Trump Set a 2031 Deadline to Quantum-Proof Federal Encryption. Crypto Runs on the Same Math, With No Deadline at All.
The United States government does not think quantum computers are a problem for the 2040s. It thinks they're a problem for 2031.
This week, President Trump signed two executive orders that, among other things, put a hard federal clock on cybersecurity. The blunt-titled one — "Securing the Nation Against Advanced Cryptographic Attacks" — orders agencies to move their highest-value systems to post-quantum cryptography by the end of 2030, and to replace their digital signatures by the end of 2031. The cryptography Washington is now racing to rip out is the same category of math that secures every wallet in crypto.
A deadline is a confession.
Agencies don't set migration timelines for threats they consider science fiction. Putting "December 31, 2031" on paper is the government conceding something the crypto industry has spent years waving away as a problem for later. The clock is real enough to legislate against.
The fear has a specific shape. Adversaries collect encrypted data now and decrypt it later, once a working quantum machine exists. They don't need the computer today. They need a copy today and patience. State secrets qualify. So does every public blockchain, where the data is already copied — by design — onto every node on Earth.
Here's the part the order doesn't say out loud, because it isn't Washington's job to say it. Bitcoin and nearly every other chain authorize transactions with elliptic-curve signatures, the exact thing a large quantum computer would unwind first. By one estimate, around a quarter of Bitcoin's value by weight sits in addresses whose public keys are already exposed on-chain. Roughly 1.6 million coins sit in ancient pay-to-public-key outputs — including the roughly one million tied to Satoshi himself, keys naked on the ledger since 2009.
And the engineering estimate just moved the wrong way. Earlier work pegged the cost of breaking the curve at millions of qubits. A recent Google estimate trimmed that sharply, suggesting the real number might sit under 500,000.
The skeptics are right about the hardware.
They are. Today's most powerful machines run around 1,500 qubits, against the 500,000-plus you'd need — and the working consensus among the people who actually build these things, Google and Coinbase advisors among them, is a five-to-ten-year window. Mining survives. The hashing survives. The protocol isn't broken; much of the exposure traces to sloppy address reuse, not a flaw in the design. If you wanted to file this under "not this cycle," the evidence is on your side.
But Washington isn't migrating a network it doesn't control.
That's the asymmetry nobody in crypto wants to sit with. The federal government can hit a deadline because it has an Office of Management and Budget that issues a directive and agencies that have to comply. Bitcoin has no OMB. It has a fractious base of node operators and holders who couldn't agree on block size a decade ago, let alone a coordinated signature overhaul touching every coin in circulation.
The hardest coins to protect are the ones nobody can move at all. The proposal already circulating — freeze the exposed dormant wallets, Satoshi's included, before an attacker drains them — is a civil war in miniature. Freeze them to save them, and you break the one promise the whole thing was built on: that no one can touch your keys. Leave them exposed, and you stage the largest theft in history. Choose.
This is why core developers have spent more than a year quietly drafting quantum-resistant upgrades, from BIP-360 to hash-based schemes like SPHINCS+. It is a $1.3 trillion migration problem running entirely on volunteer coordination — against a clock the U.S. government just made official.
There's a quieter version of this exposure that never makes headlines. Every long-dated lock and vesting schedule is a wager that the chain underneath stays valid for the full life of the contract. Team Finance lives in exactly that unglamorous layer — locking team tokens and enforcing vesting that runs for years, on the silent assumption that the chain's signatures outlast the lock. Plenty of multi-year commitments in this market carry that assumption without ever pricing it.
None of this is happening in a policy vacuum. The same administration just took equity stakes in nine quantum-computing companies, and Trump signed the orders flanked by the president of Google and the CEO of IBM. The state is funding the machine and racing to outrun it in the same week. That's not paranoia. That's a hedge.
The quantum threat was always framed as a physics question — how many qubits, how many years. That was never the real question. The real one is organizational. Washington just proved the fix is doable when someone holds the authority to mandate it. Crypto's entire pitch is that no one holds that authority. So the industry now has to pull off the hardest coordinated upgrade in its history using the one tool it deliberately threw away: a central command that can set a date and enforce it.
The government already set its date. The only thing left to learn is whether crypto answers before the machine that makes the question urgent finishes booting up.