🧐 a16z Annual Analysis: Are Quantum Attacks Really That Scary?

Quantum Computing × Blockchain, has been called a "catastrophic threat" over the past few years.
But a16z's latest analysis directly douses the industry's enthusiasm:
👉 Quantum is not the biggest threat; migrating to PQC too early is.
I've broken down the whole article into three core sentences:
1️⃣ Quantum attacks still have at least 10 years to go
The media loves to scare: "Quantum machines will crack private keys!"
But the real situation is—
Quantum computers capable of cracking ECDSA / RSA are currently less than 1% complete.
a16z: The most optimistic estimate is over 10 years.
So, there's no such thing as "quantum will blow up the blockchain next year."

2️⃣ The real danger is not quantum, but PQC (Post-Quantum Cryptography) itself
Many in the industry think:
"Quantum is coming → switch to PQC quickly!"
But the problem is—
PQC is not mature enough now, and the migration path is huge, representing a bigger potential disaster.
The current state of PQC is like a newly launched L1:

Insufficient attack samples
Immature toolchain
Standards constantly changing
Complex implementation
Wallets, nodes, and ecosystems aren't ready
It's not insecure, but unproven secure.
Migrating the entire chain essentially involves betting trillions of assets on a "testnet-level algorithm."

3️⃣ The greatest systemic risk comes from “the migration itself”
Migration is not just “changing a signature algorithm.”
It will impact everything:

Assets need re-signing
All addresses need reformatting
Wallet logic needs rewriting
Multisig/MPC needs complete reconstruction
Contracts need upgrading
Cross-chain bridge designs need overhaul
Node consensus needs re-testing
Any mistake in coding or key management—
💥 can cause damage faster, bigger, and more irreversibly than quantum attacks.
That’s why a16z explicitly states:

The real danger is not "migrating too late," but "migrating too early."

🔍 So, what should blockchain be afraid of now? Not quantum, but ourselves.
The causes of recent huge losses include:

Multisig vulnerabilities
Wallet seed leaks
Cross-chain bridge hacks
Contract logic errors
Social engineering attacks
Have nothing to do with quantum at all.
a16z:
The industry truly lacks in engineering robustness, not the next panic.

🧩 So, what should the industry do now? Not switch algorithms, but prepare an "upgrade path"
Quantum will definitely arrive someday, but the future PQC will not be the same as today.
The correct approach is:

Reserve address formats for future upgrades
Support seamless signature switching in wallets
Reserve soft fork entry points in protocols
Have a rehearsable migration process
Phase-wise key switching
Modular signature schemes
Allow parallel operation of old and new algorithms
In other words:
👉 It’s not about having a parachute now, but ensuring you can switch parachutes in the future.

🎯 The last, and perhaps most overlooked, truth
The industry’s biggest misconception isn't fearing quantum,
but thinking “switching to PQC is easy.”
Quantum threats are long-term,
Engineering failures can happen tomorrow.
Don’t entrust the future of blockchain to unnecessary panic.
#a16z