PQ Slate

@ercwl @danboneh He compares the quantum race to flight. There's one major difference, and that's how AI will accelerate quantum progress. As smart as Dan Boneh is, he may be underestimating the AI impact on quantum progress. For example, Majorana 2 was significantly accelerated by AI.

this is the best bitcoin podcast episode i’ve listened to all year, especially for those that are interested in quantum a background note: i first listened @danboneh talk on the topic of quantum what must’ve been almost 10 years ago. to me, he’s the one expert who demonstrates the most knowledge depth (and humility) on the subject, and teaches me the most when he speaks recently, dan helped come up with a way to run Shor’s algorithm with 10x fewer physical qubits than previously thought (co-author on the 2026 Google paper) my tl;dr of the episode: his baseline characterization of quantum computing isn’t as something that might be fundamentally impossible. that error correction would get exponentially hard in the same way that breaking elliptic curve cryptography in the classical sense gets exponentially hard with the number of bits in a key It is hard for sure, but not ”exponentially hard” at the same time he doesn’t personally think CRQCs powerful enough to attack bitcoin is going to happen before 2035 (sidenote: it should be obvious to anyone that the deadline to reach safety isn’t ”the date when the smart people think an attack is most likely to happen”, but way before then. the question is rather ”by when is it even at a small risk?” and optimize for that) he gives the reason for why it is unlikely to happen before 2035: it is not a principle of physics or of human progress, just a matter of funding. if quantum had the same level of funding that ai does, the calculus would be entirely different (the threat of attack would come much sooner) to connect what he say to what some quantum critics like @jamesob, @reardencode or @robin_linus within the bitcoin community are saying, he does have the humility to acknowledge that it is *possible* error correction doesn’t scale. nobody knows for sure until it is proven. that is a wholly different thing than confidently rejecting outright that it will ever scale, as if it’s something you can know and base your plans on, which is effectively what @jamesob, @reardencode and @robin_linus are doing he compares quantum computing to flight, the wright brothers, and thinks that quantum computing already had its ”kitty hawk” moment (when the wright brothers flew 37 meters in 1903) with the google willow chip in 2024 (proving scalable fault-tolerant quantum computers are possible) ”error corrected quantum computing is not a theory, it has been proven to work” regarding the notion that no quantum computer has factored a number higher than 21, dan says that that's true, but that it's only just now that these tools are coming together. it's happening right now. the entire podcast is a treasure trove of information and is probably the single highest signal thing you can listen to if you want to get up to speed on the latest in ”quantum computing vs Bitcoin” from someone who actually knows what he’s talking about congrats @isabelfoxenduke on this stellar interview

@TrustlessState If you're looking for interesting tech, check out $QRL. Legit PQ project. QRL 2.0 will be PoS with a hard cap, making it more appealing as "money". The QRVM is currently being audited by Trail of Bits.

After selling $ETH, I immediately took ~50% of the capital to VVV, NEAR, ZEC, HYPE I left the rest as capital to DCA into something not already up multiples (other than NEAR, which was ~1.40 at the time. I've finished buying $LIT with that remaining 50%

How many more quantum companies need roadmaps before 2030 for people to stop saying "it's decades away". This is coming and it's coming sooner than people realize.

According to @Microsoft, Majorana 2 progress was enabled by AI and has cut their timeline in half for delivering a scalable quantum computer by 2029. Looks like $IONQ might have some competition from $MSFT. youtu.be/1bN4O5_meB4

"With this progress, the team now expects to achieve a scalable quantum computer by 2029, cutting its original timeline in half." Looks like they leaned heavily into AI to speed things up. Now is the time to prepare with PQC. #Crypto #Qday #PQC news.microsoft.com/source/feature…

@drakefjustin With everything going on at the EF, a PQ Ethereum by 2029, to say it nicely....that's optimistic.

Today a crazy quantum story just got wilder. On March 31, the Google Quantum AI team published a landmark result on Shor's algorithm for elliptic curve cryptography. Technically, the paper was a bombshell: a dramatic 10x improvement over the state-of-the-art. As a stunt and wakeup call to the blockchain space, those optimisations were illustrated on secp256k1, the elliptic curve underlying Bitcoin and Ethereum signatures. But perhaps the most striking part of the paper was sociological, not technical. Instead of following standard academic process, the optimisations were kept secret, hidden behind a zero-knowledge (ZK) proof. Google's accompanying blog post mentions they "engaged with the U.S. government". The ZK proof demonstrates the existence of algorithmic improvements without leaking details. Academic censorship with ZK, a historic first! As a co-author of the Google paper I witnessed some of the context surrounding this censorship. To be honest, multiple aspects of that context don't sit well with me. As much as I believe the general public ought to know more, I am limited in my ability to whistleblow. Though let me be clear about one thing: the Google team's professionalism has been absolutely exemplary, and they deserve nothing but praise. Censorship has a way of backfiring. The Streisand effect, where an attempt to bury something only draws more attention to it, is exactly what's unfolding today. First, Google's key optimisation has been rediscovered by the French. And in a thrilling turn of events, a collaborative Shor-at-home challenge just launched. The initiative, available at ecdsa[.]fail, breached a new Shor world record in a matter of hours. Let's start with the rediscovery. Just two months after Google's paper, French quantum expert André Schrottenloher cracks the main secret optimisation. His paper, titled "Optimized Point Addition Circuits for Elliptic Curve Discrete Logarithms", landed on the arXiv today. Big congrats to André, who beat several other nerdsnipped experts to it. In a blog post also published today, Craig Gidney, the world expert on Shor optimisations, revealed that he'd been sitting on this very optimisation for a whole year under censorship pressure. Interestingly, André missed a handful of minor optimisations, both from Google's original publication and from improvements found since. It's plausible there's still plenty of juice left to squeeze out of Shor, and this is exactly what the ecdsa[.]fail challenge is about. The verifier program developed for the ZK proof does double duty, automatically filtering for valid submissions. Dozens of compounding small and micro improvements are rolling in. As of the time of writing there's an 8.4% improvement to Google's circuit, as measured by the product of logical qubit count and Toffoli gate count. Nice! The nerdsnipping ran deeper than anyone expected. Over the last few weeks it became clear it extended well beyond André and other quantum experts. Behind the scenes, a small army of amateurs quietly got to work. Inspired by Karpathy-style autoresearch, they turned AI on Shor. Ironically, the verifier program for the ZK proof makes an ideal reward function for AIs. The barrier to entry for this modern style of research is refreshingly low, with several non-experts, even a teenager, finding nice optimisations. Get in touch if you'd like to join a Telegram group with fellow autoresearchers :) Part 2: neutral atoms and qday The story doesn't end with Google. On the same day Google went public, a stealthy startup called Oratomic published its own Shor paper in a coordinated release. It made a splash, ultimately becoming the most upvoted paper on scirate[.]com, a website ranking arXiv papers. Oratomic's claim was wild. By building on Google's logical optimisations and applying custom physical optimisations for neutral atoms, they claimed just 10K physical qubits were sufficient to run Shor's algorithm on secp256k1. That number is mind-bogglingly low. Knowing essentially nothing about neutral atoms when Oratomic's paper landed, I was intrigued and decided to learn more about the tech. I fell straight down the rabbit hole and spent a couple hundred hours on the topic. I got a little obsessed and watched every YouTube video I could find and spoke to a bunch of experts. My conclusion? The tech is real, very real. Even Google recently decided to start a neutral atom lab, a notable pivot from their sole focus on superconducting qubits. If you care about qday, i.e. the day a quantum computer will break the first piece of cryptography in production, neutral atoms demand your attention. I shared some of my learnings on Shor and neutral atoms in a 30min talk at the ZKProof cryptography conference. You can find it on YouTube by searching "zkproof neutral atom". Here's an interesting observation about this duo of breakthrough papers: neither Google nor Oratomic say a word about what their results mean for qday. No timelines. Zero. Nada. That is especially baffling given that the whole point of whitehat quantum cryptanalysis is to inform qday estimations and help the general public make good decisions. So let me attempt to partially fill the silence, similarly to what Scott Aaronson did in his April 29 post. Given everything I know, including scary non-public information, I now put the odds of qday by 2032 at 50%. 10% by 2030. Anecdotally, the US government has its own date: 2035. Originating at the NSA and later adopted by NIST, it's when branches of the US government will be disallowed from using quantum-vulnerable cryptography. In plain language: with hindsight, that date is a joke and should be discounted entirely. I don't see how NIST avoids being forced to pull it forward by years. Part 3: post-quantum cryptography There are good reasons to sound the alarm today, but please do not panic. Rushing carelessly towards immature post-quantum cryptography is a recipe for disaster. IMO a good target date for migration is 2029, roughly 3.5 years out. 2029 happens to be the date selected by Google, Cloudflare, and the Ethereum Foundation. These days most of my time goes to safely migrating Ethereum towards post-quantum cryptography as part of the broader lean Ethereum effort. There's a lot to do. We need to rip out and replace BLS signatures at the consensus layer, KZG commitments at the data layer, and ECDSA signatures at the execution layer. The plan to get there is compelling, and is based on hash-based cryptography. Within the Ethereum Foundation we've developed a Swiss army knife called leanVM (github[.]com/leanEthereum/leanVM) powered by the magic of hash-based SNARKs. Thanks to truly exceptional work by Emile, Thomas, and others, its performance is derisked. Regarding security, leanVM is a jewel, a minimal zkVM crafted for end-to-end formal verification and maximum security. Want to help? There are two $1M initiatives. First, the Proximity Prize (proximityprize[.]org). Solve a long-standing mathematical conjecture in coding theory, improve hash-based SNARKs, and go home a millionaire. Second, the Poseidon Initiative (poseidon-initiative[.]info), offers $1M for breaking Poseidon, the SNARK-friendly hash function.

@EliBenSasson The shift from keeping things under wraps to publishing openly is significant.

My turn to call out quantum FUD. The new “we improved on Google’s Bitcoin-breaking quantum circuit” story is, in my view, a nothingburger. Roughly: Google obscured details of a particular circuit. Researchers reverse-engineered it and found a more efficient way to describe/optimize that circuit. Interesting? Sure. Does it change the big picture for Bitcoin, Ethereum, or cryptographic signatures? No. The question that matters is not “can we shave down circuit size again?” We’ve seen those estimates improve for years. The question that matters is whether anyone can build a machine with 1,000+ reliable logical qubits and run it at scale. This is not that news. Not today.

New paper basically matched the recent Google circuit that slashed ECC quantum resources for Shor's algorithm, plus an extra 6.5-10% gate reduction. No zk-proof concealing the circuit this time. Out there for the world to see. #Quantum #Crypto #PQC arxiv.org/abs/2606.02235

@EliBenSasson It's always been cycles. Imagine spiraling debt, high inflation, AI surveillance, and debanking. The case for crypto hasn't changed. If anything, it's only getting stronger. The future of crypto is sovereign, decentralized, and PQ secure.

Generally speaking, crypto seems to be going through an identity crisis. On the one hand, several long-time OGs have left, and on the other, we're finally seeing some love from institutions and TradFi, which is everything crypto has rebelled against. It's challenging crypto's core narrative.

@scottmelker @YahooFinance Stablecoins are just the first wave of RWAs. Once commodities and hard assets are tokenized, they will directly compete with fiat for settlement. Crypto isn't just upgrading the dollar's rails, it's bringing competition to money itself. It's just the beginning of the story.

Crypto didn’t kill the dollar, it gave it better rails. Watch The Daily Wolf on @YahooFinance!

The case for crypto hasn't changed. If anything, it's only getting stronger. The future of crypto is sovereign, decentralized, and PQ secure.

Everyone’s blinded by the AI hype today. But imagine spiraling debt, high inflation, heavy financial surveillance, and debanking. CROPS for the entire crypto ecosystem sounds pretty good at that point. It’s all cycles and capital will rotate.

@arc If you want true, sovereign, decentralized PQC protection, then the answer is $QRL.

Quantum computing introduces long-term risk for digital infrastructure, from wallet signatures to validator integrity and more. Circle’s post-quantum whitepaper explores Arc’s phased approach to resilience across: → USDC → Smart contracts → Validators → Infrastructure systems Planning for long-term security and institutional adoption. arc.io/post-quantum-w…

A warning from @CreusMoreira targeting Q-Day between 2028/2030. Networks are sitting ducks. Hardware requires a chip overhaul from $LAES. While cryptocurrency infrastructure scrambles to migrate, native PQC networks like $QRL are already there. #Qday youtube.com/watch?v=cnC-SR…

Massive move from $IBM. Their $10B quantum roadmap and new CHIPS foundry target a fault-tolerant system by 2029. As hardware advances, legacy encryption is on a timer. The ultimate race for crypto right now is migrating to native PQC.

@wmougayar Not how competition and free markets work.

If BTC is digital gold, and ETH is the largest smart contract platform, these spots are untouchable, so stop fighting them. When they sneeze, everyone else chokes. Let these alphas lead, and the rest will follow.

@aliomerhorzum @pinedegen The utility is the product. Price is simply what the market attributes to the value created by that utility and demand.

@pinedegen well the price is the main product

@sodofi_ CROPS isn't just an Ethereum thing. All of crypto should rally around these principles. The alternative? Centralized DLTs run by CEOs. Crypto basically reduced to tech stocks.

i’ll be honest. when the EF mandate was introduced i didn’t fully get it i’m a devrel. i’m used to building vibey ai slop apps that go viral on the timeline. and building apps that fully embody censorship resistance, privacy and security is much harder. i grew up in the bay area, went to stanford, and now live in sf. the tech culture here is so hyperfocused on growth at all costs. i believe most people have good intentions. but i also know that building with intention takes effort. and when the sole focus is number go up, intention is the first thing that gets forgotten all of that to say, to me, the mandate was a reminder of what actually matters. building technology is a superpower. a power we shouldn’t take lightly. we each have a responsibility to build with intention. and yes, that might take more effort. but a little extra effort now compounds. and our future generations will thank us for it.

Imagine AI systems weaponized against the public then being debanked for a low social credit score. CROPS isn't just an Ethereum thing. All of crypto should rally around these principles. The alternative? Centralized DLTs run by CEOs. Crypto basically reduced to tech stocks.

@rosarioborgesi CROPS is crucial, but economics clearly play a role as well. A little pragmatism goes a long way.

I have chosen Ethereum for the vision, not the price.