Post-Quantum Cryptography Before the Hype, Dr. Joseph Kearney’s Journey
7th July 2026
For most of the past decade, the conversation about quantum computing and blockchain has lived in a small, slightly strange corner of both fields.
The blockchain people weren’t paying attention. The quantum people weren’t either. The people bridging the two were, essentially countable on one hand.
That has changed. In this conversation with the QRL Show, Dr. Joseph Kearney (a post-quantum cryptography specialist focused specifically on how quantum computing affects blockchains) walks through the evolution of the field, what cryptographers in this space actually do day-to-day, and the migration problem now bearing down on every quantum-vulnerable chain in existence.
Table of Contents
From Brewing Beer to Foundational Papers
Joseph’s path into post-quantum cryptography begins in an unexpected place: a pub. In 2015, he was running one, decided to sell it, and went back to university for a master’s degree in computer science. When it came time to pick a thesis topic, the usual options, like building Solitaire with probability as an app on Android, didn’t grab him. Then he came across a topic posted by Dr. Perez-Delgado: quantum computing against blockchain technologies.
“I emailed him at midnight. He emailed me back at half past midnight. I went to his office the next day, and he plopped a copy of Nielsen and Chuang down in front of me. ‘Go away, read the first four chapters, and come back to me.’”
That was the beginning. Joseph knew essentially nothing about quantum beyond a little high school physics. The field chose him as much as the other way around, and it stuck.
How a One-Paper Field Became a Discipline
Ten years ago, post-quantum cryptography as applied to blockchain was a field with a single anchor point. That paper, “Vulnerability of Blockchain Technologies to Quantum Attacks”, examined the potential for quantum attack on Bitcoin and was, by Joseph’s description, the foundational work of the field. For years afterward, the literature remained thin. The people doing the work were, in his words, “me, Carlos, QRL, and maybe a couple of other people.”
The structural problem was a familiar one in cross-disciplinary work: each side considered the other someone else’s job. Blockchain developers considered quantum computing to be physics and beneath their attention. Quantum physicists considered blockchain to be computer science and beneath theirs. Neither group was engaging with the work of asking what happens when a sufficiently powerful quantum computer meets a network secured by ECDSA.
“It’s only in the last two years that anyone outside a select group has really engaged with it.”
That bridge-building, more than any individual paper, is what changed.
“Post-quantum” Is a Temporary Label
One of the more clarifying points Joseph makes is that the “post-quantum” qualifier in “post-quantum cryptography” is on a clear expiration date. The historical pattern is consistent: mechanical cryptography gave way to integrated-circuit cryptography, which gave way to what we now call classical cryptography. The new generation of schemes is following exactly the same trajectory. Research first, then standardization via NIST, then quiet absorption into the toolkit every developer uses.
“If you’re a software developer and you’re not utilizing AI, that’s similar to where post-quantum cryptography is going. All cryptography will just be cryptography. RSA, ECC, ECDSA, they’re going to be defunct by 2030, deprecated by 2035, and completely removed from usage. Post-quantum cryptography will become cryptography.”
The implication for builders is straightforward. The window in which “post-quantum native” is a meaningful differentiator is closing. The window in which “quantum vulnerable” is a structural liability is opening. Both windows will eventually disappear entirely, but the transition itself will be uneven, and the chains that failed to plan for it will not get a do-over.
What Post-Quantum Cryptographers Actually Do
The day-to-day work of a post-quantum cryptographer, as Joseph describes it, splits into two main threads. The first is vulnerability analysis: understanding attack vectors by going in and looking at how a blockchain depends on its cryptography, and then expanding out to the protocol level.
The example he uses is Ethereum. At a glance, Ethereum looks like an ECDSA problem. All externally owned accounts are secured with ECDSA, and key reuse is rampant. That is the obvious attack surface, but a real cryptographer does not stop at the obvious. The deeper question is what else an attacker can do. What is the optimal disruption strategy? What is the optimal profit strategy? Which surfaces are more attractive to a state actor than to an individual?
The second thread is pushing the boundaries of what the schemes themselves can do, which is where the blockchain community has, somewhat unexpectedly, become a real forcing function on cryptographic research.
“We don’t use cryptography just for digital signatures. We don’t use it just for peer-to-peer messaging. It’s the expansion, the utilization. How can you push that cryptography to its absolute limits?”
That pressure from the protocol side has produced a steady stream of incremental results: work on shrinking SLH-DSA, demonstrations that SLH-DSA can be used with HD wallets, optimization of ML-DSA, the ongoing development of FN-DSA, SQI-sign for small signature sizes, HAWK as a Falcon equivalent, UOV, and others.
None of these are headline-grabbing in the way a major cryptographic break would be, but they are the work that determines which schemes are deployable in real systems and which remain theoretical.
The First Paper and the Single Email
Joseph’s first paper in the space was Vulnerability of Blockchain Technologies to Quantum Attacks, published in 2019. The work expanded the original multi-blockchain analysis, “Vulnerability of Blockchain Technologies to Quantum Attacks” to a wider range of cryptocurrencies and, crucially, to the protocol level.
“How much of a big difference does that make from blockchain to blockchain? The answer was, in some cases a lot, in some cases less than you’d think, because of how dominant the infrastructure Bitcoin was built upon became. Almost every single blockchain, unless they’re quantum native, uses ECC-based cryptography. That’s the artifact of Bitcoin being built the way it is.”
The paper also surfaced protocol-level differences that the Bitcoin-centric original had glossed over. Privacy tokens using zk-STARKs are quantum resistant. Privacy tokens using zk-SNARKs are not, because SNARKs are based on the discrete log problem. That kind of detail, protocol by protocol, is what makes the paper a foundational reference rather than a one-off observation.
The reception, by Joseph’s own account, was muted. For months, the only email he received about the paper was from Craig Clement on the QRL team, with a pointed note about the lack of a QRL mention. That single email turned out to be the seed of a working relationship that has since produced multiple joint episodes, papers, and one of the more sustained collaborations in the post-quantum blockchain space.
The Risk of Choosing a Field That Didn’t Yet Exist
The most candid moment of the conversation comes when the hosts push Joseph on the professional calculus of choosing a topic that, at the time, had no real career path. The blockchain side ignored quantum. The quantum side ignored blockchain. And there was a perfectly real possibility that quantum computing would hit a fundamental wall, that some proof would emerge showing noise scaling made large-scale systems unworkable, and the entire premise would collapse.
“I just did it out of interest. Natural curiosity. That’s how I’ve ended up going down virtually all my career. There’s a saying with PhDs: you better really, really like your PhD topic, because by the end of it, you’ll hate it. I’m still loving it. Ten years in, and I still love it.”
The macro evidence has, in the years since, pointed consistently in one direction. Each new paper lowers the bar on what a “sufficiently powerful quantum computer” needs to do to break ECDSA via Shor’s algorithm. Governments have set 2030–2035 timelines for post-quantum migration of critical systems. The cycle of new results is shortening. None of this was a given in 2015, but the range of plausible outcomes has narrowed substantially.
“You don’t have to trust any of our opinions. It’s just looking at the macro of where the foremost experts across the field are seeing things headed. What are governments mandating? What are nation states doing? They’re lowering timelines.”
The Migration Problem
The migration problem, in summary, is this. The chains that hold the overwhelming majority of value in the cryptocurrency space are secured by cryptographic schemes that a sufficiently powerful quantum computer can break. Migrating them is not a software update. It is a coordination problem with no precedent.
Immutability means revealed public keys remain accessible on-chain indefinitely. Permissionlessness means no central authority can upgrade on a user’s behalf. Every node in the network must adopt the new scheme. Millions of user keys must be regenerated without compromise. And historical transactions must remain verifiable, all while maintaining backward compatibility with the legacy state.
“99.999% of cryptocurrencies, almost all of them, are going to have to migrate in some way or another. There’s maybe two or three that aren’t, because no post-quantum migration is necessary.”
The trade-offs in the proposed migration playbooks are severe. Some approaches are, in effect, not becoming the same chain. Forking off legacy state, freezing vulnerable accounts, or requiring active user action all impose costs that the underlying protocols were specifically designed to avoid.
What Comes Next
Joseph splits the outlook into two parts, the exciting and the terrifying, and the split is roughly even.
On the exciting side, the quantum-native chains, QRL and a small number of others, are in a genuinely open field. They are building infrastructure that is fully post-quantum secure from the ground up, with no migration overhead and no legacy vulnerability to manage. The work is, as Joseph puts it, a blue ocean.
On the terrifying side, the rest of the space is staring at the migration problem without a fully solved playbook. The dollar figures involved are large enough that a botched migration is not a recoverable event for any of the major chains.
“There’s $2.5 trillion of just pure market capitalization, plus stablecoins, plus ETFs, plus everything else on top. I shudder to think what the actual valuation of the cryptocurrency space is. It’s much higher.”
The closing thought is the one the conversation has been building toward since the beginning. The “post-quantum” label is a temporary marker. It will be replaced by something else, which will then be replaced by something else after that, and the cycle will continue, just as the labels “mechanical cryptography” and “integrated-circuit cryptography” disappeared into the broader category of “cryptography.”
The thing that matters is not the label but whether the trillions of dollars of value sitting on ECDSA-secured chains will make it through the transition intact, and whether the chains that started native will still be ahead when the dust settles.
“You could build the case that post-quantum security will become the new classical security. As things migrate over, the post-quantum chains will eventually just be considered classical chains. Eventually, over a long enough timeline, the word post-quantum disappears. It’s the evolution of technology.”
Related Reading
- Want to see how the field’s conversation has shifted in the last year? Read our breakdown of the two papers that changed the quantum threat conversation.
- Want to dig into the Bitcoin migration problem Joseph describes? Read our preparation guide for Bitcoin’s post-quantum era, with insights from quantum computing experts, and our more recent take on a quantum-safe Bitcoin proposal that doesn’t require a soft fork.
- Curious about the macro timeline Joseph references? Read our breakdown of Google’s 2029 internal post-quantum migration deadline, and what Bitcoin and Ethereum’s responses tell us.
- Want to follow where QRL are headed next? Read our anniversary blog, “Eight Years of Building the Quantum-Safe Future”.
7th July 2026