Ethereum co-founder Vitalik Buterin outlined a detailed quantum-resistance plan as researcher Justin Drake introduced the long-range Ethereum Strawmap. The document spans seven projected forks through 2029 and targets faster finality, higher throughput, native privacy, and post-quantum cryptography. According to Buterin, the changes would come incrementally through coordinated protocol upgrades.
Ethereum Strawmap Charts Fast L1 and Quantum Defense
Vitalik Buterin first addressed four quantum-vulnerable areas in Ethereum. These include consensus-layer BLS signatures, KZG-based data availability, ECDSA signatures for EOAs, and application-layer proofs using KZG or Groth16. He said engineers can replace each component step by step rather than in a single overhaul.
On consensus, he proposed replacing BLS signatures with hash-based signatures such as Winternitz variants. He also suggested using STARKs for aggregation under lean consensus. Before lean finality, Ethereum could deploy a lean available chain with fewer signatures per slot, reducing aggregation demands.
He stressed that hash function selection remains critical. Conventional hashes run too slowly, while aggressive Poseidon2 variants faced recent security scrutiny. Likely options include Poseidon2 with added rounds, Poseidon1, or BLAKE3.
Data availability presents additional constraints. Ethereum currently relies on KZG commitments for erasure coding and linearity. While STARKs could replace KZG, they complicate 2D data availability sampling and require recursive proofs larger than blobs. Buterin said PeerDAS and 1D sampling may suffice given Ethereum’s conservative scaling posture.
Account Abstraction and Proof Aggregation
For EOA signatures, Buterin pointed to native account abstraction under EIP-8141. That design enables accounts to adopt quantum-resistant schemes. Aside from Ethereum’s quantum threats, Bitcoin’s quantum threats have also been under scrutiny, with Michael Saylor saying it’s decades away.
However, Buterin said hash-based signatures cost roughly 200,000 gas to verify compared with 3,000 gas for ECDSA. He also referenced lattice-based signatures. Today, they verify inefficiently. Yet proposed vectorized math precompiles could reduce gas costs through operations such as NTT and dot products. Over time, recursive signature aggregation at the protocol layer could push verification overhead close to zero.
Proof systems face similar constraints. A ZK-SNARK consumes 300,000 to 500,000 gas, while a quantum-resistant STARK approaches 10 million gas. Buterin said validation frames under EIP-8141 would allow off-chain aggregation, replacing large signatures and proofs with a single block-level STARK. Nodes could propagate verified transaction bundles every 500 milliseconds, limiting on-chain overhead to one proof.
Ethereum Strawmap Sets Throughput and Privacy Targets
Ethereum Foundation researcher Justin Drake described the Ethereum Strawmap as a coordination tool. It outlines five “north stars”: fast L1, gigagas L1 throughput, teragas L2 scaling, post-quantum L1 security, and private L1 transfers. This comes after Coingape reported that the Ethereum Foundation began staking 70,000 ETH as part of its treasury policy.
The new roadmap projects seven forks by 2029, assuming a six-month cadence. It groups upgrades across consensus, data, and execution layers, with defined headliners per fork. Planned targets include 10,000 TPS on L1, 10 million TPS across L2s, and finality between six and 16 seconds through a one-round BFT algorithm called Minimmit.
Slot times could gradually fall from 12 seconds to as low as two seconds. Buterin said reductions would follow a measured formula and occur only after safety validation. He described the overhaul as a gradual “Ship of Theseus” replacement, swapping components without halting the network.