The Q-Day
Rotation.
Every blockchain not built quantum-adaptive from genesis faces an unwinnable choice. Freeze user wallets and abandon decentralisation, or let them drain and abandon trust.
QuanChain is the only chain that doesn't.
Quantum computers will break ECDSA.
That's not the thesis.
Everyone in crypto knows the headline. Q-Day is coming. NIST finalised post-quantum standards. Roadmaps are in motion.
The actual problem is what happens during and after that migration. and almost nobody is pricing it in.
A single high-value Bitcoin wallet falls. Headlines call it "Bitcoin Hacked." Public will not distinguish protocol from user.
Exposed holders rush to migrate. Exchanges freeze withdrawals. The 8-20% of supply that can't migrate becomes a perpetual short.
Each quantum advancement cracks deeper. Quantum operators aren't crypto-natives. They cash out to fiat. Liquidity leaves permanently.
$0B+
in exposed wallets, right now.
Real on-chain addresses with public keys already visible, pulled live from Blockstream. Every one of them is on a countdown.
See the full live ranking at /resources/vulnerable-wallets
Cost to hack one wallet.
Year by year.
Modelled from published research: Google's March 2026 paper, Project Eleven Q-Day Prize milestones, NIST timelines. Each year is a 5-10× cost drop.
Existing chains face a choice
that cannot be won.
Wallets get drained.
The 8-20% of supply that can't migrate gets cracked over time. Each breakthrough adds another tranche of compromised wallets. Quantum operators cash out to fiat.
- →Perpetual liquidity drain
- →Confidence collapse on every quantum milestone
- →Native token cannot regain momentum
The protocol becomes the censor.
Freezing exposed wallets requires a coordinated, authority-driven seizure. The chain proves it can confiscate. Once that precedent exists, no one holds long-term. Every future migration window risks your funds.
- →Destroys the entire value proposition
- →Miss an announcement → wallet seized
- →Sets precedent for any future freeze
Both paths permanently undermine why anyone holds a chain's native token. Decentralisation is the moat. Once it cracks, it cannot be rebuilt.
Static PQ doesn't scale.
Adaptive PQ is the only path.
Post-quantum signatures are 50-100× larger than ECDSA. A chain that bolts on full PQ to every transaction becomes either:
The only viable path is right-sized cryptography. Bolt-on chains cannot do this. QuanChain was built for it.
Why no existing chain
can be retrofitted.
Quantum exposure isn't one bug. It's a stack of structural problems that compound. Fixing any one of them in isolation doesn't solve the others.
The migration paradox
Bitcoin can't make every wallet migrate. Lost keys, dormant addresses, dead holders, slow exchanges. Projections put 8-20% of supply as permanently unmigratable.
The freeze paradox
A chain can avoid drain by freezing exposed wallets. Doing so destroys the entire promise of blockchain. Once you can freeze for one reason, you can freeze for any reason. No one holds long-term on a chain that might seize their funds for missing an announcement.
The gradual-upgrade trap
Post-quantum signatures (Dilithium, SPHINCS+) are 50-100× larger and slower than ECDSA. Bolt-on PQ either makes the chain prohibitively expensive or unusably slow. There's no middle ground without protocol-level adaptive scaling.
The fiat outflow loop
Quantum researchers and hardware operators aren't crypto-natives. When they crack a wallet, they cash out to fiat. Every hack is a permanent removal of liquidity from the chain, not a redistribution.
The Lindy reversal
Older chains have larger attack surfaces: more historical addresses, more dormant wallets, more exposed public keys. Bitcoin's 16-year history is now a liability, not a moat.
The anti-halving
Each quantum advancement effectively increases supply. Dormant compromised wallets dump back into circulation. The narrative inverts: every quantum milestone is a permanent dilution event.
The L2 contagion
Arbitrum, Base, Optimism inherit Ethereum's vulnerability. When the L1's legacy wallets crack, every L2's bridge, TVL, and trust cascades down with it.
“Bitcoin Hacked”
is the only headline anyone will remember.
The general public will not distinguish “legacy P2PK wallets compromised” from “Bitcoin's cryptography broken.” Momentum doesn't recover from this kind of headline.
Institutional flight
BlackRock IBIT, Fidelity Wise Origin, Strategy: all have public custody addresses. The first attack on any of them rewrites the entire ETF thesis overnight.
Retail trust
Crypto's mainstream momentum took 16 years to build. One Q-Day headline cycle can erase a decade of normalisation in weeks.
Regulatory pressure
Post-incident regulators will demand chain-level controls. Chains that comply lose decentralisation; chains that don't lose access to markets.
When the stack breaks,
builders migrate.
Crypto's 2017 → 2021 → 2024 cycle map shows where capital and builders rotate to when trust events hit. After Q-Day, there's only one destination that doesn't have the same structural problem.
Where does TVL go after the first Q-Day hack?
Same question, repeated every quantum advancement. Static-PQ chains each hit their own “mini Q-Day” over a 10-year window. Capital looks for the one chain where the question doesn't apply.
Where do builders go when bridges break?
L2s inherit L1 vulnerability. Every L2 ecosystem on Ethereum has a structural expiry date. New protocols launching post-2027 will choose the chain where their TVL can compound for decades, not years.
The bet isn't that QuanChain replaces Bitcoin. It's that every dollar of new protocol TVL post-2027 has only one rational home.
Not retrofitted.
Built here.
QuanChain is the only blockchain where dynamic, auto-migrating quantum security is part of the protocol from genesis block one. Not a v2 roadmap item. The architecture itself.
No public key
ever protects value at rest.
Permanent identity using ML-DSA-87 + SLH-DSA-SHA2-256f composite (FIPS 204/205). Used only at registration and emergency recovery. Cold.
Every transaction atomically derives a new child wallet, retires the spent key, and updates the parent resolution table. The public key that could be cracked is never in use.
Right-sized cryptography from Level 1 (classical ECDSA, 128-bit hash) up to Level 20 (parent composite, 1024-bit hash). Address itself encodes security level: QC15_…
The Quantum Oracle
migrates wallets before they're vulnerable.
No wallet freezing. No coordinated migration window. No central announcement to miss. Migration happens at protocol level, through normal transactions, triggered by real-time quantum threat assessment.
LQCp/h tracking
Continuous monitoring of Logical Qubit Cost per Hour ($10M+ today). Tracks IBM, Google, academic hardware advances.
Three-tier alerts
Suggested (3× cost), Automatic (1.5× cost), Emergency (10× cost). Migration is a normal SpendAndRotate, invisible to users.
Quantum canaries
Funded canary wallets at known security levels. If one is compromised, all wallets at or below that level auto-migrate.
You can't retrofit this
after launch.
Every architectural choice in QuanChain compounds the others. None of them can be added to an existing chain without coordinating every wallet, contract, bridge, and exchange simultaneously, the impossibility described above.
Parent/child wallet model
Cannot be added to Bitcoin or Ethereum without a hard fork that breaks every existing wallet.
Variable-length address hashing
Bitcoin's address format is fixed. Changing it splits the chain.
Three-channel architecture
Separate transaction highway, contracts, and storage. Requires genesis-level design. Cannot bolt onto a monolithic chain.
Quantum Oracle integration
Threat-triggered migration is a consensus rule. Adding consensus rules retroactively requires unanimous validator coordination.
CCRP multi-chain anchoring
External anchors prevent the chain itself from being the single point of failure. Cannot be added without years of cross-chain coordination.
Proof of Coherence
Logarithmic stake scaling + performance weighting can't be added to existing PoW or PoS chains without disenfranchising current validators.
Quantum-grade security.
Solana-grade performance.
Security derived from
the entire industry.
QuanChain anchors state into Bitcoin, Ethereum, Solana, Sui, Polygon, and Arweave. To rewrite QuanChain history, an attacker would need to attack every major chain at once.
Estimated reorg cost: $100B+
The Q-Day
Rotation.
Every multi-year crypto rotation has a name in retrospect. The 2017 ICO boom. The 2020 DeFi summer. The 2024 ETF cycle. The next one is structurally inevitable.
First public hack (2028), Q-Day per Google (2029), mass exploitation (2031). Five-year window where the thesis plays out incrementally.
Every quantum milestone is bad for incumbents and good for QuanChain. Negative catalysts elsewhere are positive catalysts here.
This isn't hype-driven. The cryptography, the economics, and the headlines compound in the same direction.
Testnet live now.
Mainnet 2027.
Testnet launch
4-validator public testnet. TADEQS, Proof of Coherence, Quantum Oracle all live.
TADEQS pipeline
Composite parent identity (FIPS 204/205), Merkle-proof SpendAndRotate, end-to-end client signing.
Wallet v1.3 + hardening
Chrome wallet ships full TADEQS flow. External validators, HTTPS RPC, security audits in progress.
Mainnet + CCRP
Mainnet launch and CCRP anchoring active across Bitcoin, Ethereum, Solana, Sui.
Q-Day rotation
First public quantum hack expected on legacy chains. QuanChain is the only chain unaffected.
Verifiable on-chain.
Every claim is backed by something independently verifiable: on-chain, in the open-source codebase, in the running testnet.
Position before
everyone else has to.
The Q-Day rotation isn't a question of if. The only question is whether you're positioned before the first headline or after it.
Forecasts are not financial or investment advice. Quantum timelines depend on hardware breakthroughs that cannot be predicted with certainty. This deck describes QuanChain's architectural thesis; actual returns depend on execution, adoption, and broader market conditions.