Crypto vs Institutional. Same Risk, Same Opportunity. Neither Have It Priced.

Scope

This note is not a quantum threat analysis. That work is done — the hardware milestones are documented, the timeline compression is real, and the planning horizon is operational. This note maps the structural implication most analyses miss because they write from inside one world: the decentralized blockchain and the bank running a 2024-vintage HSM share the same cryptographic regime with different failure surfaces, the same migration opportunity, and the same failure mode. The sorting variable is governance velocity relative to the Q-Day planning horizon. Neither market has priced it.

What Changed

In March 2026, Google Quantum AI published a paper reducing the estimated resources required to attack elliptic-curve public-key cryptography — the signature regime securing Bitcoin, Ethereum accounts, and a large share of modern authentication, signing, custody, and key-exchange infrastructure — by approximately 20×. Google simultaneously set a 2029 internal deadline for migrating its own systems to post-quantum cryptography. NIST finalized post-quantum standards in August 2024: ML-DSA, ML-KEM, and SLH-DSA. The primitive fix exists. The binding constraint is migration architecture.

The harvest-now-decrypt-later threat is already operational. Adversaries capturing encrypted interbank communications, settlement data, and custody records today can decrypt them once quantum capability arrives — whether that is 2029 or 2035. The clock on long-duration sensitive data started when Q-Day became a planning horizon, not when it arrives.

For blockchains, the acute exposure is not decryption of historical transactions — it is future signature forgery once public keys are exposed. For institutions, the acute exposure includes encrypted-record capture, key-management migration, and long-retention data sensitivity. Different surface, same migration clock.

The public-sector migration clock is already running. U.S. law requires federal cryptographic inventories and migration planning following NIST standard finalization. Financial-sector bodies including FS-ISAC, SIFMA, and the G7 Cyber Expert Group are already framing post-quantum migration as a coordinated sector-level resilience problem. OCC, FDIC, and Federal Reserve guidance on PQ migration for banks is increasingly likely as the sector-level coordination architecture hardens.

The governance geometry of the most exposed systems has not changed.

Bitcoin's BIP-360 — the proposal introducing quantum-resistant address types — entered the formal proposal repository but no consensus rules have changed and no migration has begun. Chaincode Labs described Bitcoin's post-quantum initiatives as early and exploratory as of May 2025. Bitcoin's 7.5–8.5 year major-upgrade precedent puts its migration timeline outside the compressed Q-Day planning window if the early-2030s hardware path holds. That is not a critique of Bitcoin's design — it is the structural consequence of a governance model optimized for trustless consensus rather than coordinated migration.

The lost and dormant coin problem compounds the governance constraint. Approximately one million BTC attributed to Satoshi and an estimated 2.3 to 3.7 million permanently inaccessible BTC sit in quantum-vulnerable addresses with no living keyholders. BIP-361 frames the dilemma directly: either allow quantum theft, allow throttled theft, or allow no one to access vulnerable coins. No clean consensus exists on which option the network will choose. The political toxicity of that decision is a separate governance constraint layered on top of the technical one.

Legacy banking infrastructure carries a different version of the same problem. Hardware Security Modules — the physical key management infrastructure of every major financial institution — operate on 7-10 year refresh cycles. Institutions that refreshed HSMs in 2022–2024 using classical-cryptography assumptions face refresh-cycle friction through 2029–2032 unless they accelerate replacement, add hybrid controls, or prove crypto-agility inside the existing estate.

The institutional digital asset layer is building onto vulnerable rails in real time. BlackRock's BUIDL fund holds approximately $2.5 billion across public blockchains. JPMorgan Asset Management launched its first tokenized money market fund on Ethereum in December 2025 and a second in May 2026, with JPMorgan citing roughly $30 billion in traditional assets tokenized on public blockchain networks as of April 2026. Franklin Templeton operates an on-chain U.S. Government Money Fund across nine public networks. DTCC intends to tokenize DTC-custodied securities on compatible public and private chains from H2 2026. Tens of billions of institutional on-chain assets now sit on rails that will require cryptographic migration before the Q-Day planning horizon closes. No public post-quantum roadmaps identified across the major named institutional programs.

Ethereum's Hegotá hard fork, targeted for H2 2026, is the most significant near-term milestone. EIP-8141, being considered for inclusion, introduces signature agility — individual accounts can migrate to post-quantum signature schemes without waiting for protocol-wide adoption. Ethereum has outlined approximately seven hard forks targeting core post-quantum infrastructure by 2029. If Hegotá proceeds with EIP-8141, it is the first concrete account-level migration step by a major smart-contract settlement chain — and the threshold event for the readiness spectrum to become a priced variable rather than a planning discussion.

The institutional disclosure cascade is the traditional finance equivalent. BlackRock materially expanded the quantum-risk section in its IBIT prospectus in May 2025. When the second and third major institutional custodians, asset managers, or ETF issuers follow with material risk disclosures, the migration liability moves from footnote to balance sheet consideration. Watch for OCC or Fed guidance explicitly requiring PQ migration planning for supervised institutions — that converts the financial-sector coordination logic into enforceable bank regulation.

Bitcoin's defensive consensus is the wildcard. Whether BIP-360 and BIP-361 achieve rough consensus within a governance cycle that clears before Q-Day determines whether Bitcoin's store-of-value function survives intact or must be absorbed by a migrated or natively quantum-secure alternative.

The standard framing pits crypto against traditional finance. This note resolves that framing into a single structural observation: both systems were built on the same cryptographic regime with different failure surfaces, both face the same Q-Day planning horizon, and neither has priced the migration liability.

The sorting variable is governance velocity. Not asset class. Not technology. The systems with sufficient governance flexibility to migrate before the forcing event are accumulating structural advantage not yet visible in price. The systems whose governance geometry makes migration impossible at the required speed are accumulating migration liability not yet visible in price.

The opportunity is not symmetrical across the readiness spectrum. PQC-native systems carry no legacy-signature migration debt — though adoption, liquidity, custody, bridge, and governance risks remain. Ethereum has the most organized migration path of the established chains — EIP-8141 targets H2 2026, core infrastructure targets 2029. Algorand deployed the first quantum-resistant mainnet transaction in November 2025, opt-in and incomplete but directionally ahead. Solana faces a 90% throughput loss in post-quantum testnet — willing but technically constrained. Bitcoin's governance precedent puts its migration path structurally exposed against the early-2030s Q-Day window.

The harvest-now-decrypt-later threat means the risk is not purely prospective. Long-duration encrypted financial data is being captured today. Institutions treating quantum readiness as a 2030 problem are already in the threat window for their most sensitive historical records.

Tens of billions in institutional digital assets building onto quantum-vulnerable rails. No public post-quantum roadmaps. The constraint is operating above price.

That is the note.

Sources: Google Quantum AI, March 2026; NIST FIPS 203, 204, 205, August 2024; Ethereum Foundation, pq.ethereum.org, February–May 2026; BTQ Technologies BIP-360 Testnet v0.3.0, March 2026; Chaincode Labs, May 2025; BlackRock IBIT SEC Filing, May 2025; FS-ISAC PQC Migration Timeline; SIFMA/GFMA quantum risk framework; G7 Cyber Expert Group; Algorand Falcon-1024 mainnet deployment, November 2025; Project Eleven, January 2026; CoinDesk, Solana PQ testnet reporting.

This note represents structural analysis and does not constitute investment advice.

Andrew C. Hampson II | Hampson Strategies | hscai.org