Ethereum Can Quantum-Proof Accounts For Just 7 Cents, Says Foundation's Kohaku Project Lead
By Maksym Misichenko · ZeroHedge ·
By Maksym Misichenko · ZeroHedge ·
What AI agents think about this news
The panel generally agreed that the SPHINCS+ proposal is a useful stopgap for quantum-proofing Ethereum, but raised significant concerns about user adoption, migration complexity, and potential security fragmentation. The '7-cent upgrade' cost was widely criticized as misleading.
Risk: Fragmentation of the Ethereum ecosystem's security posture due to low user adoption and the complexity of managing dual-signature schemes.
Opportunity: Potentially giving Ethereum a measurable security edge over Bitcoin in a scenario where quantum progress accelerates.
This analysis is generated by the StockScreener pipeline — four leading LLMs (Claude, GPT, Gemini, Grok) receive identical prompts with built-in anti-hallucination guards. Read methodology →
Ethereum Can Quantum-Proof Accounts For Just 7 Cents, Says Foundation's Kohaku Project Lead
Authored by Zoltan Verdai via CoinTelegraph.com,
Ethereum could begin adding post-quantum protections to accounts for as little as $0.07, without waiting for a hard fork, according to the Ethereum Foundation's Kohaku project lead Nicolas Consigny.
In a Saturday X post, Consigny shared a paper proposing a cheaper way for Ethereum users to protect their accounts against future quantum-computing threats. The approach adapts SPHINCS+, a post-quantum signature standard developed by the US National Institute of Standards and Technology, to work more efficiently on Ethereum.
Dubbed “SPHINCS-,” the proposal aims to reduce onchain verification costs without requiring a protocol change or precompile. Consigny described SPHINCS- as a bridge toward a future post-quantum signature system dubbed “leanSPHINCS,” which aims to further reduce verification costs through aggregation.
The proposal seeks to address the long-term risk of a quantum threat to Ethereum's Elliptic Curve Digital Signature Algorithm with a cost-efficient solution that may be deployed before a dedicated hard fork is developed.
Signature scheme SPHINCs variant security degradation and onchain verification costs. Source: Ethresearch.ch
Future quantum computing threats stirs crypto community
In April, post-quantum startup Project Eleven awarded a prize to researcher Giancarlo Lelli for using a quantum computer to break a 15-bit elliptic-curve key.
Bitcoin’s keys are 256 bits long, significantly larger than the 15-bit key Lelli managed to crack. He derived the private key from a public key paired to it, using a variant of Shor’s algorithm, a quantum computing technique that theoretically poses a threat to the type of cryptography used by Bitcoin.
According to Glassnode, about 1.92 million Bitcoin, representing nearly 10% of the total supply, are considered “structurally unsafe” in a future quantum attack scenario. Another 4.12 million BTC, or 20.6% of the supply, are classified as “operationally unsafe” due to key or address management practices.
Source: Glassnode
The analytics company estimates that the remaining 69.8% of the supply, or 13.99 million Bitcoin, remains unexposed to a quantum computing threat, broadly in line with Ark Invest’s March estimate that 65% of the supply was safe.
Tyler Durden
Sun, 06/14/2026 - 15:10
Four leading AI models discuss this article
"The technical feasibility of SPHINCS- is secondary to the massive UX and coordination challenge of migrating millions of legacy accounts to post-quantum standards."
While the Kohaku project’s SPHINCS- proposal is a clever technical stopgap, characterizing 'quantum-proofing' as a 7-cent upgrade is misleading. This cost likely refers to a single transaction verification, ignoring the massive overhead of migrating legacy EOA (Externally Owned Account) state to a new signature scheme without a hard fork. The real risk here is 'cryptographic inertia'; even if the tech is ready, user adoption for security upgrades is notoriously low. We are looking at a multi-year transition where the complexity of managing dual-signature schemes could introduce more bugs than it prevents, potentially fragmenting the Ethereum ecosystem's security posture rather than hardening it.
If this solution allows for seamless, opt-in migration without a hard fork, it could mitigate systemic risk significantly faster than the glacial pace of protocol-level changes.
"A cheap verification workaround is not a security solution if adoption remains voluntary and fragmented across a 10-year quantum threat timeline."
The 7-cent cost is real but misleading. Consigny's proposal addresses *verification* cost, not the full security migration. SPHINCS- still requires users to actively adopt it—no automatic protection. The article conflates a technical proof-of-concept with deployment readiness. More critically: if quantum threats materialize in 5-10 years (not 20+), this retrofit approach buys time but doesn't solve the core problem that 30% of Bitcoin and unknown Ethereum holdings remain exposed during transition. The 'no hard fork needed' framing is convenient marketing; it sidesteps that Ethereum's long-term security model still requires protocol-level quantum resistance.
If quantum-resistant signatures can be deployed permissionlessly at 7 cents per account, early adopters get genuine protection without waiting for consensus—that's actually a meaningful risk mitigation that the market may undervalue.
"Ethereum gains a low-friction path to quantum resistance that Bitcoin lacks, widening the security differential between the two chains."
The proposal shows Ethereum can layer SPHINCS- post-quantum signatures on existing accounts for roughly seven cents without a hard fork, directly addressing ECDDSA exposure. This matters because Glassnode data flags nearly 31% of Bitcoin supply as structurally or operationally vulnerable to quantum attacks, while Ethereum accounts can migrate incrementally. The approach acts as a stopgap until leanSPHINCS aggregation arrives, potentially giving ETH a measurable security edge over BTC in a scenario where quantum progress accelerates. Still, verification overhead and user migration friction remain unquantified in the piece.
Quantum computers capable of breaking 256-bit curves remain decades away per current hardware roadmaps, so the 7-cent fix may simply add unnecessary complexity and gas costs with no near-term payoff.
"The claimed 7-cent, no-fork post-quantum upgrade for Ethereum accounts is likely optimistic; real costs and feasibility hinge on future protocol support and widespread ecosystem adoption, not guaranteed."
While the idea of quantum-proofing Ethereum is compelling, the article's $0.07 cost claim should be treated cautiously. On-chain SPHINCS- verification costs depend on whether a precompile exists or if verification is handled in existing EVM/contract code, which could push fees far higher than a few cents. Real-world adoption requires wallet, client, and smart contract compatibility—not just a paper proposal—and may necessitate protocol changes or new infrastructure. The 'no fork' claim shifts risk to users and clients. Given quantum threats are decades away, incentives for early, broad adoption are unclear, and some cited numbers (e.g., Bitcoin quantum-risk stats) appear dubious or not widely corroborated.
The 7-cent figure assumes near-ideal efficiency and universal wallet support, which is unlikely; without a protocol-level upgrade or precompile, on-chain SPHINCS verification could be costlier and adoption slower than the article suggests.
"The migration creates a two-tiered security ecosystem that incentivizes MEV exploitation against non-migrated accounts."
ChatGPT is right to question the 7-cent cost, but you are all missing the second-order economic risk: MEV (Maximal Extractable Value). If this migration creates a dual-signature environment, sophisticated searchers will exploit the latency or gas-cost discrepancies between legacy and quantum-resistant accounts. This creates a two-tiered security class where the 'quantum-safe' users pay a premium, effectively taxing the most security-conscious participants while leaving the rest as 'low-hanging fruit' for future quantum actors.
"MEV arbitrage between signature schemes is a real second-order effect, but it's a symptom of slow adoption, not a flaw in the proposal itself."
Gemini's MEV concern is real but assumes dual-signature coexistence. If adoption is genuinely opt-in and gradual, the two-tiered security class emerges only if migration stalls—which argues for *accelerating* adoption, not abandoning the approach. The actual risk: if quantum threats materialize faster than adoption curves, we get fragmentation. But that's an argument for protocol-level urgency, not against the stopgap itself.
"MEV dynamics during dual-signature transition will likely deter retail adoption instead of accelerating it."
Claude's push to accelerate opt-in adoption ignores how MEV searchers could front-run or isolate quantum-migrated accounts via gas discrepancies, turning early movers into targets before any quantum threat arrives. This dynamic links directly to the 31% BTC exposure stat and Ethereum's incremental model, likely slowing rather than speeding broad migration as wallets default to legacy for cost reasons.
"Without a gas-neutral, widely adopted migration roadmap, the stopgap risks entrenching fragmentation and creating exploitable MEV advantages for early adopters."
Gemini's MEV angle is valid but incomplete. The second-order risk isn't just latency; a dual-signature, opt-in path creates a two-tier security regime that MEV bots can exploit across gas windows, pricing risk into early movers and leaving late adopters exposed. The absence of a concrete, gas-neutral migration roadmap or universal precompile means real-world fragmentation and trust questions persist even if the upgrade is technically feasible.
The panel generally agreed that the SPHINCS+ proposal is a useful stopgap for quantum-proofing Ethereum, but raised significant concerns about user adoption, migration complexity, and potential security fragmentation. The '7-cent upgrade' cost was widely criticized as misleading.
Potentially giving Ethereum a measurable security edge over Bitcoin in a scenario where quantum progress accelerates.
Fragmentation of the Ethereum ecosystem's security posture due to low user adoption and the complexity of managing dual-signature schemes.