Banks’ back-door crypto vulnerability
Stablecoins could make crypto’s quantum problem into the banking system’s problem.
The idea of financial institutions playing with crypto is predicated on a firewall between the compliant, consumer-protected world of regulated institutions versus the casino.
Asset managers and brokers can put wrappers around bitcoin, such as an exchange-traded fund, that abstracts the operational risks away from investors. They can offer stablecoins as payment tools that are safely embedded in KYC and other institutional processes, to remain compliant.
Or they can simply transact among themselves in permissioned on-chain environments.
It’s all pretty safe, which is why market turbulence in crypto, such as last October’s meltdown, don’t impact traditional financial markets or institutions.
However, the prospect of a quantum hack on the cryptographic foundations of bitcoin is one that banks should regard as a back door to their broader infrastructure. Institutions today are aware of quantum’s risk to their normal signature process, and they have heard about bitcoin’s particular risks – but these are linked in a way that may surprise. That link is the stablecoin.
Reaching the far Shor
Bitcoin and most other crypto assets are secured by elliptic-curve cryptography. We’ve known this technique is theoretically vulnerable to algorithms hypothesized by MIT mathematician Peter Shor back in the 1990s, but we never had a sufficiently powerful quantum computer to make it happen. We still don’t today, but we might within a few years, or at least by the mid-2030s.
Shor postulated it would take a multi-million qubit computer to crack the elliptic-curve safeguards of bitcoin. This refers to physical qubits, the hardware – the chips. These are prone to noise and decoherence. They are unstable and unreliable. The algorithm level of computing involves a logical qubit, which encodes information across many physical qubits to provide probabilistically clear and coherent code.
We’re still a long way from building such a powerful machine. But researchers at Google earlier this year suggested such an attack could be executed with fewer than 1,500 logical qubits, implying a machine using only half a million physical qubits. That’s still a long way off from today’s most advanced quantum machines, which haven’t developed beyond 10 logical qubits, but it cuts the timeline in half.
Not all digital assets are equally vulnerable to a quantum hack, but any assets with a known public key – including the 1.1 million bitcoin stash of Satoshi Nakamoto – will be the easiest pickings. But should those signatures become vulnerable, then so do the signature systems that support stablecoins, programmable dollars, and smart-contract ecosystems: the tools now being embedded into financial products and payment flows.
These too live on blockchains that rely on elliptic-curve signatures, including Ethereum-compatible environments and other major smart-contract chains.
On-spend scenario
The question of coins whose public keys are already exposed on-chain is well understood, but there is a more sophisticated risk: the on-spend scenario, in which a quantum attacker derives a private key quickly enough to hijack a transaction before it settles. They begin to make on-chain spending moves that are mistaken for small errors, before building into a systematic threat.
Banks using stablecoins face exposures beyond end-user wallet theft. Their risk includes operational wallets, issuer admin keys, custodial keys, oracle keys, and smart-contract governance keys. If a bank relies on stablecoins for high-value settlement, a quantum break of elliptic-curve signatures could enable an attacker to clone the private key of a settlement wallet and reroute funds without breaching the bank’s internal systems in the conventional sense.
The forensic problem is that a compromised signature still looks valid. To a blockchain, the forged transaction would appear properly authorized. To a bank’s operations team, the first symptoms might resemble reconciliation errors, routing glitches, or unexplained counterparty failures rather than a cryptographic compromise. In an environment where defenders are looking for malware, insider abuse, or API failure, a quantum-capable attacker could exploit the delay between odd-looking errors that can be explained, and diagnosing the true problem.
The dumb criminal would use a quantum computer to drain some fat accounts. This would alert the world to the problem. Presumably a criminal smart enough to develop a sophisticated quantum computer is not so dim. Rather they would use their power to silently usurp a financial system’s privileged control points.
Custodial stablecoins typically rely on admin keys or multisig structures that govern minting, burning, freezing, and sometimes contract upgrades. If a quantum attacker compromises those keys, the result may not simply be theft. It may be unauthorized issuance, selective freezing, malicious contract changes, or supply manipulation that undermines the token’s credibility as a settlement asset.
That makes stablecoins structurally different from conventional bank deposit systems. A stablecoin used by banks may look like a digitized cash rail, but its integrity depends on smart contracts and cryptographic control structures that can be attacked externally and silently. The more systemically important the stablecoin becomes, the more consequential any compromise of those control layers becomes for regulated institutions using it.
DeFi-native stablecoins create a related but distinct threat. There, governance participants, emergency shutdown committees, and oracle signers can become quantum targets. If an attacker gains effective control over those signers, they may be able to distort price feeds, alter collateral rules, or push governance changes that weaken or destroy the peg.
Lurkers
Banks with exposure through collateral, investment products, or tokenized wrappers may discover that they are not exposed merely to a coin, but to an entire governance stack built on vulnerable signatures.
The first stage of the on-spend attack would be reconnaissance. Public blockchains provide abundant historical transaction data, and with it, public keys or other useful metadata tied to valuable counterparties. The second stage would be selective key extraction: issuer admin keys, major custodial signers, and hot wallets used by banks for large stablecoin transfers. The third stage would be exploitation that blends into noise: small unauthorized mints, suspicious but not obviously impossible balance movements, and occasional interception of high-value transfers during periods of heavy network activity.
It’s like a hacker today who breaches, say, the details to one of my online subscriptions. I start getting billed for the news or the app in amounts too small to attract my attention. I get quietly drained, a few dollars at a time, for months or years before I scrutinize my spending...or until the lurker figures out the backdoor to my bank account.
And in our on-spend scenario, it’s only later that the systemic consequences become visible. A depeg could emerge if unauthorized issuance collides with market stress. DeFi collateral chains could begin to wobble. Banks using the token for treasury or settlement would discover that they face a double hit: some of their stablecoins may be missing, while the remaining balances are no longer worth par. In that sense, quantum risk turns stablecoins from a convenience layer into a transmission channel for digital financial contagion.
Managing the unknown
Is this all a bit dramatic? The tech is years away from such a possibility, and security and information teams have plenty of other, more immediate problems. But for risk managers, the relevant issue is not whether a quantum attacker is active in 2026. It is whether critical systems being adopted today will still rely on vulnerable primitives when that attacker does emerge.
Banks, payment providers, and policy makers already treat multi-year migration planning as standard for changes to core infrastructure. The post-quantum transition is no different, except that the assets involved are global, programmable, and in some cases outside the unilateral control of any one institution. A bank can change its own hardware security practices and certificate policies. It cannot by itself change Ethereum’s signature model, rewrite a stablecoin issuer’s contract architecture, or compel every counterparty to adopt a quantum-safe wallet scheme on the same schedule.
This is why the risk timeline for banks using stablecoins may be more urgent than the simple “Will quantum break bitcoin?” headline suggests. Bitcoin is the visible test case. Stablecoins are the institutional attack surface.
Banks do not need to abandon stablecoins immediately to take the threat seriously. But they do need to stop treating them as just faster dollars. A sensible response starts with a reclassification of risk:
Map stablecoin exposure as a combination of issuer risk, protocol risk, and cryptographic risk, not just liquidity and counterparty risk.
Demand visibility into the key governance and upgrade paths of any stablecoin used at scale, including who controls mint, burn, freeze, and upgrade permissions and how those controls can evolve toward post-quantum protection.
Review wallet architecture and operational addresses with quantum exposure in mind, especially where address reuse or highly visible settlement patterns make key targets easier to identify.
Thanks to tokenization becoming part of mainstream financial plumbing, stablecoins could be the mechanism by which crypto’s quantum problem becomes the banking system’s problem. But there are also sensible ways to prevent this from happening, by treating stablecoins as multi-party ecosystems, not as products.


