Ethereum’s massive fee shock: New post-quantum signatures are 40x larger, threatening to crush network throughput and user costs

Ethereum has prioritized post-quantum cryptography (PQ), forming a dedicated team and offering prizes, despite counterarguments from firms like a16z crypto suggesting quantum threats are overstated. The urgency stems from the vast engineering surface area involved in changing signature schemes across wallets, consensus, and L2s, requiring years of lead time.

The immediate technical challenge is signature bloat: new candidates like ML-DSA produce signatures up to 2-3 KB, compared to ECDSA's 65 bytes, potentially increasing gas costs by over 37,000 gas per transaction. This threatens network throughput and consensus efficiency, as Ethereum relies heavily on BLS signature aggregation for validators. Ethereum's strategy involves betting on hash-based cryptography and zero-knowledge (ZK) aggregation (like STARKs) to compress signatures, mirroring their existing consensus mechanisms.

The migration also involves significant social and UX hurdles, requiring seamless key rotation for Externally Owned Accounts (EOAs) and hardware wallet updates. The debate centers on optimizing for different failure modes: the Ethereum Foundation prioritizes avoiding rushed coordination under pressure, while a16z warns against self-inflicted wounds from deploying immature standards too early. Ultimately, PQ readiness is becoming an institutional credibility metric, and the winning chain will be the one that successfully migrates users while preserving fee economics and consensus efficiency.

(Source：CryptoSlate)