# Demystifying the Quantum Threat

**Published by:** [Danki](https://paragraph.com/@danki/)
**Published on:** 2023-08-03
**URL:** https://paragraph.com/@danki/demystifying-the-quantum-threat

## Content

In da past two weeks, I have encountered at least 3 people who talk about quantum menace as if it will be the end of all existing blockchains today. So here are some facts: -Majority of the hashing functions used to generate private keys for blockchain addresses are using Elliptic Curve Cryptography which is NOT quantum safe. It means digital signatures may be forged to make transactions on behalf of an account. This is probably where they’re coming from. -Hashing algorithms like Keccak256 ar quantum-safe though... so while they can forge signatures, a quantum adversary may not be able to alter the consensus in most blockchains at least in the EVM-compatible ones (which comprises most of the users and developers in the space). -Most existing blockchains are upgradeable. It will not be the end of the world if it turns out that future quantum computers can break some parts of the current cryptographic schemes. Blockchain cryptography is also evolving. And my, at a dizzying pace. They can simply migrate before any quantum program becomes powerful enough as a threat (and there are already quantum-resistant options available for use). -How about ZK-SNARKS-based applications and infrastructure? Most of today's widely used ZK opt for statistical zero-knowledge over statistical soundness… which means a quantum adversary may break soundness in terms of deriving toxic waste from a trusted setup ceremony and fake a ZK-SNARK. But that's the worst of the worst that could happen. It still can't crack any past secret data, and in some cases, a malicious actor will not even see what a transaction contains before they decide that they wanted to forge it. -It will take anywhere between 2500-4000 qubits to break ECDSA. Right now, the most powerful quantum computer has 433, and if we'll believe IBM's timeline we'll get to that 2500-4000 mark by 2025. A trusted setup ceremony is already happening in Ethereum, and by the time a powerful enough quantum adversary arrives, the setup would have been finished. And even if that fails for some unlikely reason, we already have starks-based and lattice-based signature schemes which are currently being optimized for efficiency and blockchain use. Now there are a lot of ways quantum computing can potentially break the blockchain. But that’s all it is right now: potential. All these scenarios have varying degrees of likelihood. There are still a lot of unknowns, but as for a mere donkey, I’ll only start panicking if they found an algorithm that can undo hashes. I don’t think it will happen though. But to each his own. Ok now go, have better discussions about post-quantum cryptography in da blockchainz 🐴

## Publication Information

- [Danki](https://paragraph.com/@danki/): Publication homepage
- [All Posts](https://paragraph.com/@danki/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@danki): Subscribe to updates