Vitalik Buterin outlined four components of Ethereum that he believes are potentially vulnerable to quantum computing: the consensus system, data availability, digital signatures on external accounts (EOA), and zero-knowledge proofs (ZK) used in the application layer.
The network’s co-founders explained that these four aspects of the network are protected by an encryption scheme based on mathematical problems enabled by sufficiently advanced quantum computers. It may be easier to solve than the classical system.
In light of this situation, Mr. Buterin, who has been warning about quantum threats, said: Could arrive in 2028he shared in a February 26 post 4 suggestions Achieve quantum resistance by considering four factors.
Vitalik’s proposal was in line with the roadmap presented by the Ethereum Foundation (EF). As reported by Criptonoticias, this includes seven hard forks (hard fork) until 2029 to protect Ethereum from quantum computing.
In this way, changes are being planned on the premise that quantum threats will become more serious. It’s closer to reality than you think. Therefore, Buterin’s explanation focuses on the four problems detected and their possible solutions, which are discussed below.
1. Consensus: Replace public key cryptography
Ethereum consensus uses BLS signatures (according to researcher Boneh-Lynn-Shacham). This is a type of public key cryptography. This scheme allows Ethereum to aggregate many signatures into one. Reduce data and increase efficiency When thousands of validators confirm a block.
The problem is that BLS is based on Elliptic Curve Cryptography (ECC) and this type of cipher. Can be vulnerable to quantum algorithms such as shawl.
buterin suggests Replace BLS signatures with signatures based on hash functions. Like Winternitz, it is thought to be resistant to quantum computing. These do not rely on elliptic curves, but produce larger signatures.
To prevent block size from increasing rapidly, consider combining hash functions with STARK (Transparent and Scalable Arguments of Knowledge). A type of encryption that allows you to demonstrate that many signatures are valid in a single test.
Buterin also warned: The choice of hash function is importantBecause it has the potential to become the definitive Ethereum standard in the post-quantum scenario.
2. Data Availability: Waiver KZG Commitment
The Ethereum network uses KZG (Kate-Zaverucha-Goldberg) commitments. This mechanism allows you to cryptographically compromise a data set and prove that some of that data belongs to the original set. this, Without revealing all the details.
KZG is essential for “data availability,” or ensuring that information is published in blocks. actually exists and can be reconstructed. The problem is that it’s also based on quantum-vulnerable cryptography.
buterin suggests Replace KZG with STARK test. Unlike KZG, STARK does not rely on initial trust settings or fragile elliptic curves.
However, the challenge is that testing becomes larger and the generation process more expensive. Buterin admits that the problem is manageable, but requires a lot of engineering work.
3. Replace ECDSA to prevent private keys from being derived
Ethereum External Accounts (EOA) use the ECDSA (Elliptic Curve Digital Signature Algorithm) algorithm to sign transactions. This same type of encryption is also used in Bitcoin.
ECDSA becomes vulnerable to quantum computers that can run Shor’s algorithm. You will be able to derive your private key From the general public. Simply put, if someone can decrypt ECDSA, they can sign transactions on your behalf.
The solution proposed by Buterin is account abstraction (Account abstractionAA) protocol. This fact allows the account Use any signature algorithmincluding quantum-resistant options such as hash-based or lattice-based signatures (Lattice-based encryption).
The stumbling block is cost. According to Vitalik, validating an ECDSA signature costs about 3,000 units of gas. Quantum-resistant signatures can cost approximately 200,000 gas units or more.
To reduce this effect, Buterin suggests two complementary methods.
- Add mathematical optimizations directly to the protocol (through precompilation that makes post-quantum signature verification more efficient).
- Apply recursive aggregation (EIP-8141). That is, it replaces multiple separate verifications with a single cryptographic proof that proves they are all valid.
4. ZK Test: Compression Verification
Similar problems arise with zero-knowledge (ZK) proofs, which are theoretically vulnerable to quantum computers.
Many applications on Ethereum use these ZK tests. According to Buterin, the Groth16 scheme is specifically used to demonstrate that something is true without revealing the underlying information.
The co-founders of the network propose to integrate recursive aggregation (using EIP-8141) at the protocol level. Instead of verifying each individual proof in the chain, Generate a single test that proves all validations are correct.
This mechanism eliminates the need for blocks containing multiple large proofs to be published and verified each directly on Ethereum. Instead, only compact tests that summarize the entire process are verified.
According to Buterin, this architecture is key to allowing Ethereum to use quantum-resistant cryptography without sacrificing scalability.
Buterin’s proposal does not yet constitute a formal change to the protocol. However, technical guidelines This will need to be discussed in the Ethereum community. Its final implementation will depend on the agreement between developers, validators, and the Ethereum Foundation itself, in coordination with the update roadmap planned for the coming years.
