat in advance?

Long story short, with a cryptographically relevant quantum computer, you can take a public key and rederive, recomputee the private key from that. So normally, you're meant to keep your seed phrase secret and your private key safe and you only expose the public key.

If we have a cryptographically reliable computer, it is basically game over. It's systemically bad for the whole industry where the notion of property rights starts to crumple.

I would add that cryptocurrency is built on the foundation of secure cryptography and there's all kinds of cryptographic primitives and tools of by various names digital signatures and hash functions and encryption and all these different kinds of tools and primitives that we use so that we can build a secure cryptocurrency.

When that foundation crumbles and becomes completely insecure while everything built on top of it also collapses. So it is as Justin said a completely systemic risk as well as a particular risk to specific protocols that are out there whether they be Ethereum or Bitcoin or any of the many other kinds of blockchains that are out there.

So essentially like it's something like whoever creates the first quantum computer could steal as many coins as they want from pretty much any chain. Is that sort of the doomsday scenario?

That's a fair description of what would happen, right? If you can take any public key off of the blockchain, you could empty its account and just forge a transaction that transfers all the assets from this account to the account of your choice.

Those are some of the very simple to imagine consequences of having a cryptographically relevant quantum computer. There are other sort of more subtle or nuanced situations like one could potentially use a quantum computer to break consensus or cause some kind of fork in certain types of blockchains that are protected by digital signatures that are vulnerable to quantum computers.

Justin also mentioned this at the beginning. The actual consensus layer of many blockchains is protected by cryptography that would be broken by quantum computers. So whether an attacker would actually want to do this and destroy the entire consensus of the network or not is an open question, but it's at least something that in principle could be done.

That would be a systemic destruction of maybe all the value in that blockchain. I do want to share some of the nitty-gritty to details of quantum computers. So there's several so-called modalities which are different flavors of quantum computing. There's for example trapped ion and neutral atoms and those involve moving particles around and they tend to be relatively slow in terms of their clock cycles.

If you were to run the algorithm to break our cryptography known as Grover's algorithm, it might actually take several hours or several days. And so if you only have a limited number of quantum computers at the very beginning then you should only expect a small number of keys to break if these are the modalities that are going to win.

There's other modalities for example supercomputing and photonics that are much faster because there's no moving parts and here you could expect a key to break in a matter of minutes. But again if there's a limited number of sufficiently powerful quantum computers most addresses will actually be safe because for example Satoshi has a very large number of addresses each with 50 bitcoin in the early days of mining bitcoin.

One very easy mitigation actually is to just make sure that in your wallet you have less than 50 bitcoins worth of value because then the attacker will target Satoshi's coins first and we'll have a bunch of lead time seeing Satoshi's coins being drained before everyone else's.

I mean, the one thing, of course, is if Satoshi's coins get drained, then that would cause like a systemic panic, and so the price of Bitcoin might go south. But let's say that now it was 2032, we would wake up one morning and find that all of Binance's wallets got drained, even like cold storage. Same with Coinbase. Is that kind of how to think about it?

So a lot of the large exchanges for the cold wallet actually implement a very easy mitigation or at least they should implement a very easy mitigation which is to not reveal the public key. So on most blockchains like Bitcoin and Ethereum you have the address which is the hash of the public key and then you have the public key which needs to be revealed the very first time you spend from that address.

If you have a cold storage address for which you've never made any spends then the public key has not been revealed and that's actually secure against quantum computers. So the very easy mitigation is to make sure that you're hiding your public key behind the hash which is your address.

Now, there is a company called Project 11 that has this tracker website that will tell you what percentage of keys are protected behind the hash and those that are not. And I believe we're talking roughly 30%, don't quote me on this, just check the website. Some of the top addresses are indeed exchanges.

If you are a security officer at one of these exchanges or you're pods of management do consider this very simple mitigation of putting all your cold storage in an address that has never made a single spend.

I guess from what I understand, the way these exchanges work, they have cold storage, they'll have like a lukewarm storage, I for what it's called, and then the hot wallet. So presumably there are times when certain cold storage wallets might need to transact with the lukewarm wallets or whatever they're called, but it's probably pretty infrequent.

So, now let's talk about something that Chris kind of alluded to. He said, if whoever develops the first computer wants to go after these coins, I'm so curious. There must be a race to develop this type of computer first. So, who are sort of the different players and are any of them ones that might be motivated to attack crypto?

Well, we know of many of the public players at least. So Google has a serious high dollar investment in building various types of quantum computers, engineering them. As Justin mentioned before about error correction, just last year, Google had a major breakthrough in the quality of error correction that it was able to attain. That's one of the most important ingredients in ultimately building a large-scale quantum computer.

You also have IBM and a large number of moderate number of startups of various names that are all trying different engineering approaches. Then you have the not so public players. We know that governments around the world of various large countries are very interested in this kind of technology. They don't report out their progress to a large degree and so we don't really know where they lie and whether the private sector that's making public announcements is ahead of them or catching up it's very hard to say but naturally the US government the Chinese government all kinds of rich countries are almost certainly investing a lot of effort in into building quantum computers.

In the public quantum computing industry, there's a bunch of companies that have gone public. There's been a little bit of speculation around those. So some names that Chris didn't mention. There's like Squantum and Quantinum and Regetti.

One I was talking to the Google team recently and one thing they mentioned is that in China as a instead of having many different commercial companies working on this, it's mostly centralized at the government level and they're extremely quiet. So I would say those are the two primary poles the public companies and the Microsofts, the IBMs, and the Googles versus a government like China.

I feel like I mean, this is something that's been said a lot in crypto, but you know, a government like China is probably one of the few players that would be very motivated to try to attack blockchains in this way. So, yeah, I could see that being a threat.

Well, I'm so curious and I know you guys are kind of affiliated with certain chains, but you probably have made an assessment of which chains are maybe more vulnerable than others and which ones are least vulnerable. So, I'm just curious to hear the lay of the land, like what your opinion is on if there are any particular coins that you think probably you know, are better positioned and which ones need to you know, up their game.

When migrating to postquantum cryptography there's really two challenges. One is a technical one and the other one is a social one. In my opinion the major technical challenge is what's known as the size problem for postcontent cryptography. We're dealing with signatures that are at least 10 times larger than ECDSA.

ECDSA has 64 bytes signatures and the smallest NIST standardized scheme is called Falcon 512 and it has signature sizes of 666 bytes. There's all sorts of other schemes that have even larger signatures. If you maintain the block size which for pretty much any blockchain is like the scarcest resource that you have your throughput and you increase your size of your transactions by a factor of 10 then your TPS your throughput is going to go down by a factor of 10.

Imagine Bitcoin going from 3TPS to 0.3TPS or Ethereum going from 25 to 2.5 or Solana going from a thousand to 100. In my personal opinion this is just a non-starter just from a commercial standpoint. It would just be way too disruptive.

The Ethereum Foundation has been investing in to solve this technical size problem is what's known as signature aggregation. The idea is to take a multiple or all of the signatures corresponding to all of the transactions in the block and to snarify them into a single proof that would get published alongside the block.

This is something that we've been working on for a while now. We have something called lean VM. We have variants of the NIST standardized signatures that are much more friendly to this aggregation.

Putting aside the technical problem which is real for some other blockchains there's an even more real problem which is the social one. First of all they need to recognize that indeed there is a problem. Even once they've recognized they need to put in place all of the coordination infrastructure and the top bit blockchain that I have in mind here is Bitcoin.

You have leaders like Adam Beck that are in complete denial that quantum computers could be coming in the early 2030s. He's talking about at minimum decades until cryptographically relevant quantum computers come. Nick Carter wrote this report recently where he went through the whole list of Bitcoin high priests. Of the 10 that he identified, only one of them, Jonasnik, was worried about quantum computers, and the nine others didn't seem too worried.

Bitcoin is a chain that only makes upgrades extremely infrequently. In the last 10 years it's only made two upgrades and it's plausible that it would take them at least five years to upgrade to post quantum cryptography and that quantum computers could come within that time frame.

One of the things that I'm hoping will happen ironically is that there's a collaboration between Ethereum and Bitcoin because what happened in 2009 when Satoshi launched Bitcoin is that he created a de facto standard for signatures. He went with ECDSA. He picked a specific curve se 256 sep 25 256 K1 and then most of the chains just copied this.

This was really good because it meant that you had the same key derivation standards across all of the chains. You have the same wallet infrastructure, the same hardware wallets, you have the same MPC protocols, etc., etc. It would be pretty catastrophic in my opinion if every chain were to come up with its own own solution.

The strategy that we're taking at the Ethereum Foundation is actually to try and pill the Bitcoiners to reuse whatever we have so that if Bitcoin and Ethereum together have the exact same solution that all of the other chains most likely will just copy it.

The lean VM that I mentioned is built with Bitcoiner security in mind. We're trying to be as conservative as possible and not cutting any corners. We're also collaborating with Bitcoin researchers. So there's Mihal Kudinov for example, we wrote four different papers, academic papers with him in in 2025 and early 2026. These are papers on postquantum cryptography and last year we organized a workshop in Cambridge in October. This was a three-day postquantum workshop which he came to. He's a great guy and I'm basically hoping that Mihal can single-handedly be the bridge between the Bitcoin world and the Ethereum world.

I forgot to mention that Mihal works at Blockstream, the primary company that has soft power over Bitcoin upgrades. And that is run by Adam Bach who actually you mentioned already was not. But yeah, Jonas Nick is also at Blockstream. So maybe you know Adam back could be convinced if Mikuel and Jonas join forces.

I'm curious, Chris, what you think of that idea about if Bitcoin and Ethereum are using the same strategy or the same solution, if that would be something that other chains would naturally do because I don't know if it is even an issue. But in my head, I'm like, "Oh, but does that reduce resiliency for the industry if everybody's using the same model that potentially could later on become vulnerable?"

In terms of cryptography and the standards that are underlying the technologies themselves I think it's a very good thing to have broad industry standards that are well understood that have been well vetted and as Justin mentioned the falcon signature scheme is one which has been selected by the US national institute of standards in technology now through a many year postquantum cryptography process.

That started back in 2017 or so and is just coming to the conclusion of its main activities in in the past year and upcoming year. It's very good if the industry can all agree on one standard so that things are interoperable. You get many fewer cryptographic disasters or unexpected incompatibilities or security issues.

Speaking of some of the other projects out there that have taken postquantum cryptography seriously for example I've been connected to Algarand since 2021 through Algarand Technologies. That's a company that works on cryptographic research and protocol security. One of the reasons I got excited to do that at the time was they specifically wanted to understand the postquantum cryptography landscape and to bring their chain up to date and understand what it would take to build in postquantum resiliency.

Through those years we developed something very similar to what Justin was talking about to address this size problem. It was called fate proofs and it uses the falcon signature scheme and it basically offers a fairly frequent but periodic checkpoint a postquantum secure checkpoint about the state of the Algrand chain for example. So it allows you to say, you know, every 256 blocks, which is every few minutes on Algarand, you can get signatures, Falcon signatures from many, many different validators and accounts that attest to the state of the chain.

Then there's a thing called a state proof that kind of condenses these Falcon signatures down to a small number of them that together prove that a large percentage of the stake in the Algrand system has attested to yes, this is the state of the blockchain at this point in time. That's a post-quantum secure attestation or proof.

It allows one to for example interact with other chains or have a long-term postquantum secure kind of snapshot of what the chain actually looked like. That keeps it secure even in the ultimate future when quantum computers emerge and might try to you know fork the chain through a historical path or try to convince a light client that the chain looks like this when it actually looks like that. So light clients and other users can look at these state proofs and determine yes this is the actual state of the chain at this point in time.

Recently Algrand also added these postquantum secured wallets. So you can actually give postquantum secured transactions for using the same Falcon signature scheme.

For the transaction that just means like that the transaction wouldn't be vulnerable to a quantum computer or?

Exactly. The transaction the signature transaction has a signature. It's a Falcon signature that's a postquantum secure signature and those the idea is that a quantum computer would not even be able to forge such a signature. It would not be able to you know empty your wallet if you've got this feature enabled that requires postquantum signatures on its transactions.

So, these are addressing sort of the two layers that Justin mentioned at the top of the show where you have, you know, there's there's protection for individual accounts and wallets and then there's protection at the base layer of the blockchain itself and the consensus layer. And you know, does everybody agree that the same thing is happening?

Okay, got it. That that makes sense.

Bits and Bips now has its dedicated feeds. We're spinning off from the Unchained feed and moving to a new podcast and YouTube channel. So, if you want to keep up with our weekly live streams and macro meets crypto breakdowns, make sure to subscribe to Bits and Bips directly. We won't publish there until March, but subscribe today so you can be ready for launch. Be sure to subscribe to the new feeds at unchainedcrypto.com/bitsandbips.

Want a chance to win $25,000 in USDC? Figure, a platform to earn yields, borrow against crypto, and access lending markets, is running a $25,000 USDC sweepstakes tied to their democratized Prime product. Here's how it works. Download the Figure Markets app using our link, figures.co/chained DP. Deposit into a democratized prime lending pool and leave your funds there for 25 consecutive days. Every dollar equals one entry, so $1,000 equals 1,000 chances. While your funds stay in the pool, you're also earning around 9% APY, paid out hourly. To learn more and enter, go to figurearkets.co/chainedp, which is also available in the show notes.

If you're looking for help with crypto taxes, cryptotaxgirl is offering $100 off for unchained listeners. They provide personalized crypto tax reports and returns and spots before April 15th are limited. Go to cryptotaxgirl.com/chained to save $100. Once again, the link is cryptotaxgirl.com/unchained.

Back to my conversation with Justin and Chris.

So are those all the different types of problems that could happen with quantum cryptograph sorry quantum computing or are there any others that you know might affect blockchains?

There's another type of attack that we haven't really mentioned so far and it's of lesser significance to the blockchain space but still can have some important implications and that is what's known as a store now decrypt later attack. This primarily affects encryption.

If you have data that you want to keep secret, let's say your account balance is private or you're using a chain that offers some privacy to the transactions, that usually uses a technology called encryption. Just like with ECDSA signatures that Justin mentioned earlier, all of the predominant encryption methods of the past several decades are also vulnerable to quantum computing attacks.

Would that affect like pretty much all the privacy coins and all the privacy chains?

It would depend on what kind of level of privacy that they provide. But what it would allow is if there's some encrypted data that is stored on the blockchain for example and is meant to remain secret for a long time. When a quantum computer ultimately emerges, it can look at that encrypted data, break the key, and decrypt the data and learn what was supposed to remain private.

You have this problem where if you're encrypting things today with cryptography that would be vulnerable to quantum computers, you have a problem because if you're trying to keep it secret for 10 years, for example, and quantum computers emerge in six or as whatever the prediction is, you can't you're going to lose, right? You're not going to be able to keep it secret for that long. So it means that if you want to keep secrets at for a longer term period then you need to start using quantum quantum secure cryptography right now.

Laura, you were asking about the privacy chains. So I have a piece of good news and a piece of bad news. The piece of good news is that quantum computers will break the soundness of these private privacy schemes like like Zcash, but they will not break privacy.

Someone can spend coins that are not theirs but at least the whole history of past transactions will not be magically decrypted. So that's the good news. The bad news is that I think privacy coins like like Zcash are going to be the very first target of a quantum computer.

The reason is that you can steal funds without anyone noticing. So within the privacy pool, you can just empty the privacy pool and no one will know.

You mentioned Laura that there would be kind of mass panic if Satoshi's coins were to move. Well, there wouldn't be any mass panic if the Zcash coins were to move because no one would really notice.

That is really scary. And would this also affect because there's, you know, as I'm sure you know, there's a bunch of layer twos that have privacy on Ethereum. You know, I just interviewed Aztec back at Defconnect when they launched like that. You know, there's a bunch. So, would those also be affected?

Yes, unfortunately, they would be affected. Really the solution here is to try and migrate as quickly as possible to postquantum snarks because a lot of these are based on snarks. Hashbased stocks are basically the only solution that is production grade today.

In addition to deploying new technology, one of the social problems is trying to force the community to exit one system and move to to another one. For example in the the context of Zcash they have these multiple shielded pools I think one is called sapling and they have various names. One thing that you can do is basically keep track of the total amount of funds that have been deposited in the privacy pool and the total amount of funds that have left.

You can what you could potentially do is have a policy that says, you know, by this date we need to have this specific vulnerable privacy pool be emptied otherwise all of the coins might might be deemed might be destroyed as a policy decision by the community.

One of the things that I want to highlight going back to Bitcoin is that they have this big issue around what do you do with the Satoshi coins which is about a million BTC which is you tens of billions of dollars. There's basically potentially going to be a contentious fork here with one side wanting to burn them and the other side saying no no no privacy rights are sacred. We definitely cannot burn them.

The good news for Ethereum is that there's roughly speaking 0.1% of the ETH circulating supply which is known to be lost or believed to to be to be lost and so that's essentially a rounding error and I don't think we'll have this consensus fork in Ethereum land and wait so I'm sorry just to understand are you saying for something like Bitcoin that in order for any coins to be saved all the owners have to voluntarily move.

No, that or for any chain, we need to have the owners perform an action where they spend their coins from a quantum insecure wallet and migrate them to a postquantum secure wallet. There is this one exception which is that it is possible to basically have a proof of knowledge of the seed phrase as opposed to a proof of knowledge of the private key.

That would allow you to migrate without any user action. But this is not something that many chains are considering as the default path. They are considering for example as an emergency path. So if let's say tomorrow we had a quantum computer that was able to to crack Ethereum addresses at will, what would probably happen is that we would just shut down the chain and then we would have a mechanism for people to prove that they own the seed phrase which is a postquantum secure thing as opposed to proving that they know their private key because that's something that the attacker would know and then we would have this reboot mechanism that would take several weeks potentially several months.

It is being considered right now as a an emergency backup but it's not the the default path. Wait, and I'm sorry like to quote unquote shut down the chain, you have to get all the individual miners all or stakers. I guess like but I guess because there's a lot of So you'd have to get all the solo stakers and all the you know kind of like places like Lido and and whatever that are doing it for for individuals like you'd have to get them all to do that, right?

There's two separate problems. There's the users and the validators. For the users, we basically the community more likely than not would say, hey, like any transaction that has been made from this point onwards is just considered a null and void. What we're going to do in order to prove your ownership of a specific address is we're going to ask you to prove that you know your seed phrase.

Just to back up a little bit, the way that you go from the seed phrase to the public to the private key involves some hashing and hashing is is is quantum secure. So that step here is is quantum secure and it can be leveraged to do an emergency reboot for the users.

You could also do a similar thing for the stakers. So, Ethereum has roughly hundred billion dollars of stake and each validator can have a zero knowledge proof that they know the corresponding seed phrase and then use that to basically send their ETH to a a new postquantum secure address. But this is a process that would take many weeks, potentially many months.

For a period of time, the Ethereum chain would go down. But having said all of this, the plan right now is to upgrade every single piece of Ethereum cryptography to be postquantum secure by 2029. Hopefully this should not be an issue if indeed 2022 is