Report: 65% of Ethereum, All of Solana Quantum-Vulnerable

Project Eleven’s latest report finds roughly 65% of Ethereum and all of Solana are vulnerable to potential future quantum attacks. The firm maps how quantum-capable adversaries could exploit cryptographic routines used across both chains.

On Ethereum the report identifies three vulnerable primitives: the Elliptic Curve Digital Signature Algorithm (ECDSA) that secures user accounts; Boneh‑Lynn‑Shacham (BLS) signatures used by validators in proof‑of‑stake consensus; and Kate‑Zaverucha‑Goldberg (KZG) polynomial commitments that support blob data introduced by EIP‑4844. Project Eleven notes that validator BLS keys are publicly visible from the moment a validator makes the 32 ETH deposit. If an attacker recovers those keys, the report says they could forge attestations, destabilize consensus and trigger mass slashing events.

Solana’s exposure is described as structural. The network uses Ed25519 keys embedded directly in on‑chain addresses, so wallet public keys are always visible. The report contrasts that with Bitcoin’s UTXO model, where unused addresses can keep public keys concealed until spent. Project Eleven writes that Solana “exposes an X-only public key for addresses, rendering all Solana quantum vulnerable.”

Both networks have started preparatory work. The Ethereum Foundation launched a Post‑Quantum Ethereum website in March 2026 and estimates Layer 1 protocol upgrades could finish by 2029, with full execution‑layer migration extending later. In April 2026, Solana validator client teams Anza and Firedancer each selected Falcon, a post‑quantum signature scheme approved by the National Institute of Standards and Technology.

The Solana Foundation wrote that “Quantum is still years away, and if and when it materializes, the work to migrate Solana is well‑researched, understood, and ready to deploy.” Project Eleven models three Q‑Day scenarios: an optimistic arrival in 2030, a moderate case in 2033, and a pessimistic case in 2042, assuming steady year‑over‑year progress and no major breakthroughs.

The report outlines differing migration challenges. Ethereum would need to update multiple signature and commitment schemes across accounts, consensus and data‑availability layers. Solana would need to change how addresses and on‑chain state represent public keys, which could affect wallets, programs and stored data. The report also highlights the short‑term risk posed by exposed validator keys on Ethereum until validators rotate to post‑quantum‑safe keys.

Project Eleven published the assessment and networks have provided technical materials and statements describing planned migrations and available options.