In the high-stakes game of cryptographic cat-and-mouse, the rules just changed. Solana co-founder Anatoly Yakovenko shifted the industry’s focus away from the distant “Q-Day” of quantum computing toward a more immediate adversary: Artificial Intelligence. Yakovenko warned that AI might act as a skeleton key, unlocking post-quantum cryptography (PQC) signature schemes before they are even fully deployed.
Rise of Math Footguns and AI Cryptanalysis
The crux of Yakovenko’s concern lies in the industry’s incomplete understanding of PQC math. While researchers have spent years developing algorithms like Falcon-512 to withstand quantum attacks, Yakovenko argues that we haven’t accounted for the pattern-recognition capabilities of advanced AI. He warned of math footguns (subtle, theoretical vulnerabilities) and implementation footguns, which are the real-world coding errors made during deployment.
When Michael Egorov, the founder of Curve Finance, suggested that formal verification could bridge this security gap, Yakovenko remained skeptical. He noted that verification is only effective when developers know exactly which parameters to test. AI, by contrast, is proficient at finding the “unknown unknowns”—the logical flaws that human auditors and traditional verification tools might overlook.
A Redundant Defense: The 2-of-3 Multisig
Yakovenko’s proposed solution isn’t to find a “better” single algorithm, but to build a more resilient house. He is advocating for wallets to natively support two-of-three multisig configurations that utilize independent signature schemes. By requiring multiple, diverse types of cryptographic proof for a single transaction, the failure of one scheme, whether by AI or a quantum breakthrough, would not result in a total compromise of user funds.
On the Solana network, this would be facilitated through Program Derived Addresses (PDAs), allowing the protocol’s execution layer to enforce these multi-layered security requirements. This approach treats cryptography not as a single wall, but as a series of redundant airlocks.
The warning took a sharper turn toward the competition. Yakovenko claimed that many Ethereum Layer 2 (L2) networks are currently “quantum-vulnerable,” largely because they rely on the secp256k1 elliptic curve. The primary risk is a “Harvest Now, Decrypt Later” (HNDL) attack. In this scenario, malicious actors record encrypted L2 traffic today, waiting for AI or quantum tools to mature enough to decrypt the public keys exposed on-chain. While Solana clients like Anza and Firedancer are already integrating quantum-resistant signatures, Yakovenko suggests that many L2s may be providing a false sense of security for long-term holders.
Bitcoin’s $80 Billion Consensus
Despite these fears, Bitcoiners appear to be reaching a consensus on how to handle the most famous “vulnerable” coins: Satoshi Nakamoto’s 1.1 million BTC. Alex Thorn, head of research at Galaxy Digital, noted that because Satoshi’s holdings are spread across 22,000 individual P2PK addresses, they are actually more resilient than they appear. Each address would require a separate, high-resource attack to crack. As long as these coins remain dormant, they may serve as the ultimate “canary in the coal mine” for the era of AI-driven cryptanalysis.
