Opinion Piece by Yoon Auh, Founder of BOLTS Technologies
The crypto industry is quietly but rapidly approaching a structural breaking point, and it has nothing to do with regulation, scalability, or adoption. It has everything to do with time. More specifically, whether blockchain governance can move fast enough to respond to existential cryptographic threats. The uncomfortable truth is startling, in that the sector’s primary upgrade mechanism, hard forks, is too slow to handle what’s coming next.
With post-quantum cryptography now standardized by the National Institute of Standards and Technology (NIST) and new research suggesting quantum attacks could arrive sooner than expected, the assumption that networks can simply “upgrade (hardfork) when needed” is starting to look dangerously outdated. Have we not learned from the mistakes of the past?
Quantum Threats does not respect governance
Over the past year, momentum around post-quantum security has shifted from theoretical to practical. NIST finalized key standards such as CRYSTALS-Kyber and Dilithium, signaling that the tools for quantum-resistant encryption are ready for deployment. At the same time, research from Google has suggested that the timeline for breaking widely used cryptographic schemes, including those underpinning Bitcoin, may be shorter than previously believed, coming as soon as 2029.
Yet despite this urgency, blockchain ecosystems remain stuck in a familiar pattern of endless debate, delay, and coordination challenges. Discussions around quantum resistance in both Bitcoin and Ethereum are ongoing, but meaningful changes at the protocol level are likely years away. Even minor upgrades in these ecosystems require extensive consensus-building across developers, miners, validators, and users.
This lag is a feature of decentralized governance, but it also creates a paradox: the very systems designed to be resilient and trustless are structurally resistant to rapid security upgrades which directly undercuts trust in the system and raises systematic risk the longer it takes to address.
The limits of protocol-level fixes
To be clear, the industry is not ignoring the problem. Experimental implementations of quantum-safe Bitcoin and other blockchain architectures have already emerged. These efforts demonstrate that it is technically possible to replace existing cryptographic primitives with quantum-resistant alternatives.
The problem is that nearly all of these solutions share the same assumption: they require fundamental protocol changes. That means new address formats, new signature schemes, and in most cases, hard forks or entirely new chains.
For live networks securing hundreds of billions of dollars in value, this is not a trivial transition. Hard forks introduce fragmentation risk, operational complexity, and political contention. They also assume a coordinated migration, something that history suggests is difficult to achieve even under less urgent circumstances.
Some readers may argue that this is simply the cost of decentralization, and that hard forks, while slow, are ultimately sufficient. Others may contend that quantum threats remain too speculative to justify rethinking core infrastructure today. Both views minimize a brutal reality: security threats do not wait for governance cycles.
A market problem, not just a technical one
The implications of this mismatch extend beyond technical architecture, they directly impact market behavior and institutional adoption. Institutional investors, who have driven much of crypto’s recent growth through exchange-traded funds and custody solutions, operate under strict risk management frameworks. These frameworks require not just strong security, but adaptable security, i.e. systems that can evolve in response to emerging threats without requiring systemic disruption.
If blockchain infrastructure cannot offer that adaptability, it introduces a new category of risk: inflexible security exposure. Assets secured under static cryptographic assumptions may face increasing discounting in the market as quantum timelines become clearer. In practical terms, this could lead to a bifurcation of digital assets, those perceived as upgradeable and resilient, and those seen as structurally rigid.
This is where the industry’s current approach begins to look less like a technical limitation and more like a market inefficiency.
The industry does not need another debate about which flavor of post-quantum algorithm to adopt. The industry needs a new infrastructure layer that enables security without governance dependency, the ability to upgrade cryptographic protections without requiring network-wide coordination, downtime, or protocol-level changes. The governance of asset security needs to be with the asset owner in real-time.
Rather than forcing entire ecosystems to move in lockstep, this approach would allow security to evolve incrementally, at the level of individual transactions or users in a heterogeneous way. It allows total control of asset security by the asset owner on a per transaction basis, and simultaneously removes the onus and liability of security adaptations from the blockchain network.
Early implementations of this model are beginning to emerge, offering a way to overlay flexible cryptographic controls onto existing networks. These architectures suggest that it is possible to bridge the gap between post-quantum theory and real-world deployment without rewriting the underlying chain more than once.
The alternative is to continue relying on governance processes that were never designed for rapid threat response. In a world where cryptographic algorithms can be invalidated faster than consensus can be reached, that is both inefficient and highly risky.
Hardforks are necessary for blockchains and any software system (called major releases). The question is no longer whether blockchains can upgrade their security. It is whether they can do so fast enough to matter and to do it in a manner that no longer allows a flavor of security (cryptography) to be dictated by the blockchain.
Nothing in technology is forever, this is also true in the science of cryptography. Change is the new norm, hyper crypto-agility at the transaction level is the solution that places risk where it should have been in the first place–with the asset owner.
—————–
About the author
Yoon Auh is a former VP at Goldman Sachs and Head Trader at Credit Suisse, Geode Capital and Magnetar Capital. An inventor of data-centric security with a portfolio of patents and research validated in defense-grade settings and NIST-validated work. His background spans deep-tech innovation, applied cryptography, and high-performance trading systems, experience that informs how we secure digital assets, protect against insider threats, and prepare for quantum-enabled attacks across financial markets and blockchain infrastructure.
