As conversations around the long-term security of blockchains intensify, Cardano founder Charles Hoskinson has cautioned that preparing for a post-quantum future will involve significant compromises, particularly in performance and efficiency. While quantum-resistant cryptography already exists, Hoskinson argues that adopting it too early could do more harm than good for live blockchain networks.
Hoskinson explained that the tools needed to protect blockchains against potential quantum attacks are no longer theoretical. Post-quantum cryptographic standards were formally published by the US National Institute of Standards and Technology in 2024, offering clear technical pathways for future-proofing digital systems. The real challenge, he said, lies in implementation. Without specialised hardware support, these algorithms are far heavier than the cryptography currently used across most blockchains.
According to Hoskinson, post-quantum systems typically require much larger proof sizes and significantly more computation. In practical terms, this could slash a blockchain’s throughput by an order of magnitude, undermining scalability and increasing costs for users and validators alike. In his view, making such a trade-off prematurely would amount to sacrificing efficiency today to guard against a threat that may still be years away.
Uncertainty around timelines remains a central issue. While many researchers agree that sufficiently advanced quantum computers could eventually break the elliptic-curve cryptography underpinning networks like Bitcoin, Ethereum, and Cardano, estimates for when this becomes feasible vary widely. Hoskinson suggested that instead of relying on corporate roadmaps or media hype, the industry should monitor the US Defence Advanced Research Projects Agency’s Quantum Benchmarking Initiative. That programme aims to objectively assess whether quantum systems can deliver real-world utility, with 2033 set as a decisive milestone.
Within that broader context, Hoskinson said the crypto industry already understands the available defensive options. The debate, he noted, is increasingly about which cryptographic path to prioritise. Hash-based approaches, which Ethereum is exploring, are widely regarded as conservative and quantum-resistant but are largely limited to digital signatures. Lattice-based cryptography, which Cardano is favouring, supports both signatures and encryption and could enable more advanced functionality in a post-quantum environment.
One advantage of lattice-based systems, Hoskinson added, is their compatibility with existing graphics processing units, allowing networks to leverage the massive investments already made in AI hardware rather than building new, specialised chips. Even so, he stopped short of advocating an immediate, network-wide transition.
Instead, Hoskinson outlined a gradual mitigation strategy. This includes measures such as post-quantum-signed checkpoints of Cardano’s ledger, potentially implemented through tools like Mithril or the Midnight sidechain. Such steps could add layers of protection without forcing disruptive protocol changes.
Ultimately, Hoskinson emphasised that every cryptographic choice carries consequences. Decisions around finality, security, and performance are difficult to reverse, making caution essential. For now, he believes the industry’s task is to balance preparedness with practicality, ensuring blockchains remain usable today while keeping an eye firmly on the quantum horizon.
