Midnight Bombshell! Solana fully launches quantum-resistant migration, is your $SOL still safe? This roadmap hides a hundredfold secret code

Quantum computers currently do not pose a direct threat to Solana, but the blockchain must plan ahead and gradually transition to post-quantum cryptography systems. This article will detail transaction signatures, consensus mechanisms, and the implementation plan for migrating existing wallets, while keeping pace with cutting-edge technological iterations to allow flexible adjustments in the future.

Public key encryption is the foundational backbone of all blockchain operations. Users authorize each transaction through signatures, validation nodes package blocks and sign certificates, thereby establishing the network-wide block consensus. Whether it’s asset ownership or on-chain consensus mechanisms, the core logic relies on verifying the validity of signatures via public keys. In permissionless decentralized blockchain ecosystems, legitimate signatures are the only proof of authority. As long as a valid signature can be generated from an account’s public key, the corresponding assets can be controlled. The stability of this system depends on the one-way, irreversible nature of keys: private keys can be easily derived into public keys, but it is nearly impossible to reverse-engineer the private key solely from the public key.

However, quantum computing is breaking down this security barrier. Once high-performance quantum computers become mature, all current elliptic curve-based signature algorithms will be vulnerable to cracking, posing a severe threat to user asset security and the stability of the entire blockchain consensus. Therefore, Solana must develop a comprehensive post-quantum security system by specifically addressing three core risk points: the consensus mechanism, transaction signatures, and wallet migration. These three modules have different technical constraints and performance standards, requiring separate planning and phased implementation. This article provides a comprehensive overview of Solana’s overall quantum migration plan. Falcon, due to its smaller signature size and better adaptability, is currently the preferred solution. Meanwhile, each core component can independently upgrade based on bandwidth limitations and development needs.

Latest developments in quantum and post-quantum technologies—such as Google’s latest industry research, NVIDIA’s continued investment in quantum research, and the rapid progress of quantum error correction techniques and supporting tools—indicate that the blockchain industry urgently needs to formulate quantum defense strategies and initiate open community discussions.

We firmly believe that quantum computers will not threaten Solana’s network security in the short term. Industry estimates suggest that quantum attack techniques capable of cracking elliptic curve encryption will still take years to develop. Solana maintains rapid version updates and ecosystem improvements. Since post-quantum encryption technologies are still under ongoing research and optimization, the team will continuously monitor various alternative solutions to ensure future protocol upgrades adopt the most mature and reliable technologies, avoiding rushed decisions.

To date, only ML-DSA (Dilithium, a mainstream post-quantum signature algorithm) has received formal standardization certification from the U.S. National Institute of Standards and Technology (NIST). FN-DSA (Falcon, a lightweight quantum-resistant signature scheme) is expected to complete all standardization processes within a few months. The long-term upgrade plan provides ample time to select encryption schemes better suited to Solana’s high-performance attributes. Global research teams are also continuously developing new generations of quantum-resistant encryption technologies, with promising algorithms that may better fit the Solana ecosystem in the future. SQISign is a highly promising alternative: its public key and signature sizes are much smaller than Falcon and ML-DSA, approaching traditional elliptic curve algorithms. However, its verification speed is currently extremely slow, making it unsuitable for large-scale commercial use at this stage. If future efficiency breakthroughs are achieved, it could become a highly competitive alternative. Currently, most post-quantum signature algorithms have significant drawbacks, such as large public key and signature sizes. This greatly increases data volume for individual transactions and node consensus voting, which could severely impair Solana’s high throughput and network efficiency.

Consensus mechanism: Solana’s current Alpenglow consensus protocol uses the BLS12-381 signature algorithm, which supports efficient signature aggregation. Under this mechanism, validator votes are BLS signatures, and the final block certificate is generated by aggregating signatures from all network nodes. An ideal post-quantum consensus layer must retain this core capability of signature aggregation. The Falcon aggregate signature technology, validated through the LaBRADOR proof system, demonstrates the feasibility of this approach. For scenarios where all validation nodes sign the same message, multi-signature schemes like Raccoon and DOTT are under active development and are feasible upgrades for the consensus layer. The signature algorithms used in the consensus layer can be independent of those used for transaction signatures. Just as Alpenglow currently uses BLS12-381 and transaction signatures use Ed25519, the post-quantum upgrade can select a dedicated encryption scheme optimized for aggregation and low latency.

Transaction signatures: Among the NIST-certified post-quantum signature standards, Falcon has the smallest signature size, which is critical for Solana’s bandwidth efficiency. Previously, due to implementation difficulties and susceptibility to side-channel attacks, Falcon’s standardization was delayed, but its core advantages remain unmatched: Falcon signatures rely solely on integer operations, with simple logic and low implementation difficulty; signatures are generated off-chain, allowing wallets and node operators to choose rigorously audited, secure software versions. As mentioned, SQISign is another promising candidate, with extremely compact public keys and signatures close to traditional elliptic curve sizes. Although its security and performance are still being optimized, it has not yet been standardized and remains in the frontier research stage.

Existing wallets: The smooth transition and asset migration of existing wallets are critical issues. For older blockchains like Bitcoin, protecting legacy wallet assets and securely migrating to quantum-resistant systems has been a longstanding challenge. Fortunately, Solana has a complete and feasible full-wallet migration plan. Currently, Solana’s Ed25519 cryptography uses a 32-byte seed to generate private keys. During signing, the system derives the private key via SHA-512, then generates the public key and transaction signatures from it. Even if quantum computers break Ed25519 encryption in the future, attackers can only steal the derived private key, not the original seed. SHA-512 remains a secure, reliable one-way hash function resistant to quantum attacks, ensuring the long-term security of user seeds. Quantum attackers cannot access the core original seed, so asset control remains with legitimate holders.

Based on this feature, we have designed a complete migration process: new wallets will fully adopt post-quantum signature schemes like Falcon; Ed25519 signature verification will be gradually phased out and disabled to prevent quantum devices from forging signatures and stealing assets; during asset migration, existing users must produce valid signatures with the new post-quantum key pairs and submit zero-knowledge proofs to demonstrate possession of the original Ed25519 seed. This mechanism completely separates from the insecure old signature system, ensuring only genuine asset owners can produce compliant zero-knowledge proofs, thus fully safeguarding asset migration security. Many mature zero-knowledge proof frameworks can support this mechanism; although proof data sizes are large, asset migration is a one-time operation and will not affect daily on-chain transaction experience. Program-derived accounts (PDAs), unique to Solana, have no private keys by design and inherently possess post-quantum security, requiring no upgrades.

Additional notes: Many core modules of the Solana network also rely on Ed25519 signatures, including the Turbine block sharding protocol, Gossip node communication, and the QUIC high-speed transmission protocol. Their cryptographic upgrade plans will align with transaction signature modifications. Currently, Solana’s runtime environment offers multiple elliptic curve cryptography interfaces, including Ed25519, Secp256k1, Secp256r1, and BLS12-381. In the post-quantum era, these traditional cryptographic interfaces with known vulnerabilities will be phased out and replaced with new, secure cryptographic tools. The community is also conducting experimental R&D, such as Blueshift’s team, which leverages native on-chain components and WOTS one-time signatures to implement a quantum-resistant cold wallet storage solution without protocol upgrades, providing users with additional security options.

Solana’s future development plan: The immediate on-chain implementation involves the SIMD-0416 proposal, which will add Falcon signature verification system calls for smart contracts. Once native Falcon verification is available, developers can integrate this encryption algorithm to build quantum-resistant asset vaults, secure transfer protocols, and various DeFi infrastructure. This does not mean Solana will adopt Falcon as the universal protocol-level signature scheme or forcibly integrate it into the Alpenglow consensus. Solana maintains a rapid development pace, and post-quantum cryptography remains an ongoing exploration. The core strategy is to prioritize deploying practical, short-term security solutions while continuously evaluating various encryption technologies for long-term protocol upgrades. For client-side development, we have completed a highly optimized Falcon signature verification program, achieving 2-3 times the efficiency of the official reference version, with plans for comprehensive performance testing and security audits. Meanwhile, the team will continue evaluating alternative encryption schemes to ensure a robust long-term quantum security reserve for Solana.