{"id":62900,"date":"2026-03-09T13:31:46","date_gmt":"2026-03-09T06:31:46","guid":{"rendered":"https:\/\/hbbgroup.net\/post-quantum-shift-could-force-crypto-exchanges-to-rethink-wallet-security\/"},"modified":"2026-03-09T13:31:46","modified_gmt":"2026-03-09T06:31:46","slug":"post-quantum-shift-could-force-crypto-exchanges-to-rethink-wallet-security","status":"publish","type":"post","link":"https:\/\/hbbgroup.net\/vi\/post-quantum-shift-could-force-crypto-exchanges-to-rethink-wallet-security\/","title":{"rendered":"Post-Quantum Shift Could Force Crypto Exchanges to Rethink Wallet Security"},"content":{"rendered":"<div>\n<p><span>A widely used method that crypto exchanges rely on to generate deposit addresses while keeping private keys offline could break if blockchains migrate to post-quantum cryptography, according to new research.<\/span><\/p>\n<p><span>Exchanges such as Coinbase and Binance currently rely on hierarchical deterministic wallets, a system standardized under Bitcoin Improvement Proposal 32, or BIP32.\u00a0<\/span><\/p>\n<p><span>The design allows operators to generate fresh deposit addresses from a public key stored on a server while the private signing key remains offline in cold storage.<\/span><\/p>\n<p><span>That separation is foundational to how custodial crypto infrastructure works, enabling exchanges to create addresses on demand without exposing the keys that control customer funds.<\/span><\/p>\n<p><span>But researchers at Project Eleven argue the architecture may not function under some post-quantum signature schemes, including ML-DSA, a digital signature standard finalized by the U.S. National Institute of Standards and Technology as part of its post-quantum cryptography program.<\/span><\/p>\n<p><span>Project Eleven, a post-quantum cryptography startup founded in 2024 and backed by Castle Island Ventures with participation from Coinbase Ventures, is building tools to help financial and blockchain systems transition to quantum-resistant security.<\/span><\/p>\n<p><span>\u201cIf Bitcoin adopted ML-DSA without a construction like ours, you lose non-hardened derivation,\u201d Conor Deegan, CTO and co-founder of Project Eleven, told <\/span><i><span>Decrypt<\/span><\/i><span>. \u201cThat means any system that needs to generate fresh receiving addresses\u2014exchanges, payment processors, custodial services\u2014can no longer do so from a public key alone.\u201d<\/span><\/p>\n<p><span>Under that model, the private key would need to participate in every child-key derivation used to generate new addresses.\u00a0<\/span><\/p>\n<p><span>While systems could rely on hardware security modules, secure enclaves, or air-gapped devices to perform those operations, Deegan said such approaches add complexity and operational risk.<\/span><\/p>\n<p><span>\u201cThe clean separation that BIP32 provides today, with a public key on a hot server and private key in cold storage, goes away,\u201d he said.<\/span><\/p>\n<p><span>The team <a href=\"https:\/\/eprint.iacr.org\/2026\/380.pdf\" target=\"_blank\">published<\/a> its findings on the cryptography-focused IACR research archive earlier this month and released a prototype wallet designed to restore this functionality using quantum-resistant techniques.<\/span><\/p>\n<p><span>The proposed design recreates a core feature of BIP32 known as non-hardened key derivation, allowing new public keys to be generated without exposing private keys even under post-quantum cryptography.<\/span><\/p>\n<p><span>The construction operates entirely at the wallet layer, meaning blockchains themselves would only need to support the underlying signature scheme used by the wallet. Bitcoin does not currently support ML-DSA or the alternative scheme used in the researchers\u2019 prototype, meaning a protocol upgrade would be required before such designs could be deployed on the network.<\/span><\/p>\n<p><span>Deegan added that similar wallet constructions could already be implemented on Ethereum using account abstraction, which allows more flexible signature logic without requiring protocol-level changes.<\/span><\/p>\n<div>\n<h3>Daily Debrief Newsletter<\/h3>\n<p>Start every day with the top news stories right now, plus original features, a podcast, videos and more.<\/p>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>A widely used method that crypto exchanges rely on to generate deposit addresses while keeping private keys offline could break [&hellip;]<\/p>","protected":false},"author":5,"featured_media":62901,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[220],"tags":[],"class_list":["post-62900","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tien-dien-tu"],"acf":[],"_links":{"self":[{"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/posts\/62900","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/comments?post=62900"}],"version-history":[{"count":0,"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/posts\/62900\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/media\/62901"}],"wp:attachment":[{"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/media?parent=62900"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/categories?post=62900"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hbbgroup.net\/vi\/wp-json\/wp\/v2\/tags?post=62900"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}