Institutional custodians race to secure Bitcoin and Ethereum ahead of potential cryptographic migration
BNY, the world’s largest custodian with $59.4 trillion in assets under custody and administration, announced in May it would offer Bitcoin and Ethereum custody in Abu Dhabi. Weeks later, Standard Chartered confirmed it would fully acquire Zodia Custody, the digital asset custodian incubated in 2020.
The moves underscore institutional appetite for regulated digital asset custody. They also expose a structural vulnerability: most custody infrastructure relies on elliptic curve cryptography that a sufficiently large quantum computer could compromise. Current quantum computers are research prototypes with around 100 qubits. Cryptographically relevant machines would require hundreds of thousands of qubits.
A custodian’s core function is guarding private keys and producing digital signatures that authorize Bitcoin transactions. Every spot Bitcoin ETF, tokenized fund, and corporate treasury position depends on custodian key management. Two dominant architectures exist: MPC (multi-party computation) splits keys across separate machines; HSM (hardware security modules) locks keys in tamper-resistant hardware.
Bitcoin and Ethereum signatures rely on elliptic curve cryptography. Shor’s algorithm, executable on a sufficiently advanced quantum computer, could derive private keys from public keys and forge transactions. Banks can upgrade internal security independently, but Bitcoin protocol changes require network-wide agreement among thousands of independent nodes. Custodians deploying post-quantum signatures today would produce transactions Bitcoin and Ethereum reject as invalid.
The timeline for migration is uncertain. Swiss digital asset technology firm Taurus estimates blockchain migration to post-quantum could occur in 2029 or earlier. In August 2024, NIST published the first post-quantum cryptographic standards. NIST IR 8547 deprecates current signature schemes in 2030 and disallows them in 2035. Taurus holds that a cryptographically relevant quantum machine is unlikely before 2040.
Hash-based signatures like SLH-DSA are what most networks are choosing, producing signatures 7,856 bytes compared to 64 bytes for current standard signatures. Top-tier HSMs from vendors like Thales already run post-quantum signature algorithms. Lattice-based post-quantum protocols emerged only in 2025 and 2026 and remain unvalidated for production use.
MPC architecture faces technical hurdles. Taurus claims hash-based signatures encounter a fundamental mathematical barrier for MPC implementation because hash functions scramble input structure. However, Taurus builds HSM-based custody technology and has commercial interest in favoring HSMs over MPC. MPC vendors could plausibly adapt to lattice-based schemes if those win out instead.
Standard Chartered’s acquisition of Zodia Custody is expected to close by end of August. Deutsche Bank backs Taurus, which has published analysis on post-quantum migration. Circle, a blockchain company, has a post-quantum roadmap. Whether hash-based signatures actually become the dominant blockchain choice remains open.
Key uncertainties
No custodian has disclosed how they plan to migrate client assets during protocol upgrades. Bitcoin will need to specify which post-quantum signature scheme it will adopt. Blockchains have not announced concrete timelines for implementing post-quantum upgrades. The total assets currently held in MPC versus HSM custody systems remains unquantified.
