A new report commissioned by Coinbase sounds a cautious, but urgent, alarm: Quantum computing won’t break crypto tomorrow, but the industry can’t afford to wait.

The 50-page paper, authored by an independent advisory board that includes prominent cryptographers and academics like Dan Boneh of Stanford University, Justin Drake of the Ethereum Foundation and Sreeram Kannan of Eigen Labs, concludes that while today’s blockchains remain secure, a future “fault-tolerant quantum computer” capable of breaking widely used encryption is increasingly plausible, and preparation must begin now.

In recent months, concerns around quantum risk have moved further into the mainstream. Google researchers have published estimates suggesting that a sufficiently advanced quantum computer could one day break Bitcoin’s cryptography.

Major crypto ecosystems have already started mapping out their responses. The Ethereum Foundation has proposed new types of digital signatures that are designed to be safe against quantum computers, while Solana and others are experimenting with quantum-resistant wallet designs.

The report stresses that current quantum machines are far from powerful enough to crack the cryptography underpinning Bitcoin, Ethereum and other networks. Breaking standard encryption would require vast computational overhead, a milestone still considered a major engineering challenge.

Still, the authors caution against complacency.

“We have high confidence that a large-scale, fault-tolerant quantum computer will eventually be built,” the report states, adding that the timeline is uncertain but “clearly on the horizon.”

That uncertainty is exactly the problem, with estimates ranging from “a few years to a decade or more” and no reliable way to predict breakthroughs.

The urgency is reflected in guidance from the U.S. National Institute of Standards and Technology (NIST), which recommends migrating to quantum-resistant cryptography by 2035, a timeline the report suggests may even prove optimistic.

“Waiting for it to be urgent is not a good idea,” the Coinbase paper says, emphasizing that transitions across blockchains, wallets and exchanges could take years to execute safely.

Some assets may be more vulnerable than others. For example, Bitcoin wallets that have already revealed their public keys could be targeted, while those still protected behind hash functions may be safer in the short term.

The good news: Quantum-resistant cryptography (PQC) already exists and is being standardized by NIST.

The bad news: It’s not an easy swap.

Post-quantum digital signatures can be tens to hundreds of times larger than current ones, which could dramatically increase blockchain data costs and reduce throughput. One estimate in the report suggests that replacing today’s signatures with quantum-proof alternatives could expand block sizes by up to 38 times.

There are also usability challenges, from migrating millions of wallets to deciding what to do with “lost” or inactive funds that never upgrade.

Rather than a single solution, the report outlines multiple transition strategies, including hybrid systems that combine existing cryptography with post-quantum updates or allow a gradual switch when needed.

For now, the authors recommend flexible approaches that avoid sacrificing current security or performance while enabling a rapid upgrade later.

“The time to begin preparing for it is now,” the report concludes.

Read more: Solana’s quantum-threat readiness reveals harsh tradeoff: security vs speed