A future where quantum computers are capable of cracking cryptocurrency addresses is shifting from science fiction to a harsh reality. However, the Ethereum Foundation has already found an elegant, budget-friendly solution that doesn’t require a global blockchain overhaul or multi-million dollar expenses.
Nicolas Consigny, head of the Kohaku project at the Ethereum Foundation, introduced SPHINCS-—an interim technological solution capable of safeguarding user accounts against quantum threats today.
SPHINCS-: Hard-Fork-Free Protection via Account Abstraction
The main value of this new method lies in its affordability and ease of integration. SPHINCS- allows securing wallets without a hard fork (a forced, complex, and potentially risky network-wide upgrade).
This implementation is made possible by Account Abstraction (ERC-4337) technology. It turns standard wallets into smart contracts, allowing developers to upgrade the signature verification logic on the fly.
Key features of the solution:
- Ultra-low cost: Transitioning to the new security layer will cost users roughly $0.07 (paid in gas equivalents).
- Robust foundation: The method is based on the SPHINCS+ post-quantum digital signature standard, approved by the US National Institute of Standards and Technology (NIST). Consigny successfully adapted this algorithm, “compressing” it to run efficiently within the Ethereum ecosystem.
Future plans: SPHINCS- is viewed as a temporary but fast deployment phase. Down the road, developers plan to launch leanSPHINCS. It will further slash transaction costs through data aggregation, combining signatures from multiple users into a single proof to reduce network load.
Why It’s Needed: The Vulnerability of Elliptic Curves
Today, the Ethereum network (much like Bitcoin) relies on the Elliptic Curve Digital Signature Algorithm (ECDSA). This is exactly what quantum machines are targeting.
Discussions surrounding the reality of this threat intensified following an experiment by researcher Giancarlo Lelli. He successfully utilized an existing quantum computer to crack a 15-bit key. This precedent proved that technologies are advancing faster than anticipated, and the theoretical danger of next-generation cryptanalysis is rapidly materializing.
Why Bitcoin Will Suffer More: Anatomy of the Threat
Post-quantum security is a pressing issue across the entire crypto industry, but it is particularly acute for Bitcoin due to its lack of built-in smart contract flexibility.
Bitcoin keys are 256 bits long. Cracking them via brute force on classical computers is impossible. However, Shor’s algorithm running on a powerful quantum computer could theoretically derive a private key from a known public key.
According to the analytics platform Glassnode, billions of dollars in BTC are at risk due to architectural specifics:
| Risk Category | BTC Volume | % of Total Supply | Nature of Vulnerability |
| High Risk | ~1.92M BTC | Nearly 10% | Public key is exposed to the network. These include old addresses (such as Satoshi Nakamoto’s coins) and wallets that have already made outgoing transactions. |
| Medium Risk | ~4.12M BTC | Around 21% | Address Reuse. Due to wallet management specifics, the public keys of these addresses become visible on the blockchain. |
Important clarification: Addresses that have only received bitcoins and never sent them out are better protected. Only the hash of the public key is visible on-chain, and hash functions (like SHA-256) are resistant to quantum attacks thanks to Grover’s algorithm. However, the moment a user makes a transaction, their public key is revealed, leaving the address vulnerable.
Vitalik Buterin’s “Plan B”: An Emergency Backup Fork
The SPHINCS- development is not Ethereum’s only line of defense. Previously, Ethereum co-founder Vitalik Buterin proposed an alternative scenario in the event of a “sudden quantum apocalypse” (e.g., if a powerful quantum computer emerges tomorrow).
Buterin outlined a concept for an emergency hard fork. If a mass wallet-hacking event begins, the Ethereum network will be temporarily paused. Developers will roll back the blockchain to the point before the attack began and implement a new transaction type based on STARK-constants (another form of post-quantum protection). Users will simply need to update their wallet software by providing a specific proof of ownership to claim their funds.
Conclusion
The crypto industry is gradually awakening to the scale of the quantum threat. But while Bitcoin will require a complex and politically challenging hard fork to defend against Shor’s algorithm, Ethereum is poised to proactively deploy SPHINCS- post-quantum signatures using Account Abstraction. The fact that an entire capital fortune can be secured for just $0.07 makes this solution a prime candidate for the next industry standard.
