Wallets Rush to Post-Quantum Security as Bitcoin and Ethereum Protocols Take the Slow Road

The real quantum risk for crypto isn’t just math—it’s sequencing. Wallet and custody providers are sprinting to deploy post-quantum defenses today, while base-layer protocol changes on Bitcoin and Ethereum could take years. With some estimates placing a credible “Q-Day” as soon as 2030, the industry is trying to harden the edges first, before the core moves.

One prominent path: upgrading existing multi-party computation (MPC) stacks with post-quantum signatures. Silence Laboratories has added MPC support for ML-DSA—one of the National Institute of Standards and Technology’s selected post-quantum signature standards—after a six-month evaluation of NIST’s approved algorithms: SPHINCS+, Falcon, and CRYSTALS-Dilithium. Their takeaway is pragmatic: not every algorithm is equally “MPC-friendly.” Differences in signature size, computational cost, and implementation detail mean chains and vendors may pick divergent schemes, introducing fragmentation that product teams will have to manage.

Technically, the MPC posture remains familiar to institutions. Private keys are split into shares across isolated nodes and signatures are generated collaboratively without key reconstruction. That distributed design already underpins custodians and bank-grade wallets; it aligns with how firms like BitGo’s partners and bank desks manage operational risk. Silence’s pitch is continuity: a code-level upgrade to a post-quantum MPC signing layer, delivered through a wallet SDK. No architectural overhaul, no new user motions—the MetaMask-like UX stays the same while the cryptography shifts under the hood.

Others are exploring overlays to avoid protocol churn. A wallet from Postquant Labs adds quantum-resistant signatures on top of Bitcoin via a separate smart contract layer, sidestepping base-layer edits. In a different vein, StarkWare researcher Avihu Mordechai Levy outlined a “last-resort” approach that swaps Bitcoin’s elliptic-curve signatures for hash-based constructions that fit within current rules. It can work within today’s constraints, but it isn’t designed to scale and could be very costly.

Here’s the crux that often gets glossed over: coordination risk eclipses algorithmic risk. Wallet-level hardening can buy time, but if base layers and major L2s don’t adopt compatible verification rules, you end up with “quantum-resistant” signers pushing transactions into networks that still validate legacy signatures. Overlay approaches add fee overhead and complexity; protocol upgrades demand consensus and years of rollout. Meanwhile, chains may standardize on different NIST algorithms, with uneven signature sizes and compute profiles—fertile ground for UX inconsistency, developer confusion, and vendor lock-in.

Behavioral realities compound the problem. Many users and even some institutions anchor to convenience—address reuse, lax key hygiene, slow patching. Silent upgrades help, but they don’t neutralize poor operational discipline. And there’s an ethical line: marketing a wallet as “quantum-proof” before the end-to-end path—wallet, network, and migration plan—is in place risks overpromising. “Quantum-resistant” reflects the state of play more accurately.

My view: MPC-first upgrades are the sensible near-term bridge for custodians and banks. They leverage existing infrastructure, minimize friction, and position teams for a coordinated cutover as Bitcoin, Ethereum, and key L2s advance their own roadmaps. But success depends on sequencing and standardization. Teams should pilot ML-DSA within MPC, evaluate SPHINCS+ and Falcon where performance or size is decisive, and prepare rekeying and address-migration playbooks. The winners won’t just ship new signatures—they’ll orchestrate the cross-stack transition with clear user messaging and tight coordination with protocol developers.

Quantum computers capable of breaking today’s cryptography aren’t here yet, but the timetable is tightening. Wallet-side fixes move fast, and they should. Just don’t mistake a strong first step for a completed marathon; without protocol-level alignment, it won’t hold.