While researching real-world applications of post-quantum cryptography, I came across something pretty interesting. In February 2024, Lockheed Martin filed a U.S. patent (publication number US 2024/0048369 A1) describing a quantum-resistant secure communications system. That alone isn’t surprising given Lockheed’s defense background. But as I read through the patent, something stood out - they explicitly reference and reuse code from the Quantum Resistant Ledger (QRL).

The document directly cites QRL’s GitHub repo and uses its implementation of XMSS (hash-based signature scheme standardized by NIST in SP 800-208). Essentially, the patent builds upon QRL’s architecture to propose a secure communication network - likely intended for use in sensitive military or corporate environments.

Even more interesting is that QRL is currently transitioning to SPHINCS+, which was officially selected by NIST in their first round of post-quantum digital signature standards. Unlike XMSS, SPHINCS+ is stateless, making it a better fit for high-throughput environments and broader adoption. This transition could significantly improve the flexibility and scalability of QRL, especially for applications like the one Lockheed describes.

What caught my attention is how a major defense contractor is borrowing directly from open-source crypto code, particularly from a project like QRL, which many still see as niche within the broader blockchain space.


If anyone here knows more about the connection between QRL and real-world defense applications, or has updates on how the SPHINCS+ migration is progressing within QRL, I’d love to hear your thoughts. This might be an early sign that post-quantum blockchain infrastructure is getting picked up in places we didn’t expect.

Thanks for the link, it’s definitely a good read and brings up some important points. But it actually reinforces what I pointed out: we’re still in the realm of recommendations, calls for discussion, and hope for a future consensus. In other words, no concrete official plan has been adopted so far.

Many still act as if the future will never arrive, relying on public estimates of 5 to 10 years before quantum becomes a real threat. But that’s just what we’re allowed to see. The truth is, companies and government agencies have been developing quantum computing behind closed doors for decades. What gets published is just the tip of the iceberg.

Assuming we still have all that time might be a dangerous illusion.

You’re right in saying that not reusing addresses mitigates much of the current risk, especially for those still holding untouched cold wallets. But that only holds true while the public key hasn’t been revealed. Once a transaction is made and the pubkey is on-chain (as happens with any spent P2PKH, P2SH, multisig, Lightning, etc.), the address becomes a permanent target. At that point, “not reusing” is no longer sufficient.

People also tend to underestimate the time window during which a transaction sits in the mempool. Even new and seemingly “secure” addresses may have their public key exposed during that short gap between signing and confirmation. In a scenario where a quantum-capable actor can act within that timeframe, good key hygiene beforehand won’t matter, the risk becomes immediate.

As for the tech evolution: the jump from “breaking an old P2PK key in a year” to “doing it in 10 minutes” seems big, but progress in quantum computing is exponential, not linear. When that threshold is crossed, the security breach becomes retroactive, every already-exposed address will be compromised. That includes legacy multisig outputs, contracts, sidechains, and bridges. It’s literally a ticking time bomb already written into the blockchain.

And about the idea that “if it happens, we’ll just update”: it’s important to remember that Bitcoin is conservative by design. No change is trivial. Updating the user base, finalizing BIPs, ensuring backward compatibility - all while under the pressure of a live attack - would be chaotic. Having a transition plan ready is essential. Waiting to react is the real risk.

So this isn’t alarmism, it’s simply acknowledging that Bitcoin’s current cryptographic foundations (elliptic curves, ECDSA, etc.) have an expiration date in the face of quantum computing.

The argument that “quantum computing hasn’t even broken SHA-0” completely misses the point. The real threat to Bitcoin isn’t SHA-256, it’s ECDSA, the algorithm that secures users’ private keys. ECDSA is known to be vulnerable to Shor’s algorithm, which can run on a sufficiently powerful and stable quantum computer. This isn’t FUD, it’s a well-established concern in peer-reviewed cryptography literature.

As for the NIST: yes, they’ve been working on post-quantum cryptographic standards since 2016, and they’re only now finalizing them. That alone shows the risk is real and serious enough to justify proactive action. Unlike centralized systems, Bitcoin can’t be updated with a switch. It requires global consensus, coordination, BIPs, testing, and time. Saying “we’ll update when needed” is dangerously naive, by the time the threat materializes, it might be too late to respond safely.

If Bitcoin is meant to survive for decades, it must prepare today for the threats of tomorrow.

You talk as if understanding quantum computing is irrelevant, but it’s exactly this kind of technical denialism that could come at a high cost. No one here is saying quantum computers will break Bitcoin tomorrow, but ignoring the risk is either naïve or dishonest.

Some of us actually study the topic deeply, based on real scientific papers, QNN tests, and current hardware limitations. We know SHA-256 and ECDSA won’t be safe forever. And no, that’s not FUD, it’s projection grounded in science, not faith.

While you mock quantum computing as a “fairy tale,” governments and trillion-dollar companies are investing billions in it. Is that just another “psyop” too?

Sure, BIP 324 is important. But so is future-proofing Bitcoin. It’s not either-or. It’s all of it. If Bitcoin is supposed to last for centuries, it has to survive threats that haven’t even materialized yet.

I find it curious — if not concerning — how some people here still treat quantum computing as some distant myth, something irrelevant, based purely on surface-level impressions or outdated comparisons.

The reality is that progress is happening,much of it publicly, and likely a great deal behind closed doors where nothing is announced until it’s ready. And let’s be clear: quantum computing isn’t new. It’s the result of decades of research, with heavy investment from governments and major corporations. The idea that “this is still far off” ignores both the historical pace and the milestones already achieved.

Meanwhile, in the crypto space, all we see are defensive reactions and a serious lack of technical discussion. The few proposals that have been put forward to address the quantum threat have been, at best, weak and poorly structured — and in many cases, completely impractical.

There’s no real transition being planned, no serious debate about alternatives, no actionable roadmap. Just a collective faith that “we still have time”, as if that were a technical argument.

The truth is: a lot of people are going to wait and see, and they’re going to get hurt. And when it happens, it’ll be fast. No warnings, no buffer. Just damage control.

Revisiting this thread is worrying. Back in 2011, Lockheed Martin bought the first quantum computer from D-Wave. In 2024, they’ve filed a patent involving technology related to QRL (Quantum Resistant Ledger).

It’s clear these advances haven’t stopped, and the integration between quantum computing and quantum-resistant systems is much closer than we think.

That’s why, today, I don’t trust my coins on Bitcoin knowing there’s an imminent danger. Bitcoin urgently needs to take action, the sooner, the better. The network’s security is genuinely at risk, and delays only increase its vulnerability.

It’s no longer a question of “if,” but “when” the quantum threat will materialize. Until then, it’s critical to act to protect what we’ve already built.

https://www.army-technology.com/data-insights/lockheed-martin-in-cybersecurity-theme-innovation-strategy/?cf-view

To be honest, I find it unsettling how confident some people are when dismissing the risks of quantum computing to Bitcoin and other cryptographic systems.

The argument always feels the same: “it’s decades away,” “we’ll know in advance,” “it’s not an immediate concern.” But here’s the uncomfortable truth, actual technological breakthroughs, especially those happening in classified government labs or private R&D, don’t usually come with a press release. Assuming that everything important will be published in academic journals or shared publicly is a risky form of optimism, especially when it comes to global-scale vulnerabilities.

I’m not claiming that a quantum threat is imminent, but I also believe it’s reckless to act as if it’s entirely out of the question in the near future. If your financial future is built on the assumption that no one, anywhere, is making significant progress in secret, then you’re already exposed to an invisible risk.

That’s why I’m proactively supporting and investing in projects that are natively quantum-resistant. They’re not just about potential gains, they’re a form of strategic insurance. If the threat ever materializes, I won’t be scrambling to patch things up last minute. I’ll be ready.

Honestly, I can't feel comfortable with this excessive confidence in predictions about when quantum computing will become a real threat to Bitcoin.

It's always the same narrative: "it's still far away," "we don't know when," "it's not a concern yet"... but the key point is that real technological progress, especially in private, corporate, or state environments is not necessarily made public. Relying solely on what's published in academic papers or announced by public companies is naive, especially when we're talking about global financial security.

I'm not saying the quantum apocalypse will happen tomorrow, but I also don't think it's wise to live as if it's impossible in the coming years. If your wealth depends on the assumption that no one is making significant progress behind closed doors, that's already a serious vulnerability.

That's why, besides maintaining a critical stance, I'm already investing in projects that were built from the ground up with quantum resistance. Not only do they have solid potential, but they also offer strategic protection: if this problem ever becomes real, I won't be relying on luck or emergency updates. I’ll already be protected.

I prefer to work with safety margins, not bets on the unknown.

That’s why I sold everything I had and invested fully in QRL, one of the few cryptocurrencies that has had post-quantum security since 2016. Preparing for this imminent future is no longer optional.