If you intend to hold digital assets for a decade or longer, the cryptography underneath your wallet is a question worth tracking. Here is how to think about it.
Most security advice for cryptocurrency holders focuses on the obvious risks: phishing, exchange failures, weak passwords, careless custody. That advice is correct and worth following. But for anyone holding digital assets with a genuine long-term horizon, the kind of holder who thinks in decades rather than market cycles, there is a quieter question worth tracking, and most wallets do not yet have a good answer to it.
The cryptography that secures almost every cryptocurrency wallet in use today elliptic curve signatures on Bitcoin, Ethereum, and most other chains is not designed to withstand a sufficiently capable quantum computer. No such computer exists yet. Credible estimates place its arrival at least a decade away, possibly considerably more. But for an asset intended to be held for fifteen or twenty years, a decade is not a long time.
What changed in 2024
In August 2024, the US National Institute of Standards and Technology finalised the first three post-quantum cryptography standards, after nearly a decade of public competition and review. ML-KEM is the new standard for key exchange. ML-DSA is the new standard for digital signatures. SLH-DSA is a more conservative, hash-based backup option. These are now the recommended replacements for the classical cryptography that secures most of the internet, and over time they will replace the cryptography that secures cryptocurrency as well.
Adoption has been slow, which is unsurprising. Migrating cryptography is expensive. The new primitives are well-reviewed but young. And the perceived urgency is low because the threat itself is not yet operational. Most hardware wallets, exchange custody platforms, and software wallets continue to rely on the same elliptic curve cryptography that has secured digital assets since Bitcoin’s launch.
Why this matters for long-term holders
There are two practical points worth understanding.
First, the cryptography you depend on is fixed at the moment you create a wallet, not the moment you spend from it. An address that exists today, with funds sitting in it, is protected by whatever cryptography was current when the address was generated. If that cryptography becomes vulnerable later, the funds become vulnerable too unless they are moved to a new address using newer cryptography before that point. Long-dormant wallets are particularly exposed to this kind of transition risk.
Second, “hybrid” approaches are emerging as the conservative answer. Rather than replacing classical cryptography with post-quantum cryptography, hybrid designs use both at once, in a construction where the system only fails if both the classical and the post-quantum primitive are broken simultaneously. This is the approach most cryptographers are recommending for the transition period, because it preserves the thirty years of attack experience built up against classical primitives while adding protection against future quantum attack.
What to look for
For a holder who wants to track this without becoming a cryptographer, three questions are worth asking of any wallet or custody provider over the next few years. Are they planning a transition to post-quantum cryptography, and on what timeline? Will they use a hybrid construction, or replace classical primitives outright? And will the transition be backwards-compatible — will existing addresses be protected, or will users need to migrate funds to new addresses to gain the new protection?
A small number of wallets have already made this transition, ahead of the rest of the industry. Lock, a self-custodial wallet released this year, is one example: it pairs the new NIST standards with classical cryptography in hybrid construction across the system. Most established wallets have not yet announced concrete plans. Both positions are defensible the early movers are betting on the transition mattering sooner than consensus suggests; the later movers are betting on having time. The point for a holder is to understand which bet their own wallet is making, because that bet is now their bet too.
Quantum computing is one of the few risks in cryptocurrency that is genuinely structural rather than operational, predictable rather than sudden, and addressable in advance rather than only in response. For a long-term holder, that combination makes it worth a few minutes of thought, well before it becomes the topic everyone is suddenly thinking about at once.
Disclaimer: This article contains sponsored marketing content. It is intended for promotional purposes and should not be considered as an endorsement or recommendation by our website. Readers are encouraged to conduct their own research and exercise their own judgment before making any decisions based on the information provided in this article.
Leave a comment