Alex Pruden 5.0 6 ideas

The speaker states that 35% of all Bitcoin is vulnerable to quantum attack because the public keys are exposed on-chain (e.g., Satoshi-era coins, exchange cold wallets). A quantum computer of sufficient scale could use Shor's algorithm to derive the private key from an exposed public key and steal the funds. Recent papers show this scale requirement has fallen dramatically. Any Bitcoin held in a vulnerable address (legacy/P2PK) should be considered at direct, existential risk if quantum computing progresses. Good "address hygiene" (not reusing addresses) protects only from mempool attacks, not from exposed keys. A global, coordinated migration of the Bitcoin network to post-quantum cryptography occurs before a capable quantum computer is built.

The speaker states approximately 70% of Ethereum is vulnerable to quantum attack because its account-based model inherently encourages address reuse (e.g., for ENS identities). Reused addresses expose the public key, enabling a quantum computer to derive the private key. The design makes it "much, much harder" for users to protect themselves via key hygiene compared to Bitcoin. The structural vulnerability of Ethereum's design makes a large majority of its assets a high-risk holding in a future with scalable quantum computers. Widespread adoption of new smart contract-based wallets using post-quantum cryptography occurs before a quantum threat materializes.

The speaker explicitly says blockchains like Solana "use naked public keys without any hashing," meaning "all of those assets are insecure." Without a hash function to obscure the public key, every transaction fully exposes the key a quantum computer needs to break the signature immediately. The protocol's design presents a fundamental and comprehensive vulnerability, leaving no quantum-safe holdings without a full protocol migration. The Solana ecosystem successfully migrates to a post-quantum secure signature scheme before a capable quantum computer exists.

Alex Pruden explicitly discusses quantum attacks on Bitcoin, citing Google research that a "fast clock" quantum computer could execute an "on spent attack" to steal Bitcoin within 9 minutes by intercepting transactions in the mempool. Bitcoin's slow block times (~10 minutes) create a window vulnerable to real-time quantum attacks, and once such attacks are possible, migration to post-quantum secure addresses becomes permissionless impossible, risking fund loss. WATCH because this represents a developing, high-stakes security thesis that could materially impact Bitcoin's long-term viability and value, warranting close monitoring by investors. Quantum computing progress may be slower than anticipated, or Bitcoin developers might implement successful mitigations (e.g., protocol upgrades) before attacks become feasible.

The speaker states that ~6.7M BTC ($450B) held in addresses with exposed public keys are vulnerable to a slow-clock quantum computer, and the protocol faces a massive coordination challenge to migrate these funds. Bitcoin's security relies entirely on elliptic curve cryptography, which a cryptographically relevant quantum computer (CRQC) can break. Migrating requires protocol-level consensus, wallet upgrades, and user action—a complex, slow process. The high value at risk, combined with Bitcoin's decentralized governance and technical conservatism, makes timely, coordinated migration before a potential "Q-day" (estimated ~2029) a significant risk. The Bitcoin community rapidly coordinates on and executes a post-quantum upgrade well ahead of any CRQC being built.

The speaker states Ethereum has a "much bigger" attack surface than Bitcoin because its proof-of-stake consensus signatures and vast ecosystem of smart contracts and L2s all depend on elliptic curve cryptography vulnerable to quantum attack. While Ethereum's 12-second block time mitigates real-time "on-spend" attacks, securing its consensus mechanism and the entire smart contract stack for a post-quantum world is a "massive, massive challenge" requiring coordination across countless independent developers and projects. The complexity and scale of the required migration across all layers of Ethereum's ecosystem create substantial execution risk, threatening the network's security and value if not completed before a CRQC emerges. The Ethereum Foundation and core developers successfully prioritize and execute a comprehensive post-quantum transition with broad ecosystem adoption ahead of the threat timeline.