What does quantum-ready mean?
A quantum-ready device is built to run the upgrades of the future. In this article, we’ll tell you about the quantum threat, the solution, and how we plan to implement it over time.
What is the quantum threat?
The quantum threat is the risk that quantum computers could break the encryption behind public/private key pairs, which is the foundation of blockchain security.
Cryptocurrencies - and much of today’s digital world - depend on encryption that current computers cannot break. Quantum computers, however, may be the first machines capable of doing so.
For more information, see Public & private keys explained.
Watch: quantum and Bitcoin, explained
Quantum computers could theoretically use public blockchain data to derive private keys in certain cases, bypassing wallet backups.
Theoretically, anyone with a sufficiently powerful quantum computer could use it to access funds stored on vulnerable addresses, making the move to post-quantum cryptography essential for the future of self-custody.
Unlike normal computers, which process data using bits, quantum computers use qubits - entities that can represent many possibilities at once. When measured, a qubit collapses to a single outcome, but before then, every qubit holds a vast spectrum of probabilities, not just 0 or 1.
Each added qubit (in an ideal system) multiplies a quantum computer’s capacity exponentially. At 300 qubits, the possible states already (theoretically) outnumber the number of atoms in the observable universe.
The number of theoretical logical qubits needed to break a 256-bit elliptic curve like Bitcoin’s secp256k1 are on the order of a few thousand, but the real number of physical qubits required (with error correction) could be hundreds of thousands to many millions, depending on hardware and error rates.
The main concern is that quantum computers could one day factor large numbers and solve elliptic curve problems efficiently - the foundations of cryptography which secures not only hardware wallets and Bitcoin, but most of our digital world.
Quantum computers excel only at certain tasks. They are not necessarily faster than regular computers in daily use, but have the potential to act as "accelerators" for the kinds of mathematics that modern encryption relies on.
What is quantum-ready?
A 'quantum ready' device is a device which will be able to run post-quantum cryptographic updates.
A quantum-ready device does not protect your assets from quantum computers at this time. Blockchains must first upgrade to post-quantum cryptography.
Once they do, a quantum-ready device will be able to run firmware that can work with those upgrades and critically, verify the firmware's authenticity.
In order to run these updates, a device will need to be quantum-ready on the hardware level, because this can’t be changed after leaving the factory.
The device will not only be capable of signing transactions from post-quantum addresses, it will be capable of verifying that those transactions are legitimate before they are signed.
Using post-quantum cryptography at the hardware level prevents anyone from creating or signing fake firmware in a future where powerful quantum computers exist, keeping your device safe even when today’s cryptography no longer holds.
Post-quantum cryptography
Trezor Safe 7 uses post-quantum cryptography to protect three things today: the boot process, firmware updates, and device authentication. The boardloader uses SLH-DSA-128 to verify firmware signatures, chosen for its balance of speed, size, and memory for a component that cannot be changed once the device leaves the factory. Device authentication uses ML-DSA-44, a lattice-based algorithm chosen for faster signing during attestation.
For a detailed explanation, please read Going quantum: our choices for Trezor Safe 7's quantum readiness.
Can the Trezor Safe 7 support all future post-quantum blockchain standards?
Trezor Safe 7 is designed to be flexible, but this is not a guarantee that it will be able to support highly resource-intensive future standards.
The future of quantum computing is unknown, and no solution can be guaranteed today.
Trezor Safe 7 is the industry's first step toward post-quantum hardware, including the ability to verify firmware updates once post-quantum standards are adopted.
Navigating a post-quantum future
Quantum computing will eventually challenge the cryptography behind self-custody. Trezor Safe 7 is built so that the hardware itself does not need to be replaced when post-quantum standards arrive.
The advance of quantum computing is slow, but inevitable. Work like BIP360 shows how protocols may adapt, but adoption will take time and requires preparation well in advance, especially at the hardware level, which is why we decided to prioritize quantum readiness.
Trezor Safe 7 gives you the tools to act when post-quantum upgrades arrive, while keeping your wallet backup offline and in your control.