This week, the U.S. Securities and Exchange Commission (SEC) received a formal report warning of an urgent national security threat: quantum computing may soon break the encryption protecting Bitcoin, Ethereum, and trillions of dollars in digital assets. Experts predict that “Q-Day”— the moment quantum computers can crack current cryptography — could arrive as early as 2028, prompting regulators to take action.
Submitted by Daniel Bruno Corvelo Costa, the Post-Quantum Financial Infrastructure Framework (PQFIF) outlines immediate steps the SEC and industry leaders must take to prevent a collapse of trust in digital markets. Costa warns that without preparation, a quantum breakthrough could compromise the security underpinning crypto wallets, exchanges, and smart contracts, triggering catastrophic investor losses and widespread market chaos.
Cybersecurity experts also warn of “Harvest Now, Decrypt Later” tactics, where attackers collect encrypted data now and plan to decrypt it once quantum capabilities mature. A Capgemini report estimates that up to 25% of Bitcoin could become vulnerable if quantum computing continues to advance rapidly.
Proposed Solutions: Standards, and Migration Plans
Costa’s plan urges regulators to immediately implement quantum-resistant standards finalized by the U.S.-based National Institute of Standards and Technology (NIST) in 2024. These standards introduce new cryptographic algorithms specifically designed to resist attacks from quantum computers, replacing vulnerable encryption methods like RSA and elliptic curve cryptography. NIST’s initiative aims to ensure that digital systems worldwide can transition to post-quantum security well before the arrival of Q-Day.
Costa’s framework also recommends automated vulnerability testing, prioritization of high-risk infrastructure, and a phased migration strategy combining classical and post-quantum cryptography.
In July 2025, Bitcoin developers also proposed the “Post-Quantum Migration and Legacy Signature Sunset” BIP to strengthen the network. The plan would first block new transactions to outdated addresses using ECDSA or Schnorr signatures. Five years later, it would render those addresses unusable altogether, with some recovery options under consideration.
Urgency and Global Collaboration Grow
Costa’s report frames quantum risk as more than a technical issue. The report states that it is a global economic threat. Without international coordination, fragmented responses may create dangerous vulnerabilities. The framework calls for immediate collaboration between regulators, technologists, and academia to set unified post-quantum standards.
David Carvalho, CEO of Naoris Protocol, warns that quantum computing could compromise Bitcoin’s encryption within five years. Meanwhile, the SEC faces increasing pressure to issue formal quantum-security guidelines for digital assets.
In the wake of such findings, El Salvador has taken early steps to reduce risk by splitting its $678 million Bitcoin reserves into 14 wallets, limiting the impact of any single quantum attack.
For individual investors, experts advise avoiding address reuse, tracking post-quantum innovations, and using hardware wallets with upgradeable firmware. As quantum advances accelerate, proactive defence becomes essential for protecting digital wealth.
