More than $3 trillion in digital assets could become vulnerable to theft in the next four to seven years, according to a new report from Project Eleven..
Project Eleven focuses on post-quantum security and digital asset migration and recently announced a collaboration with the Solana Foundation to prepare its network against the threat of quantum computing.
“The digital asset industry has more than $3 trillion in added value, and virtually all of it is secured by the same class of cryptographic primitive: elliptic curve digital signatures,” which are vulnerable to quantum computing attacks, according to the report.
But not only cryptocurrencies are at stake here. The report states that the same public-key cryptographic security used by bitcoin, ether, and stablecoins also underpins banking systems, cloud infrastructure, authentication networks, and military communications.
The 110-page report from Project Eleven, whose CEO Alex Pruden was on stage at Consensus Miami 2026He also claims that sufficiently powerful quantum computers could use Shor’s algorithm to derive private keys from public keys, allowing attackers to forge signatures and take control of digital wallets and accounts protected by elliptic curve cryptography.
This means that blockchains, banking infrastructure, cloud systems, military communications and other digital identity systems are also vulnerable, not just bitcoin, ethereum, stablecoins and other blockchains, the report emphasizes.
Project Eleven says that a “Q-Day” scenario – the arrival of a cryptographically relevant quantum computer cable to break widely used public-key cryptography – could occur as early as 2030, at the latest 2033.
“Our analysis suggests that, based on current trends, Q-Day is most likely to occur in 2033, and potentially even in 2030,” the report reads. “The window for the world to migrate to post-quantum cryptography is narrowing.”
And here’s why it’s getting so complicated, the report explains: Large systems typically take five to more than 10 years to migrate, depending on how complex their networks are.
Another difficult challenge is how the transition is actually carried out, since the migration of all vulnerable quantum systems and blockchains to secure networks involves a process that requires a coordinated and simultaneous transition of all users, exchanges, custodians, wallet providers and miners.
Read more: To freeze or not to freeze: Satoshi and the $440 billion in bitcoins threatened by quantum computing
“The gap is not technical,” the report says. “The gap is entirely one of coordination, urgency and willingness to accept the costs of migration.”
When it comes to Bitcoin, things get even more complicated because upgrades historically move slowly and often become politically contentious.
“The Bitcoin SegWit upgrade, a relatively modest change compared to the PQC migration, took more than two years from proposal to activation (2015-2017) and triggered a controversial chain split,” the report recalls.
Read more: What the hell? Why Bitcoin’s technological changes affect the price
“The distributed nature of blockchain networks means that the migration to post-quantum cryptography can take almost a decade, longer than other centralized systems.”
Pruden, who authored the report along with CTO Conor Deegan, warned that Bitcoin’s migration to post-quantum crypto could prove even more difficult than Taproot because it would require coordinated action between users, exchanges, custodians and miners. He also said he was personally leaning toward “recycling” the 5.6 million to 6.9 million vulnerable BTC tokens, worth up to about $500 billion at current prices, back into bitcoin’s supply curve rather than allowing a quantum attacker to eventually sweep them up.
Pruden’s Project Eleven report ultimately acknowledges that the issue creates tension between bitcoin’s fixed-supply ethos and its commitment to property rights.
Read More: Bitcoin Quantum Debate Splits as Adam Back Pushes Optional Upgrades Instead of Forced Freeze
