Empowering tomorrow’s leaders. Mission
Summary: In this article, Sofiia Shmyhol explores recent advancements in quantum computing and their impact on blockchain and cryptographic security. Analysing legal implications, she examines the judicial complexities and challenges that these developments may cause, including liability for blockchain projects and crypto companies, compliance and regulatory risks, and discusses other key legal implications.
Junior Associate
Quantum computing is a revolutionary technology that processes information differently from traditional computers. Instead of using bits (which are either 0 or 1), quantum computers use qubits, which can be both 0 and 1 simultaneously.
This unique ability allows quantum computers to perform complex calculations much faster than traditional systems. They can analyze massive datasets and solve tasks and calculations that would take traditional computers millions of years. However, despite their immense potential, quantum computers are still in development and require advanced technology and extreme conditions, such as near-absolute zero temperatures and controlled quantum states, to function properly.
The concept of quantum computing originates from the principles of quantum mechanics, which were first explored in the early 20th century. By the 1990s, theoretical advancements such as David Deutsch’s quantum computing model and Shor’s algorithm demonstrated that quantum systems could efficiently factor large numbers — an ability that posed a direct challenge to modern cryptographic security. This discovery underscored the disruptive potential of quantum computing, particularly in breaking widely used encryption methods such as RSA, a public-key cryptosystem, one of the oldest widely used for secure data transmission.
In the early 2000s, researchers developed small-scale quantum devices that validated these concepts, leading to increased investment and development from major technology firms. In recent years, companies like IBM, Google, and Microsoft have made significant strides in quantum computing, achieving quantum supremacy in limited applications and paving the way for more advanced implementations.
In December 2024, Google introduced Willow, a next-generation quantum chip designed to push the boundaries of computational power. Willow represents a significant breakthrough in quantum supremacy, demonstrating the ability to outperform classical supercomputers in solving tasks and calculations previously considered intractable. Its immense processing power allows it to complete tasks that would take conventional supercomputers billions of years in just minutes.
With the unveiling of Google's Willow quantum chip and groundbreaking advancements from other industry leaders, quantum computing is no longer just a theoretical pursuit — it is becoming a reality. As this technology moves toward practical application, concerns about its disruptive potential are escalating, particularly in the realm of cryptographic security. The implications for Web3 and blockchain technology are profound, as quantum breakthroughs threaten to challenge the very foundations of digital trust and traditional encryption methods, particularly those used in blockchain technology and financial transactions.
Cryptocurrencies like Bitcoin rely on strong encryption algorithms such as SHA-256 for mining and ECDSA for virtual signatures, which ensure the security and integrity of blockchain transactions. While classical computers must test combinations sequentially to break these cryptographic protections, quantum computers can analyze millions of possibilities simultaneously due to their unique quantum properties.
The 105-qubit Willow chip lacks the scale and error correction capabilities necessary to break blockchain encryption today. For example, According to a 2022 research study by Universal Quantum, breaking Bitcoin encryption in a single day would require a quantum computer with 13 million qubits, far beyond Willow’s capabilities.
In asymmetric cryptography, private-public key pairs are mathematically related, allowing digital signatures to be verified using public keys. While deriving a private key from a public key is computationally infeasible with classical algorithms, quantum computers, such as Willow, could break this security. Since blockchain transactions publicly expose addresses linked to public keys, a sufficiently powerful quantum computer could potentially derive private keys and falsify signatures, compromising Bitcoin security.
Let’s consider Bitcoin. At present, Bitcoin transactions take approximately 10 minutes to be confirmed, unless the network is congested. Current scientific estimates suggest that breaking an RSA key — cryptographic key used in asymmetric encryption, consisting of a public key for encryption and a private key for decryption, ensuring secure virtual signatures — with a quantum computer would take approximately 8 hours, while hacking a Bitcoin signature could take around 30 minutes.
As long as quantum computers require more time to derive private keys from its corresponding public key than the duration of a transaction, virtual assets remain safe from quantum attacks. However, quantum computing is progressing rapidly, and it remains uncertain how quickly these machines will improve. If the time required to derive a private key from a specific public key is ever reduced to less than 10 minutes, Bitcoin blockchain security would be in immediate jeopardy. To mitigate this, avoiding address reuse is crucial, as unused addresses do not expose their public keys.
To mitigate these risks, Web3 projects may be required to take proactive measures to safeguard their cryptographic infrastructure. One crucial step is integrating quantum-resistant encryption algorithms, such as those being developed through the National Institute of Standards and Technology (NIST) Post-Quantum Cryptography (PQC) initiative. Additionally, smart contract protocols may require significant redesign to support quantum-secure authentication methods and resilient digital signatures, ensuring long-term security in a post-quantum world.
A viable approach to mitigating quantum risks is to design immutable smart contracts that lack functionality to move user funds arbitrarily. This ensures that only a specific user can withdraw their designated funds from the contract, preventing unauthorized access. However, even with such a structure, security would still depend on the integrity of the user's private keys and digital signatures, which are ultimately governed by the blockchain's cryptographic framework.
The QuBit Bitcoin Improvement Proposal (BIP) by Hunter Beast introduces Pay to Quantum Resistant Hash (P2QRH) addresses, using quantum-resistant signatures to protect against attacks leveraging Shor’s algorithm. The proposal outlines a four-stage upgrade, leading to a Taproot-compatible standard and a soft fork for quantum-secure addresses. QuBit aims to make quantum attacks economically unfeasible rather than impossible, with full quantum security requiring future hardware advancements.
Therefore, the primary focus must be on updating the blockchain itself to implement quantum-resistant security measures, as individual users cannot independently safeguard their assets against quantum attacks without a fundamental upgrade to the network's cryptographic infrastructure.
The rise of quantum computing introduces significant legal challenges, particularly in the areas of cybersecurity, decentralised finance (DeFi), and blockchain governance. The ability of quantum computers to break existing encryption standards could lead to widespread data breaches, financial fraud, identity theft, and regulatory non-compliance. Because blockchain networks are decentralised, there is no central authority responsible for security, updates or compliance. If quantum computers become capable of breaking blockchain encryption, it will be difficult to coordinate security updates and hold anyone responsible for potential failures.
For businesses and Web3 projects, failure to implement adequate security measures against quantum threats could result in legal liability. Businesses handling sensitive financial transactions or storing virtual assets, such as exchanges and payment platforms, may face lawsuits or regulatory penalties if they do not take sufficient steps to protect user data and funds. This could lead to legal actions, particularly in jurisdictions where financial institutions and service providers are required to maintain reasonable security measures against foreseeable threats. Legal claims related to negligence, breach of contract, and misrepresentation may arise if businesses fail to update their systems despite the known risks posed by quantum advancements.
Governments, recognizing the growing risk, may also implement stricter regulations to mandate the adoption of quantum-resistant encryption, requiring blockchain projects to update their security measures or transition to quantum-resilent software and smart contracts. Businesses that fail to comply with new security regulations may face fines, operational restrictions, or legal penalties. Regulators may also require enhanced disclosures regarding quantum-related risks, compelling blockchain projects to be more transparent about their security roadmaps and contingency plans.
Beyond technical upgrades, legal risk management is equally crucial. Transparent communication regarding quantum threats can help strengthen legal defenses and maintain regulatory compliance. Clearly outlining potential vulnerabilities in white papers, risk disclosure statements, and other user documentation not only informs stakeholders but also demonstrates due diligence in addressing emerging security concerns.
Blockchain projects should consider explicitly incorporating quantum-related risks into force majeure clauses. A well-crafted provision could acknowledge unforeseen technological disruptions, including breakthroughs in quantum computing that compromise encryption, digital signatures, or blockchain integrity. This ensures that, in the event of a sudden cryptographic failure due to quantum advancements, affected parties may be protected from liability for security breaches, unauthorized transactions, or regulatory non-compliance.
Furthermore, user education plays a critical role in mitigating quantum security risks. Users must understand the threats quantum computing poses to cryptographic security and take proactive measures to protect their assets. Educating them on quantum-resistant authentication methods, secure key management, and the risks of address reuse is essential. By fostering awareness and emphasising best practices, businesses can reduce vulnerabilities at the user level and ensure individuals actively contribute to securing their credentials and digital assets in a post-quantum world.
While quantum computing is advancing rapidly, it does not yet pose an immediate threat to blockchain security. Current encryption methods remain robust, and estimates suggest that it will take at least a decade before quantum technology reaches a level where it can effectively break cryptographic systems like those used in Bitcoin. Despite its impressive computational power, Google’s Willow chip is not yet capable of compromising modern encryption, and researchers remain confident in their ability to develop countermeasures.
As quantum technology evolves, the need for quantum-resistant cryptographic solutions will become increasingly urgent to maintain the security of virtual assets and information in a quantum-powered world. The blockchain and cybersecurity industries are actively working on solutions to address potential quantum threats. Efforts are underway to develop post-quantum cryptographic standards that can withstand attacks from future quantum computers, ensuring the continued security of decentralized networks.
Those who fail to prepare may face not only financial losses but also legal repercussions, including regulatory penalties and lawsuits. Meanwhile, forward-thinking Web3 projects that proactively adopt quantum-resistant solutions will not only protect their business and users but also establish themselves as pioneers in the next era of secure blockchain innovation.
Managing partner