Leading on post-quantum technology 

Algorand has been the leader in blockchain quantum resilience since 2022.

Algorand has been the leader in blockchain quantum resilience since 2022. By implementing Falcon signatures, a globally recognized post-quantum cryptography standard, Algorand already safeguards the entire history of its chain against the future threat of quantum computers.

In 2025, Algorand further extended its post-quantum readiness by executing the first quantum‑resistant transaction on mainnet using NIST‑selected Falcon signatures. This expands Algorand’s post‑quantum protections to real digital assets on a live public blockchain, not just historical transactions. 

Our Technical Brief, Quantum‑resistant transactions on Algorand with Falcon signatures, details how Falcon signatures are verified on-chain via the Algorand Virtual Machine.

The information below covers more background about the threat of quantum computing and Algorand’s technical journey to future-proof the blockchain.

The threat of quantum computing

A quantum computer is a new type of computer that is able to tackle certain classes of problems (such as integer factorization and the discrete log problem) in novel, more efficient ways than classical computers. A regular computer uses bits, like tiny switches with binary states that are either on (1) or off (0), to process information. Quantum computers use qubits, which can be in a superposition of the two basis states: on, off, or some probability of both (such as 30%/70% or 51%/49%).

The threat is that quantum computers, once they have enough error-correcting qubits and sufficient processing power, will be able to crack the commonly used encryption and digital signature schemes that protect sensitive information (passwords, credit card details, private communication, etc.) and allow us to prove our identities online. Google has been experimenting with post-quantum security since 2016, and in March 2026, released new research showing “that future quantum computers may break the elliptic curve cryptography that protects cryptocurrency and other systems with fewer qubits and gates than previously realized.” (Algorand’s post-quantum work is referenced within the whitepaper.).

In November 2024, NIST (National Institute of Standards and Technology) also put forward a draft report on transitioning to post-quantum cryptography standards, stating current cryptographic algorithms are vulnerable to quantum computers, while post-quantum cryptography (PQC) can resist attacks from future quantum computers.

 

Quantum computing and blockchain cryptography

More specifically to blockchain, quantum computing poses a threat to asymmetric cryptography, particularly in the areas of key agreement and signature schemes. The security of these schemes relies on certain mathematical problems that are simply too hard for a classical computer to solve in a reasonable amount of time. For example, elliptic-curve cryptography (ECC), which underpins most blockchains, relies on the difficulty of solving the discrete log problem. Unfortunately, quickly solving these types of problems is what quantum computers do best.

Using Shor’s algorithm, a quantum computer could break elliptic curve cryptography, potentially compromising the integrity of the blockchain, and leading to disrupted transactions and the derivation of private keys from their public key counterparts—on a massive scale. For this reason, the development and implementation of post-quantum cryptography (PQC) is crucial for safeguarding blockchains. 

What is post-quantum readiness?

Post-quantum readiness refers to a blockchain's ability to withstand the security threats posed by future advancements in quantum computing. A blockchain may be considered "quantum ready" if it can mitigate quantum attacks. It requires a post-quantum secure signature scheme and a post-quantum consensus mechanism. Crucially, existing blockchains will need to transition from classical security to post-quantum security. This process must also ensure the security of the entire chain's history, even the portion recorded before the upgrade, to prevent tampering with the past.

Algorand’s path to post-quantum readiness

Algorand’s first step to post-quantum readiness was to secure its history. In 2022, Algorand introduced State Proofs, a post-quantum secure compact certificate that attests to and compresses the ledger's state changes happening every 256 rounds. Algorand State Proofs are signed using Falcon, a post-quantum secure digital signature scheme.

In November 2025, Algorand achieved a significant leap forward by executing the world’s first post-quantum transaction on its mainnet using NIST-selected Falcon signatures. For the first time, digital assets on a public blockchain are protected by quantum-resistant cryptography, not just the blockchain’s state history.

Developers and users can now experiment with Falcon-based accounts and transactions, taking practical steps toward a quantum-secure future. See our detailed Technical Brief: Quantum‑resistant transactions on Algorand with Falcon signatures for more information.

 

State Proofs

A State Proof contains a Merkle tree attesting to the last 256 block headers. It is signed by Algorand node runners composing a supermajority of the stake. Rather than using normal ECC-based signatures, however, they use Falcon signatures. The node runners’ signatures are themselves committed to a Merkle tree using the SumHash512 hash function, a member of the subset-sum compression function family which offers ZK-SNARK friendliness over the SHA-2 family. For more information on State Proofs, please refer to the 2020 paper Compact Certificates of Collective Knowledge by Silvio Micali et al, and the related Algorand developer documentation.

 

Verifiable Random Function

Algorand’s consensus mechanism relies on the Verifiable Random Function (VRF), introduced by Silvio Micali et al. in 1999. As with other ECC-based primitives, it is vulnerable to quantum computers and will eventually need to be replaced with a post-quantum secure version.

The search for viable post-quantum VRF methods is an active area of research.

To learn more about Algorand’s VRF, visit the related developer documentation.

Core characteristics of FALCON

The NIST standardization process for post-quantum security started in 2016. At the time of writing (April 2026), two distinct approaches to post-quantum signature schemes are promising: hash-based or lattice-based, each one with different characteristics and tradeoffs. Any post-quantum algorithm poses some challenges to blockchain-constrained resources. Algorand must stay true to the original design principles: it must be secure, scalable, and decentralized. The size of post-quantum keys and signatures (bigger than the classical ones) could make running a node less accessible if the block size is increased (compromising decentralization), or could reduce performance (TPS) if the block size is preserved.

Algorand chose Falcon (lattice-based category) as it guarantees post-quantum security while being aligned with Algorand's first principles.

  • Compact efficiency: Falcon remains post-quantum secure while possessing relatively small key and signature sizes—meaning there is less data to store and manage if compared to the hash-based category, making it compatible with resource-constrained devices, like smartphones and security chips in IoT devices, consuming less block space and bandwidth (crucial for Algorand decentralization and scalability).

  • Classical compatibility: While Falcon is designed to be secure against quantum computers, it still needs to remain performant on the classical computers that we use today. This means signing a message with your private key and verifying a signature with a public key should be fast enough for practical use, even on devices with less processing power, like mobile phones. Falcon signatures are extremely efficient and fast to verify, both at the protocol layer and application layer (Smart Contracts).

  • Endurance: Falcon can potentially be tweaked or integrated with other algorithms as the cryptography field evolves, ensuring its continued relevance even as new threats or solutions emerge.

Deeper dive into Falcon 

A former Algorand Technologies cryptography engineer, Dr. Zhenfei Zhang, along with fellow collaborators, submitted two proposals to the National Institute of Standards and Technology (NIST) competition to establish new standards for post-quantum cryptography in 2016. These were NTRU, a public key encryption scheme, and Falcon, a digital signature scheme. Out of over 80 submissions from the world's top universities, researchers, and cryptographers, Falcon was ultimately selected as one of the NIST-endorsed digital signature algorithms in 2020. 

Falcon is based on Trapdoors for Hard Lattices and New Cryptographic Constructions, the pioneering group public verification (GPV) work of Craig Gentry (former Algorand Foundation research fellow), Chris Peikert (Chief Scientific Officer at Algorand Foundation), and Vinod Vaikuntanathan (MIT professor). 

In a GPV scheme and, in this case, lattice-based signatures, every message has many possible valid signatures, and a signing algorithm must ultimately choose only one of them. This proof can then be verified using a public key, without revealing any information about the individual secret keys used to create the original signatures. Traditional methods for choosing a single valid signature from many made it possible to recover the signing key from just a small number of signed messages, even using a classical computer.

The crucial innovation of the GPV work, which Falcon signatures use, is a rigorous method of selecting a valid signature in a way that reveals no information about the secret signing key. Using this method, it’s possible to safely sign a huge number of messages. Moreover, GPV showed that it is not possible to break the signature scheme without solving the lattice problem, which should be hard to solve for all computers, both classical and quantum.

DISCLAIMER: The information provided herein is for informational purposes only and does not constitute financial advice. We do not recommend that Algo or any crypto assets be bought, sold, swapped, staked, or held by you. We make no warranties or representations about the third parties linked in this page, the information contained on their websites, the assets available through them, or the suitability, privacy or security of their products or services. You acknowledge sole responsibility for and assume all risk arising from your use of third-party services, including risk of loss for assets.