from the migration desk
Quantum readiness for Solana
What changes before Q-Day and why Solana teams should start migration planning now.
Quantum readiness is not a launch-day switch. It is a long operational migration from assumptions that work today to signer policies that can survive a future where exposed public keys are not safe forever.
For Solana teams, the problem is especially concrete: authorities are public, transactions are permanent, and multisigs often protect assets or upgrade rights that need to last for years.
The Solana-specific risk
Solana's ordinary account model relies on Ed25519 signatures. Many cross-chain teams also rely on secp256k1 signers. Both are elliptic-curve schemes. A sufficiently capable quantum computer running Shor's algorithm would break the private-key secrecy of exposed public keys.
A classical multisig improves human and operational security, but it does not automatically change the cryptographic class of the approvals. If every member is classical, the quorum remains classical.
The readiness window
The institutional signals are no longer vague. NIST finalized the first post-quantum standards in 2024. NSA published CNSA 2.0 transition guidance. CISA, NSA, and NIST tell organizations to build roadmaps and cryptographic inventories. Global Risk Institute's 2025 survey reports a materially accelerated CRQC timeline.
That does not mean a Solana account breaks tomorrow. It means the migration timeline has become part of the risk model.
What teams should do first
- Inventory long-lived authorities, vaults, upgrade keys, and custody paths.
- Separate operational convenience from final approval authority.
- Test Falcon and Winternitz approvals on devnet.
- Add post-quantum members before urgency compresses review time.
- Use explicit post-quantum approval requirements for high-value actions.
The quorum threshold answers how many people approved. The signer policy answers what kind of cryptographic evidence they used.
Where Quorum fits
Quorum lets Solana teams start now without waiting for a protocol-wide wallet migration. Ed25519 and secp256k1 members can coexist with Falcon and Winternitz members in the same multisig. Teams can begin with pq_threshold = 0, add post-quantum identities, and raise the requirement when ready.
That makes quantum readiness a governed rotation rather than a panic migration.
References
- Solana's Quantum Readiness
- NIST post-quantum FIPS approval announcement
- Global Risk Institute Quantum Threat Timeline Report 2025
- Google Quantum AI cryptocurrency disclosure