a16z Crypto: Public Chains Like BTC and ETH Should Focus Security Efforts on Protocols and Governance, No Need to Blindly Switch to Quantum-Resistant Solutions

Odaily News a16z Crypto published a lengthy article on the X platform, stating that the timeline for the emergence of a Cryptographically Relevant Quantum Computer (CRQC) capable of breaking cryptocurrencies is often exaggerated, with an extremely low probability of its appearance before 2030. The risk profiles of different cryptographic primitives vary. Quantum-resistant encryption faces "Harvest Now, Decrypt Later" (HNDL) attacks and requires immediate deployment. However, quantum-resistant signatures and zkSNARKs are not susceptible to HNDL attacks. Premature migration could instead introduce risks such as performance overhead, immature implementation, and code vulnerabilities. Therefore, a prudent rather than hasty migration strategy should be adopted. For blockchains, most non-privacy public chains like Bitcoin and Ethereum primarily use digital signatures for transaction authorization, thus they do not face HNDL risks. Their migration pressure mainly stems from non-technical challenges such as slow governance, social coordination, and technical logistics. Special issues faced by Bitcoin include its slow governance speed and the existence of millions of tokens worth hundreds of billions of dollars that are quantum-vulnerable and potentially abandoned. In contrast, privacy chains, because they encrypt or hide transaction details, do face HNDL attack risks to their confidentiality and should transition as early as possible.

a16z Crypto emphasized that in the coming years, compared to the distant threat of quantum computers, implementation security issues such as code vulnerabilities, side-channel attacks, and fault injection attacks are more urgent and significant security risks. Developers should prioritize investing in code audits, fuzz testing, and formal verification.