What Quantum-Ready Crypto Security Means and Why It Matters | by SatoshiLabs | Nov, 2025

Why preparing for quantum computing now is essential to keep cryptography, Bitcoin, and digital security strong for the future

Ten years ago, I would’ve called quantum security science fiction. Something for the next generation to worry about.

But even back in 2017, during my internship at Cloudflare, post-quantum algorithms were already being explored. This one, the SIDH, did not withstand the rigorous community review and was completely broken in 2022. One way or another, it was a clear signal to pay attention.

The reality right now:

No machine today can break Bitcoin, crypto (as in cryptography), or crypto (as in cryptocurrencies).

But that does not mean we should wait until they can. Many other industries are already pushing forward with post-quantum protections.

After years as Trezor’s Chief Technology Officer, watching the field evolve alongside our own work, it’s clear to me that Bitcoin will need to shift to post-quantum algorithms within the next decade, or sooner.

At Trezor, security means thinking long term. We build hardware wallets to protect our users for decades, not just a few years. That means we must understand the threats of tomorrow and prepare for them today.

Why Quantum Readiness Matters

Global leaders across all industries are already working to defend against future quantum threats. Financial institutions, telecommunications operators, technology companies, and internet infrastructure providers are rapidly transitioning to post-quantum cryptography (PQC), designed to withstand the computational power of quantum computers.

Wait… we don’t have quantum computers yet, how can we prepare for them?

Several quantum-resistant algorithms exist. The National Institute of Standards and Technology (NIST) has been working on standardizing post-quantum cryptography since 2016. These are algorithms that run on a “traditional” computer but are designed to resist different types of attacks using quantum computers.

Here’s how other industries are using these quantum-resistant algorithms to get ready for a post-quantum world:

• Cloudflare uses hybrid post-quantum key exchange by default across its network, which handles ~20% of all websites. In October 2025 they announced a huge milestone: the majority of human-initiated traffic with Cloudflare is using post-quantum encryption. (Source: Cloudflare)
• Apple added post-quantum encryption to iMessage in 2024. (Source: Apple)
• Google has added PQC to Chrome and Android. (Source: Google)
• Microsoft has integrated PQC into Windows, Azure, and Microsoft 365. (Source: Microsoft)
• IBM is testing quantum-safe tools for mobile networks. (Source: IBM)
• Amazon Web Services (AWS) offers PQC options for cloud data protection. (Source: Amazon)
• Intel added PQC support to its software tools in 2025, enabling quantum-safe encryption for cloud applications. (Source: Intel)

These companies are not reacting to an active threat. They are preparing because they understand it is necessary to do so before quantum computers become strong enough to compromise their security.

Trezor is proud to lead this shift in crypto security. Not because quantum computers pose a danger today, but because they will eventually. Real protection starts before the problem exists.

Two Sides of Quantum Readiness in Crypto Security

Many ask, “How can Trezor prepare for quantum threats when blockchains themselves are not quantum secure yet?”

The answer is that quantum readiness in crypto has two layers:

1. The blockchains themselves (Bitcoin, Ethereum, Solana, and others).
2. The wallets that secure your private keys.

Both blockchains and wallets will eventually need to adopt post-quantum cryptography. Wallets can implement PQC for internal operations using algorithms that are independent of those adopted by blockchains and can do so already. Once the blockchains upgrade, wallets must also support the same algorithms to remain compatible.

Updating blockchains will require a long, collaborative effort among global communities and developers, while wallets’ internal operations can already be updated now. At Trezor, we focus on what we can control: the security of the device itself. That is why the Trezor Safe 7 was built from the ground up with post-quantum protection.

Inside the Trezor Safe 7 Quantum-Ready Architecture

Press enter or click to view image in full size

A hardware wallet’s most critical security operations depend on cryptography. These include verifying firmware, authenticating the device, and protecting the boot process. The Trezor Safe 7 is ready to secure these operations with post-quantum algorithms. It is currently the only hardware wallet designed to do so. For a quantum-secure boot process it uses SLH-DSA-128, a signature scheme standardized by the U.S. National Institute of Standards and Technology (NIST) in 2024 and recognized by leading cryptographic institutions worldwide.

Each time you start the Trezor Safe 7, this algorithm verifies the bootloader to confirm it has not been altered. We plan to extend this for firmware updates in the following months as well.

Without this protection, a future quantum computer could forge traditional digital signatures, fake bootloader updates, and trick users into installing malicious code that appears legitimate. Once installed, the fake firmware could manipulate transaction signing, for example, by showing a correct recipient address on-screen but actually sending the funds to the attacker’s address.

The Trezor Safe 7 also includes a device certificate signed using the ML-DSA-44 algorithm, standardized by NIST in 2024, to verify the device’s authenticity and integrity. Once fully implemented in the firmware and Trezor Suite, this provides an additional layer of quantum security, ensuring the device can prove its own genuineness even in the post-quantum era.

Because post-quantum protection must be taken into account during manufacturing, not everything is updatable. The boardloader needs to have the corresponding public key to the bootloader, which must be installed at the factory and cannot be altered or updated. Similarly, the device certificate, which authenticates the wallet, is applied during production and cannot be changed afterward.

Only hardware wallets that leave the factory with these preparations, like the Trezor Safe 7, can truly be considered quantum-ready, providing security that remains reliable even in the era of powerful quantum computers.

Securing the Future, Today

With the Safe 7, Trezor keeps your device secure, authentic, and trusted even as quantum computing advances. It is the first-ever hardware wallet using post-quantum cryptography, which is now also used to protect global technology, communication, and internet infrastructure.

When Bitcoin and other blockchains also adopt post-quantum cryptography standards, Trezor Safe 7 will be ready to provide users with complete quantum protection.

No wallet can make your crypto fully quantum-proof today, but the Trezor Safe 7 is built for that future. It is the only hardware wallet designed for the coming quantum era: secure by design, prepared by principle.

This isn’t panic, it’s preparation. A first step toward future-proofing hardware wallets for what’s coming as an industry.

If crypto is going to be the future of money, it must be ready for quantum computing.

After 12+ years of helping over 2 million users secure their crypto, we think it’s better to be prepared and a little paranoid than not.

Stay secure,

Tomas Susanka
Chief Technology Officer at Trezor