Project Eleven CEO Alex Pruden delivered a stark warning at Consensus Miami 2026 on Wednesday, telling the Bitcoin developer community that a post-quantum migration is not only inevitable but must begin now. In his address, Pruden stressed that the transition to quantum-resistant signatures will be far more challenging than the Taproot upgrade, which itself took half a decade to fully activate.

“The asymmetry between acting on a post-quantum signature scheme today and waiting for certainty about quantum-computing hardware timelines means we should move from research into production,” Pruden told attendees. His remarks come as the broader crypto industry grapples with the looming threat of sufficiently powerful quantum computers that could break elliptic curve cryptography, the bedrock of Bitcoin’s current security model.

Why Post-Quantum Migration Is More Complex Than Taproot

Taproot, activated in November 2021 after years of development, introduced Schnorr signatures and Merkelized Abstract Syntax Trees (MAST) to Bitcoin. It was an opt-in upgrade: users and wallets that did not adopt Taproot could continue operating without any increased security risk. That opt-in flexibility allowed the ecosystem to upgrade gradually, with wallets, exchanges, and node software implementing Taproot support over several years.

A post-quantum migration, by contrast, will require universal participation. Every single bitcoin user, wallet, and exchange must adopt new signature schemes to remain secure. The reason is straightforward: once a quantum computer becomes powerful enough to derive private keys from public keys, any Bitcoin address that has ever revealed its public key (e.g., through a transaction) becomes vulnerable. Non-technical jargon hides a terrifying reality: coins sitting in addresses that have not moved since before the quantum threat matures could be stolen the moment the attacker extracts the public key from a spent transaction.

“This is not like Taproot, where you could choose to upgrade or not,” Pruden explained. “With quantum, if you don’t migrate, you risk losing everything. That changes the entire upgrade dynamic.” The requirement for 100% adoption means Bitcoin developers cannot rely on the typical soft fork process, which often leaves old software operational albeit with reduced functionality. A post-quantum soft fork would essentially force all nodes, miners, and users to update simultaneously, a coordination challenge unprecedented in Bitcoin’s history.

The Quantum Threat Timeline

Estimates for when a quantum computer will be capable of breaking Bitcoin’s elliptic curve digital signature algorithm (ECDSA) vary widely. Some scientists predict a practical threat within 10 to 20 years; others believe the technology may take decades longer or prove fundamentally infeasible at scale. Despite this uncertainty, Pruden argued that waiting for certainty is a dangerous luxury.

“If we wait until a quantum computer is demonstrated to break a 256-bit elliptic curve, it will be too late. The attacker will already have the capability, and millions of coins will be at risk in the time it takes to deploy a new signature scheme,” he said. Project Eleven, a Bitcoin-focused technology firm, has been researching post-quantum signature schemes for several years, analyzing candidates from the NIST post-quantum cryptography competition, including CRYSTALS-Dilithium, FALCON, and SPHINCS+.

Bitcoin’s current approach to cryptography is based on the security of the elliptic curve discrete logarithm problem. Post-quantum cryptography replaces that with mathematical problems believed to be hard even for quantum computers, such as lattice-based, hash-based, or multivariate cryptography. However, these alternative schemes often require larger signatures and verification times, which would increase transaction sizes and potentially alter Bitcoin’s consensus rules. For example, a Dilithium signature is about 2.5 kilobytes, compared to ECDSA’s 70–72 bytes. That is an overhead that could affect network throughput and storage costs.

“We need to design the migration so that it is compatible with Bitcoin’s existing block size constraints and transaction relay policies,” said Pruden. “It may require a new address format, perhaps even a new script type, and careful coordination with wallet providers and exchanges.”

The Recycling Debate: Quantum-Vulnerable Coins

During the Q&A session at Consensus Miami, Pruden was asked about the fate of coins that remain unspent in quantum-vulnerable addresses at the moment quantum computers become operational. One controversial proposal is to “recycle” such coins back into Bitcoin’s supply curve, effectively confiscating them to prevent an attacker from claiming them. Pruden gave a nuanced personal view.

“Personally, recycling dormant quantum-vulnerable coins back into Bitcoin’s supply curve would put me overall on the confiscation side,” he said, though he quickly added that the community and market would ultimately decide. “This is a governance decision, not a technical one. The Bitcoin network has no mechanism to discriminate between legitimate and illegitimate spending if the private key is known. If we do nothing, those coins could be stolen. If we intervene, we must accept some form of redistribution or deletion.”

The recycling idea has drawn sharp criticism from libertarian-minded bitcoiners who see any forced redistribution as a violation of property rights. Others argue that a one-time confiscation of unspent coins that have not moved for, say, 20 years could be justified to preserve the overall security of the network. Pruden’s comments reflect the deep philosophical divisions within the Bitcoin community regarding the appropriate response to quantum disruption.

Past Upgrades as Blueprints

Bitcoin’s history of major protocol changes offers some guidance. Segregated Witness (SegWit), activated in 2017, required a user-activated soft fork and took years to gain widespread adoption. Taproot, which followed, was smoother but still depended on wallet updates and exchange support. In both cases, opt-in functionality allowed gradual rollout. A post-quantum upgrade, by contrast, cannot be opt-in: if any portion of the ecosystem does not upgrade, its users remain vulnerable and potentially a point of failure for the entire network (through contamination, sidechannels, or social trust).

Pruden called for Bitcoin developers to begin drafting Bitcoin Improvement Proposals (BIPs) for a post-quantum signature scheme now. “Research is important, but production is more important. We need to ship code, test it on testnet, and then have a clear activation plan. Even if the threat is 20 years away, the migration will take at least 5 to 10 years to fully deploy across all users, especially those in less connected regions.”

The timeline for the Taproot upgrade was roughly five years from initial proposal to activation. Post-quantum migration could take longer because of the universal participation requirement and the additional complexity of larger signatures. Moreover, wallets running on constrained devices (e.g., hardware wallets, mobile wallets) may need performance optimizations to handle the heavier cryptographic operations.

Industry Reaction and Next Steps

Shortly after Pruden’s talk, several Bitcoin developers took to social media to discuss his call to action. Some agreed that a proactive approach is essential; others cautioned that rushing could introduce vulnerabilities if the chosen scheme is later found weak. The NIST post-quantum standardization process continues, and Bitcoin may want to align with the final NIST standards to benefit from peer review and hardware acceleration support.

Meanwhile, other blockchain networks are already experimenting with post-quantum signatures. Quantum Resistant Ledger (QRL) uses hash-based signatures from inception, and Ethereum researchers have explored lattice-based options for future upgrades. Bitcoin, however, has the largest user base and the highest security requirements, making its migration the most critical and most challenging.

Pruden concluded his remarks by emphasizing that the Bitcoin community cannot afford to wait for perfect certainty. “We can’t predict exactly when quantum computers will break ECDSA, but we know it will happen eventually. The cost of being wrong by five years is far less than the cost of being wrong by one month after an attack becomes possible. We have to start now, and we have to work together.”

Project Eleven plans to release a technical white paper later this year detailing a proposed post-quantum signature scheme for Bitcoin, along with a roadmap for incremental deployment. The firm is also coordinating with major wallet providers and mining pools to gauge interest and gather support for a potential soft fork in the coming years.

As the Consensus Miami conference continues, the conversation around post-quantum Bitcoin security is expected to intensify, with panels devoted to quantum threat modeling and cryptographic agility. For now, Pruden’s message is clear: Bitcoin’s post-quantum migration will be the hardest upgrade in its history, and the time to begin is now.

Source: Coindesk News