Post-Quantum Shift Could Force Crypto Exchanges to Rethink Wallet Security
Hierarchical deterministic (HD) wallets, as specified by Bitcoin’s BIP32 standard and used by exchanges like Coinbase and Binance, enable the generation of new deposit addresses from a public key without accessing private keys, which remain offline for security. This architecture is crucial for securely handling customer funds. However, research from Project Eleven shows that this method may not work with certain post-quantum cryptographic signature schemes, such as ML-DSA, which has been selected by NIST for post-quantum security. Under some post-quantum schemes, private keys would be required for each new address, undermining the HD wallet model and complicating operational security. Project Eleven has proposed and prototyped a quantum-resistant wallet design that restores public-key-only address generation, recreating BIP32’s non-hardened derivation property at the wallet layer. While Bitcoin would need a protocol upgrade to implement post-quantum signature schemes like ML-DSA, Ethereum could support this through account abstraction without protocol changes.
