The Solana Foundation has partnered with Project Eleven, a cryptography firm specializing in post-quantum security for digital assets, to test quantum-resistant signatures on the Solana network.
The collaboration was announced in December 2025. Project Eleven conducted a full quantum threat assessment for Solana’s infrastructure including validators, wallets, and cryptographic assumptions and deployed a functioning testnet with end-to-end post-quantum digital signatures.
This is a proactive step to prepare Solana for future quantum computers, which could break current elliptic curve cryptography like Ed25519 used in Solana and many other blockchains via algorithms such as Shor’s. Quantum computers powerful enough for this don’t exist yet at scale, but the industry is starting to harvest now, decrypt later risks seriously.
Early modeling and testnet experiments revealed a significant performance tradeoff: Signature size — Quantum-resistant signatures likely based on NIST-standardized algorithms like Dilithium, Falcon, or similar lattice-based/MLWE schemes are 20–40 times larger than Solana’s current compact signatures.
Register for Tekedia Mini-MBA edition 20 (June 8 – Sept 5, 2026).
Register for Tekedia AI in Business Masterclass.
Join Tekedia Capital Syndicate and co-invest in great global startups.
Register for Tekedia AI Lab.
This led to roughly a 90% reduction in throughput and performance in the tested environment. Solana’s high-speed architecture; designed around small, efficient signatures and high TPS makes it particularly sensitive to these changes compared to some other chains. Public keys being exposed on-chain also means existing wallets could be retroactively vulnerable once large-scale quantum computers arrive.
Project Eleven’s CEO, Alex Pruden, and Solana Foundation representatives have described the work as an important first step toward long-term resilience, emphasizing that the goal is to ensure Solana remains secure decades into the future. Most blockchains are still early in post-quantum migration planning. Solana is one of the higher-profile networks actively testing real implementations on a testnet.
Post-quantum cryptography generally trades efficiency for security. Solutions may involve hybrid schemes (classical + post-quantum), signature aggregation, or protocol-level optimizations to mitigate the size/speed hit. This is experimental work on a testnet. Full mainnet migration, if pursued, would be a multi-year effort involving community governance, wallet updates, and careful phasing to avoid disrupting performance.
Current public-key cryptography relies on hard mathematical problems, factoring large numbers or discrete logarithms that quantum computers can solve efficiently. Post-quantum algorithms are built on different hardness assumptions believed to remain secure even against quantum attacks, such as lattice problems, hash functions, or error-correcting codes.
They are not unbreakable but are designed with conservative security margins against both classical and quantum adversaries.NIST recommends starting migration now, often via hybrid schemes (combining classical + PQC algorithms) for safety during transition. Full migration timelines for federal systems point toward deprecating vulnerable algorithms by around 2030–2035.
Secure key establishment and exchange; replaces ECDH or RSA key transport. A KEM allows one party to encapsulate (encrypt) a shared secret key that the other decapsulates. Module Learning With Errors (module-LWE) over structured lattices. This involves noisy linear equations in high-dimensional polynomial rings, which are hard to solve even for quantum computers.
Relatively small keys and ciphertexts, fast operations, easy to implement securely. Parameter sets (ML-KEM-512, -768, -1024) target security levels roughly matching AES-128/192/256. Larger than classical keys (hundreds of bytes to ~1.5 KB combined material), but practical for most protocols like TLS.
Ideal for web encryption, VPNs, secure messaging, and blockchain key exchanges. Create and verify digital signatures for authentication, integrity, and non-repudiation replaces ECDSA or Ed25519. Module-LWE and Module Short Integer Solution (module-SIS) problems on lattices. It uses a Fiat-Shamir with aborts framework; a lattice variant of Schnorr-like signatures without relying on trapdoors.
Good balance of security, performance, and size among lattice signatures. Supports randomized and deterministic modes, plus a pre-hash variant for large messages. Parameter sets target security categories 2, 3, and 5. Signatures and public keys are larger than Ed25519 typically 2–5 KB range for signatures, depending on parameters, which can impact bandwidth-heavy systems like high-TPS blockchains.
General-purpose signing for certificates, code signing, blockchain transactions, and protocols. This is the recommended primary signature scheme for most applications. The recent CoinDesk coverage highlighted these tradeoffs more prominently, sparking discussion across crypto communities about the security vs. speed dilemma.
It’s a responsible move by Solana to tackle a long-term existential risk head-on, even if the initial results underscore how difficult a seamless transition will be. Expect further iterations, optimizations, and possibly hybrid approaches as the work progresses.