March 9 News, as quantum computing technology continues to advance, discussions about blockchain security systems have heated up again. Recent studies indicate that once blockchain networks migrate to post-quantum cryptography systems, the current wallet address generation architecture widely used in the encryption industry may face failure risks, forcing custodial institutions to redesign their wallet security models.
Currently, mainstream custodial systems rely on Hierarchical Deterministic Wallets (HD Wallets), built on Bitcoin Improvement Proposal BIP32. This mechanism allows operating platforms to generate new deposit addresses using public keys stored on online servers, while the private keys controlling the funds are kept offline in cold storage. This separation of “public key online, private key offline” is considered the core foundation of custodial crypto asset security management, enabling institutions to continuously generate user addresses without touching the private keys.
However, the post-quantum cryptography research organization Project Eleven believes this model may not function properly under certain quantum-resistant signature algorithms. The team pointed out that the post-quantum digital signature standard ML-DSA, established by the National Institute of Standards and Technology (NIST), conflicts with existing key derivation mechanisms. If blockchain systems adopt such algorithms directly, traditional non-enhanced key derivation mechanisms could become invalid.
Conor Deegan, co-founder and CTO of Project Eleven, stated that in such cases, generating new receiving addresses would no longer rely solely on public keys; private keys would need to participate in each sub-key derivation process. This means custodial institutions would have to invoke private keys when generating addresses, breaking the current security isolation between cold storage and online systems.
Researchers noted that while hardware security modules, secure enclaves, or physically isolated devices could handle these computations, doing so would significantly increase system complexity and introduce new operational and security risks. In other words, the existing clear structure of “hot servers managing public keys, cold servers storing private keys” may no longer be sustainable.
To address this issue, Project Eleven has proposed a new wallet architecture prototype that attempts to re-implement the key functions of BIP32 in a post-quantum environment, allowing the system to generate new public keys without exposing private keys. This solution mainly operates at the wallet layer and can be deployed as long as the underlying blockchain supports the corresponding signature algorithms.
The research team also pointed out that similar structures are already feasible within the Ethereum ecosystem, for example through account abstraction mechanisms that support more flexible signature logic without directly modifying the underlying protocol. This makes the implementation path of post-quantum cryptography wallets clearer on certain blockchain networks.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
