Charles Guillemet, chief technology officer (CTO) of Ledger, warned that Bitcoin has the cryptographic algorithms necessary to resist quantum computer attacks, but that the network’s decentralized governance structure prevents coordinating its implementation. The statement was made on Tuesday, June 9, during an episode of the Ledger Podcast, where Guillemet spoke with Mo El-Sayed, host of that space.
According to Guillemet, the problem is not technical. Ecosystem cryptographers know which schemes to adopt: SPHINCS+, ML-DSA and Falcon, all standardized by the US National Institute of Standards and Technology (NIST) in 2024. The obstacle, he maintains, is that Bitcoin was designed to make governance expensive, a property that guarantees its neutrality but also makes a coordinated migration difficult.
The executive places this debate in a context of risk acceleration. According to their analysis, recent estimates raise the probability that a quantum computer could break ECDSA —the digital signature scheme that uses Bitcoin— to 50% by 2032. Google published a paper which shows that Shor’s algorithm requires fewer resources than previously assumed, and the open source community replicated that result using a reinforcement learning loop in just two days.
Technical options have costs
Guillemet describes the commitments what each available alternative implies. Hash function-based signatures, such as SPHINCS+, are conservative and well analyzed, but their size would reduce Bitcoin’s throughput from about 7 transactions per second to less than 1. Lattice-based signatures, such as ML-DSA and Falcon, are more compact, but have only 25 years of public cryptanalysis, compared to decades for current solutions.
Both options, according to the CTO, They also affect modern custody schemes. Threshold signatures and multiparty computing (MPC) protocols, which underpin a significant portion of today’s institutional custody, are difficult or infeasible to implement on post-quantum schemes.
Guillemet’s analysis identifies another point of friction: dormant funds. The million bitcoins attributed to Satoshi Nakamoto and the wallets with lost keys complicate any mandatory migration processas reported by CriptoNoticias. Given this, the executive proposes three possible scenarios: leaving those funds untouched, burning them on an accounting basis, or freezing them and redistributing them as a block reward over time. Guillemet considers this last option the least harmful of the three, although he recognizes that none is politically neutral.
Forks as a probable outcome
Given the difficulty of reaching a unified consensus, Guillemet anticipates that different groups within the ecosystem will promote their own forks with different algorithm choicesmigration windows and positions on inactive funds. In that scenario, he maintains, it will be the market—miners, exchanges, custodians, and exchange-traded funds—that will determine which chain is consolidated as the “real Bitcoin.”
Ledger’s CTO does not rule out an orderly outcome: the ecosystem has top-level cryptographers and the migration, although difficult, is technically feasible. However, Guillemet warns that the biggest risk is not that quantum computing arrives sooner than expected, but that the ecosystem reacts later than necessary.
Guillemet does not propose a scenario of imminent collapse, but his central warning is precise: cryptography does not fail the day the threat arrives, but the day it stops being credible. For Bitcoin, that threshold may be reached long before a quantum computer exists functional capable of breaking ECDSA.
Ledger’s CTO recognizes that the ecosystem has the technical resources and crypto talent to execute the transition. What you don’t have, according to your diagnosis, It is the coordination mechanism to do it on time. And in a system where governance is deliberately costly, that gap between technical capacity and collective action is, for now, the most concrete risk on the table.