A

We should treat this as the urgent problem that it is. Every individual should advocate in whatever form or way that they think they can to address this for whatever network that they are a stakeholder in. The way this fails is in a world where there's this reverse bystander effect where Jen's looking at me, I'm looking at you, and we're all saying, I guess you're fixing it, right? And then no one does anything. And then at the end of the day, the systems that we've all worked so hard to build and, you know, and to proliferate into the world are effectively destroyed by this technology.

B

Foreign. Stablecoins in North America are entering a new phase. A new CoinDesk research report examines the market's rapid expansion, which grew to a $308 billion market cap last year as adoption accelerates across payments, corporate, treasury, and tokenized assets. It also features a case study on rlusd, which surpassed a billion dollars in market cap in under a year. Discover how regulation, institutional adoption, and projects like rlusd are reshaping the future of programmable dollars in North America. @coindesk.com. Markets move fast. Crypto moves faster from the floor of the New York Stock Exchange. CoinDesk's public keys tracks the money markets and moves shaping digital assets. Are Satoshi's Bitcoin at risk? Well, quantum computing poses a threat not only to those Bitcoin, but other bitcoin sitting in legacy addresses. Joining us now is Project 11 CEO Alex Pruden. He's a former Green Beret, he's a former partner at a 16z, and he's been thinking long and hard about the risks that quantum computing posed on different crypto ecosystems. Alex, welcome to Markets Outlook.

A

Thanks. Great to be here, Jen.

B

Great to have you here. And great to be talking about this, a topic that's really taken over the headlines lately. We're talking about quantum computers and the risk that they may pose to the crypto ecosystem if we don't get our ducks in a row. So let's just lay a foundation here. What do we need to know about quantum computers as we get into this conversation?

A

Yeah, so first I would say it's a risk they certainly do pose. It's just a question of how long. Right. And so first off, quantum computers are potentially good for many things, but one thing that we know that they are very good for is breaking the underlying mathematical assumptions that underpin all of modern public key cryptography. And modern public key cryptography is used in blockchains, Bitcoin Ethereum, virtually every deployed public job blockchain relies on this cryptography. And so it's really not a question of whether or not a quantum computer can break these systems. It's just a question of when we will get to a quantum computer of sufficient scale to do so.

B

Well, let's talk about that when? Because for a long time it sounded like this was something to worry about in the distant future. And now we have some reports that have come out that said, you know what, this is actually a lot closer than a lot of us think. It could just be a few years before quantum computers are breaking encryption on various blockchains that so many people in this ecosystem use every day. So talk to me about what came out in that Google report that has kind of shortened the timeline to this quantum risk.

A

Yeah, so the Google report was actually one of two reports that came out last week. There was another one from a team out of Caltech that kind of had, you know, similar. It was a similar breakthrough and I think indicates similar progress on quantum computing generally. But yeah, effectively these two papers were what are called resource estimates for a quantum computer. It's effectively the bar that the quantum computer you'd have to build would need to reach in order to break something like Bitcoin. Okay. And so, you know, and these resource estimates reflect a lot of different things. Reflects progress in the hardware, it reflects progress in the error correction, it ref. It reflects clever optimizations to the algorithms, all of these things. And you know, effectively the upshot of these resource estimates was it slashed the requirements to do these attacks to, you know, to run a quantum attack against, you know, the cryptography underlying Bitcoin by orders of magnitude in some cases. So the Caltech paper in particular showed that you only needed 10,000 physical qubits to potentially run Shore's algorithm. And just, you know, even a few years ago, actually a year ago around this time, there was a paper published that saying you needed a million. So it's two orders of magnitude reduction, which is why people are talking about it. This is driven actually both Google. And just a couple of days ago, Cloudflare also announced something similar. They're moving their own timelines to migrate to post quantum cryptography. So cryptography that's secure against the quantum computer year. They're moving their own timelines up to 2029.

B

I want to talk about this nine minute timeline that was outlined in the Google paper. Nine minutes to break a private key with. With the average block time being 10 minutes for Bitcoin. Talk to me about the significance there?

A

Yeah, the significance is quite large. I think. You know, for a long time, cryptographers and security researchers assumed that quantum computers wouldn't be able to run at the speeds that would be able to threaten transactions in the mempool. In other words, you wouldn't be able as a quantum adversary to front run, you know, people's transactions by basically harvesting their public key, cracking their private key and then signing a transaction on their behalf, all before a block confirmed. The Google paper actually showed that assumption was wrong based on the architecture that they have already built for their quantum computer, albeit at very small scale. And so they just extrapolate, basically, if they were able to scale their system, they show that you could actually run a quantum attack in around nine minutes. And they also talk about how that's potentially not even the lower bound. They say there could be further improvements in the future. Now the nine minute timeline is important because Bitcoin, that's within the window of a bitcoin block time. And furthermore, Bitcoin takes several blocks. Ultimately, I think the heuristic is people use several blocks before they count the block as confirmed firm. And so this is squarely in the realm of effectively threatening not just Satoshi's Bitcoin, but potentially everyone's Bitcoin should this quantum computer be realized. And it's important to emphasize at this point, again, that these papers do not describe a system that exists. They describe a system that could exist and they just basically lower the threshold for that system.

B

That's a good point you've made there. They're describing a system that could exist. What, what's the timeline? When could these systems exist? You and I have said it's much shorter than we previously thought. But what is it?

A

Yeah, look, I mean, it really comes down to how quickly we think these companies and these labs can close the gap. And so, you know, I think the timeline is inherent. There is inherent uncertainty and the uncertainty comes from two places. One, we're dealing with an area of frontier technology that very, very few people kind of understand. And furthermore, even the experts that are working on it, you know, I don't think could give you a hard estimate on exactly how many years it's going to take them to build these things. Right? And this is, this is just naturally how technology progresses, right? Sometimes things drag on for a while. Sometimes breakthroughs happen very quickly. We've seen the AI, like the growth of AI over the last few years, massively defy everyone's expectations. So I think that's, that's one Major factor. And I think the, you know, ultimately, when it comes down to the timeline, I'll use a quote from the, from the author of the paper from Caltech. He believes it is plausible, although not guaranteed that a quantum computer that could threaten Bitcoin might exist or could exist by 2030. Okay, so we have, you know, the people who, the smartest people who are building the systems believe that it is possible they can do it by 2030. Right. And so again, the, the question here for I think facing blockchains is not are we certain there will be a Quantum computer by 2030? I don't think that's the right question. I think are we certain there won't be? Is the right question. Because ultimately, going back to the way you open this conversation, the risk to these blockchain based systems is potentially existential. And so arguably there's a need and an urgency to prepare, which is exactly actually what the Google paper says in the last line of its abstract. It says, we, we urge every blockchain and decentralized ecosystem to migrate to post quantum cryptography without delay.

B

All right, so we have that 2030 timeline, potential timeline. Is it possible for these blockchain ecosystems to quantum proof before them? Can they catch up at the same speed that quantum is developing at, I mean, potentially.

A

So, okay, technically there's absolutely no reason why all these blockchain based systems can't adopt post quantum cryptography that has been standardized. Recently nist, the National Institute of Standards Technology standardized two algorithms, replacements for the classical digital signature schemes that quantum computing breaks. There's no reason why blockchains can't adopt those. And in fact the Ethereum foundation people may have been following has made this a priority for their roadmap. They really think post quantum cryptography is a key part of kind of the next version of Ethereum that, that they're pushing. And so this is, this is something they're already working on. I think the challenge around blockchains particularly is, is, you know, first off, there's a, there's a consensus issue, right? So consensus is the first. You know, blockchains are decentralized systems. That's what makes them trustless, arguably. But that means to change anything, you need to get a lot of, you know, a lot of people around the room saying yes, and then you actually have to implement those changes. And you know, the stakes for this are very high. Right. This cryptography secures, you know, trillions of dollars of value in aggregate. And unlike, you know, in the traditional banking system, there's no takebacks like there's no, no one can like rewrite the ledger. That's by design. Right. That's why we designed blockchains to be this way because they were supposed to be a permissionless alternative to that system. But the implication is that you kind of only get one shot at it. And so the stakes are much higher. In addition, because unlike again in like a traditional banking context, you know, the bank kind of has my money and then they can transact on my behalf. In this context, in crypto context, you know, not your keys, not your crypto. So even if all of this migration happens, you know, at the protocol level, individuals still have to move their funds and otherwise they will be quantum insecure. So for all those reasons, this timeline is going to potentially drag on a lot longer than I, than I think people often, you know, believe.

B

All right, talk to me a little bit about who's at risk here. Is it just legacy addresses? And I think there are people who are listening to this interview who are wondering what do I need to do to protect myself and protect my holdings.

A

Yeah, first, I mean, I'll take that one first. It's easy. I mean it depends on the network. You know Bitcoin, if you are not reusing the same address for multiple transactions, then more or less you're safe from everything except for the short range attacks described by the Google paper. And so there's a question of how quickly those will come. But you know, potentially you'd be safe from any quantum computer that wasn't running fast enough, you know, to attack the mempool. So good address hygiene on Bitcoin is important, you know, for Ethereum and other blockchains out there it's much harder. You know, Ethereum for example uses the address like account based system. And so you know, like if you have an ENS name that's your identity on chain, it's hard to not reuse that. I mean in fact it's, it's designed so you don't reuse it. Right. And so I think for Ethereum it's much, much harder. Fortunately, Ethereum has the opportunity to develop smart contract based wallets that use post quantum cryptography. Those will be coming out very soon, I think from a number of folks we're launching our own and so people will have options to be able to secure their, to secure their Ethereum on chain directly.

B

Now you mentioned the Satoshi era earlier on in this interview. I want to talk about Satoshi's Bitcoin. There are over a million Bitcoin in Satoshi's wallets. What happens there? I mean, the New York Times suggests that Atom Back is Satoshi, but if it's not Adam back and Satoshi is no longer with us, is it just a matter of time until a quantum computer is able to access those bitcoins sitting in those wallets? Stablecoins in North America are entering a new phase. A new CoinDesk research report examines the market's rapid expansion, which grew to a $308 billion market cap last year as adoption accelerates across payments, corporate treasury and tokenized assets. It also features a case study on rlusd, which surpassed a billion dollars in market cap in under a year. Discover how regulation, institutional adoption and projects like rlusd are, are reshaping the future of programmable dollars in North America. @coindesk.com Research history doesn't just happen.

A

It's built by the bold, the brave and the bullish consensus. Miami is where crypto culture and trillions in capital converge and ideas that fuel institutional scale are sparked. A place for those who refuse to settle for the status quo. The builders reprogramming the future of finance through every deal, every and decision breaking boundaries begins with being there. Experience that for center.

B

Markets move fast. Crypto moves faster. From the floor of the New York Stock Exchange, Coindesk's public keys tracks the money markets and moves shaping digital assets.

A

Great. And you actually reminded me the first part of your other question, which is what is vulnerable? So satoshi's coins is the classic thing that people point at. Right. And why is that the case? Well, because Satoshi, by the way, it's not all in one wallet. Satoshi, you know, the pseudonymous inventor of bitcoin. Perhaps it's at him back, perhaps it's not. You know, they were early. They were early. The, the early miner in the network. Like for a long time, bitcoin was just one person satoshi mining. Right. And so a lot of the block rewards at that time are spread across many wallets and there's. They're secured in what's called a pay to public key UTXO type. The public key is exposed there, which means that a quantum computer could theoretically attack any of those addresses. So in aggregate, you know, it's quite, it's quite a large amount, but it's spread across many different wallets. So I will talk about the significance of that because it is very significant kind of culturally in bitcoin. But I just want to take the moment to make the point that that is not all that is vulnerable in Bitcoin and in particular we actually maintain something called the Bitcoin risk list that tracks all addresses with exposed public keys and in there includes major exchange wallets, major bridge contracts, a whole bunch of on chain infrastructure. Just the reason being, you know, even though the recommendation is not to reuse your same public key, think about an exchange. Like it's kind of impossible not to, you know, have people prevent people from sending to old addresses that you've given them to deposit to. You know, so practically you actually, you know, tangibly, 35% of all Bitcoin is exposed to quantum attack. And this is based on data that we've collected that was cited in the Google paper. That's, you know, and for Ethereum it's even worse. It's closer to 70%. And then for block, some blockchains like Solana just use naked public keys without any, any hashing to hide the, to hide the, you know, the information that a quantum computer would need. All those assets are insecure. So, you know, everyone's got their own problem. And I don't, I, I think the takeaway for anyone here should be not that one chain is doing better than any other. I think they all have their own unique set of challenges. Let me return to Bitcoin and satoshi the challenge. Okay, so the question is what will happen? I mean, ultimately if we see a quantum computer. I would expect a quantum adversary or someone with a quantum computer to attempt to recover Satoshi's bitcoin either, you know, over time. I think that because the economic value of those coins, $150 billion or so, is very significant. Now the question is what does the community do about it? And you can, it doesn't take a very long exploration to discover that the community is very divided on this point. I think it puts two aspects of Bitcoin's philosophy in tension. One is this idea of property rights and the fact that, you know, no, no, you know, the, the, the greater whole cannot take from any individual, right? Not your keys, not your crypto. But the other is this kind of idea that bitcoin is digital gold, right? And digital gold should be stable. And you know, if we have some effectively back door that you can just steal bitcoin via, then it doesn't really sound like digital gold. Right? So these things are kind of intention. So there's this, and really this plays out in, in terms of how people think you should treat satoshi's bitcoin. Do you think that we should burn them, prevent the quantum adversary from getting them or do you think that they should just be left? And this was maybe what Satoshi potentially Adam back intended. That would be ironic, I think, given Adam's comments. But yeah, it's a very deep philosophical issue. And, and this is again one of the other reasons why I think delaying talking about this is ultimately a worst case scenario because it's not going to get less contentious, it's only going to get more contentious as the technology progress progresses.

B

Now you're a former Green Beret, so I want to talk about this from a national security point of view. I mean, are adversaries already collecting encrypted data, sitting on it and waiting until we have quantum computers to unlock it?

A

Yeah, I mean, absolutely. So in the kind of traditional security realm, you know, this is an attack. It's called harvest now, decrypt later. So blockchains typically don't use encryption. It's more the signatures that break. But it's the same effectively thing, right, where they can, you know, I can just collect an exposed public key now and then I can attack that key at any time in the same way that I can collect some encrypted data now that was, you know, secured by this asymmetric cryptography that's now vulnerable. And I can decrypt that later with my quantum computer. So two, two comments on that. One is, I think the, the blockchains are just more vulnerable because if you think about decrypting messages, like I don't, you know, you give me a sealed envelope and you don't tell me what's in it, or you give me a thousand sealed envelopes, you don't tell what's in it. You know, I just got to go one by one and open them. Who knows if there's anything valuable in there. Whereas I can go on chain right now and look at Binance's cold wallet and tell you exactly what that is worth if I am able to execute this attack. Right. So I think, I think that is one reason why I think the breaking encrypted data, other than for espionage, if a government is paying these agencies or these entities to do it, sure. But I think if you leave that aside, I think the economic incentives overwhelmingly favor blockchains. However, I do think from a national security perspective, I mean, look, breaking into or destroying the integrity of these decentralized systems I think might very well become nation state objectives. Right? Look at China. So China obviously has a very different economic system than we do, potentially has a large incentive to destabilize alternatives to that economic system like Bitcoin. In addition, look at the stablecoin ecosystem that's evolving around the US dollar. Obviously the current administration is pushing that because they see it as a way to continue to proliferate dollar dominance. These stable coins are just, it's smart contracts issued on blockchains that by the way are governed by keys that would be vulnerable by a quantum computer. I think quite frankly there's a very large national security risk that a nation state level adversary with a quantum capability might end up attacking those. Because the last thing to note about this attack, I think, and this is often a misconception that people have, there's not, when a quantum computer comes online and runs this attack, there's not going to be a flashing neon sign in the sky that says this is a quantum computer. It's going to look like effectively someone lost control of their private key, which happens, as we know, in crypto all the time. And it may only be six to 12 months after the fact that people even realize this capability exists. So I think the, this is just another dimension to the uncertainty, you know, around this question.

B

What do you think is going to happen? Do you think that people are taking this as serious as they should?

A

What do I think is going to happen? Look, I think I'm, I'm very heartened over the last few weeks in light of these papers. I mean first off, some of the authors, I mean, Justin Drake, you know, runs the Ethereum Foundation, Dan Bonet is a Stanford cryptographer. I know both of them personally and I think both of them have previously to me expressed skepticism about whether or not this was going to be a real problem. And in the last year they've clearly updated their mental models and priors and you know, signed on to being co authors of this paper, which expresses urgency around solving it. Right. And increasingly I think there's awareness around this. Increasingly people are talking about it. And in the case of like the Ethereum foundation and other networks, like we work with Solana foundation, we've, you know, we've got some other partnerships that we're going to announce soon at Project 11, you know, people are interested in starting to solve this problem. And so I'm encouraged by that. Look, that said, I don't think it's likely that 100% of all digital assets will migrate to post quantum cryptography. I mean, I think even if the major networks do, you can kind of look around the ecosystem. There's a lot of networks that kind of, for better or worse are abandoned or just legacy. And there's not an active community around them and developing them. And this is going to take a significant effort, both in terms of time and in terms of money to develop these new algorithms, test them rigorously, and deploy them across not just, you know, the nodes, but all of the infrastructure that's relying on it. And so look, I think it's very likely that a quantum computer will come online before all digital assets are secured. And, you know, and I think the question is, how do people protect themselves? That's why these, you know, solutions that we're developing, for example, which enable people to secure their value without necessarily having to worry about or rely upon the protocol teams, I think, to me is going to be a critical part of the answer.

B

If you had to estimate how much it costs monetarily to develop post quantum cryptography, what number would you put to that?

A

I think I put it on the order of tens of millions of dollars, probably 50 to $100 million is what I would say. And I use that based on developing, you look at major layer one protocols that do develop and deploy novel cryptography. You know, these, these protocols often raise in excess of, you know, $100 million. And that's so kind. I, I kind of think of that as the price tag of deploying some new L1 with new cryptography. And I think that's the lower bound here because effectively all of this cryptography is new cryptography. And it's even complicated a bit by the fact that unlike a new layer one, which kind of, you know, you're building from the ground up here, you've already got a house with people living in it, and you're basically replacing the foundation while, while people are continually living in this house. Right. So technically, what does that mean? You know, it means that a lot more has to be accounted for in the design of this cryptography. There are a lot more hard trade offs. Right. For example, Bitcoin, you know, signatures today are quite small, right? There's, you know, a couple hundred bytes for basically total for a transaction. The smallest post Quantum signature is 10 times that. And some of the ones that are being, you know, the, the constructs that are being favored currently in discussions are 15 to 20 times that size. So look, I mean, what does that mean? It means bitcoin blocks potentially are either going to have to get 15 to 20 times bigger or throughput's going to have to decrease by 15 or 20 times or you're going to have to bolt on some extra thing like maybe a zero knowledge proof to compress these signatures. But now we're adding stuff, right? So now this is more cryptography. So, you know, add added complexity means added time for testing, added time for development, added cost. So, yeah, I mean, in all honesty, my view is I think this is a tens to potentially $100 million migration for depending on how widely used the ecosystem is. Right. And I think that probably even doesn't count the work that infrastructure providers all have to do. Right? Because like Coinbase or Anchorage or anyone, any infrastructure provider that's currently integrating with these systems has to integrate this cryptography, but they also have to audit it all themselves and make sure that their implementations are secure. Again, this is like, I'm glad you're bringing this up because this is, this is really what, what drove me to found Project 11 and got me into this problem is because I think the question of when will quantum happen is, you know, look, it's a hard question, maybe soon, maybe late. But I think if you sit down and think about how much blockchain adoption has proliferated over the last 10 years and as a result, how hard it will be to kind of in flight replace the engines of this thing, I think your timelines for that start extending out and then you have to wonder, okay, how much am I willing to roll the dice that a quantum computer won't exist?

B

Yeah, I mean, as you're talking, I have so many more questions popping up into my head, and one of them is this big narrative over the past year has been institutional adoption institutions coming on chain. They are choosing a variety of different permissioned and permissionless environments. Are institutions at risk here, given how they're interacting with blockchains and, and how should they be thinking about this? Because I know that institutions had so many concerns that have been alleviated along the way, and this sounds like maybe what should be the biggest concern. But I don't hear institutions talking about it a lot.

A

Yeah, I think there's a couple reasons for that. I mean, institutions have finally come around to deciding that this is an asset class they want to play in. Then that took, you know, as you know, Jen, took a long time for people to buy off on that. And I don't think the potential threat of a quantum computer destroying the viability of these networks is anything they want to hear or talk about. I think there's been a lot of rationalization from kind of the official channels from many institutions around whether or not this is a real problem. But privately, in our discussions with many of these very large institutions that are stakeholders in these networks, there is significant concern and Interest in solving the problem. So I guess maybe that's the good thing is I think institutions do care about this. They do see this as an issue. And by the way, I think to the extent there are institutions that have not adopted blockchain or blockchain based rails, I mean, this might be, I mean, this is a reason that gets cited. I mean, Ray Dalio is kind of going all over the place being like, oh, bitcoin can't be digital gold until they figure out this quantum thing. And I think that does, that does sway people. Ultimately, what these institutions need to do and really what everyone needs to do is I think this is a moment where people have to grapple with the reality of a decentralized system in which there is no single owner that can fix everyone's problem. People have to band together and work together and find mechanisms to collaborate to solve the problems together. I'm confident that we can. I mean, if you look at Ethereum and the history of Ethereum, like Ethereum switched consensus protocols midstream after they had a lot of adoption, and I think that was a triumph for decentralized governance and coordination across many, many disparate entities, there's no reason you couldn't do that again. I think the willingness has to exist. And I think unlike that other time, I think the danger here is that everyone's impulse is to just ignore the problem and keep ignoring the problem until the evidence becomes too obvious to ignore. But at that point, just in light of how powerful the capability it is, at that point there just may not be enough time to realistically do anything.

B

There was this theory that whales were selling their Bitcoin because of the risk that quantum poses to the bitcoin ecosystem. Do you think that's true?

A

I don't put as much stock in that theory. Look, I think people who are whales or longtime Bitcoin holders, I think are confident enough in the system that they think it can weather many threats, including this one. This is not the first threat that bitcoin has faced, as you know. I do believe though, that if this cloud that is hanging over the bitcoin and other digital assets was removed, I think further adoption and proliferation and therefore price appreciation would happen. So I think, I don't necessarily know if I put like I would attribute the selling that's happened in bitcoin to this problem, but I think it may be holding buyers off on the sidelines where they would otherwise be jumping at the opportunity. Opportunity to buy the dip.

B

All right, Alex, before I let you go, I know, you're going to be with us at ConsenSys in just over a month. There's going to be about 20,000 people joining us in Miami. For those people who may not understand the impact of Quantum on this industry, what should they know?

A

Yeah, what's to know is that I think the last week was a real paradigm shift in the quantum, you know, quantum computing, and this is widely acknowledged by the quantum physics community. They should. We should not ignore that. We should treat this as the urgent problem that it is. Every individual should advocate, in whatever form or way that they think they can, to address this for whatever network that they are a stakeholder in. The way this fails is in this, you know, in a world where there's this reverse bystander effect where Jen's looking at me, I'm looking at you, and we're all saying, I guess you're fixing it, right? And then no one does anything. And then at the end of the day, the systems that we've all worked so hard to build and, you know, and to proliferate into the world are, you know, effectively destroyed by this technology. That, by the way, is not all bad. We should welcome Quantum. There's a lot of amazing things it can do, but I think we just have to prepare. And being prepared means we need to start taking action now.

B

Alex, thanks so much for joining me and we'll see you in Miami.

A

Yeah, looking forward to that. Thank you very much.