StarkWare, the company behind StarkNet, has introduced a three-phase roadmap to transition its Layer 2 network to post-quantum cryptography. The plan aims to eliminate remaining dependencies on elliptic curves and provide migration tools for existing contracts.

1/ Starknet is a bet on post-quantum security.

Today, we’re publishing the roadmap to make that bet real.

The goal? An end-to-end post-quantum secure Starknet before Q-day 🧵 pic.twitter.com/92JGLuCk4K

— StarkWare 🥷 (@StarkWareLtd) June 30, 2026

StarkWare has labeled this roadmap as the "strongest" in the crypto industry. The team believes the network can be prepared for some quantum threats "within months." However, the final phase depends on Ethereum's post-quantum migration.

“This is our path to making StarkNet a safe haven for funds, regardless of what the quantum era brings,” said project CEO Eli Ben-Sasson.

What Changes StarkWare Will Implement

The first phase of the roadmap involves replacing Pedersen hashing with BLAKE2 in state commitments, contract addresses, and network configuration. StarkWare also plans to implement post-quantum consensus signatures, including Falcon-512.

Pedersen relies on algebraic structures tied to elliptic curves, which could become vulnerable to sufficiently powerful quantum computers. BLAKE2, on the other hand, is a hash function: while quantum algorithms may weaken its security, they do not break it in the same way as signatures based on elliptic curves.

The second phase focuses on migration tools for legacy contracts. These tools aim to assist existing applications and wallets in transitioning to new cryptographic schemes without a sudden loss of compatibility.

The third phase addresses external dependencies on Ethereum. Among these, The Block identifies system calls for bridges and data availability through BLOB objects. Starknet cannot fully update these elements on its own, as they depend on the base network's post-quantum migration.

Why Starknet Believes It Is Ready for Migration

StarkWare points to StarkNet's architectural advantage: the network utilizes STARK proofs based on hash functions. These proofs are considered post-quantum secure because they do not rely on elliptic curves. However, there are still vulnerable elements, including Pedersen hashing and account cryptography.

Another advantage of StarkNet is its native account abstraction. In the network, the signature logic is embedded at the smart contract account level rather than hardcoded into the protocol. This allows wallets to use different signature schemes without requiring a hard fork of the entire network.

In April 2026, StarkNet developers launched the post-quantum wallet S2morrow, which uses Falcon-512 instead of standard elliptic curve signatures.

Ben-Sasson described the confidence in the long-term security of elliptic curve blockchains as an "elliptical illusion." He stated that the industry is too slow in preparing for quantum risks, even though the necessary cryptographic tools already exist. Market participants estimate that a key risk lies not only in quantum computing but also in its combination with AI.

This risk is critical for the crypto industry, as most blockchains use elliptic curve cryptography. A sufficiently powerful quantum computer could theoretically derive a private key from a public one, compromising wallets.

In March, Google estimated that breaking 256-bit elliptic curve cryptography would require about 1200 logical qubits—significantly lower than previous estimates. The corporation plans to transition to post-quantum cryptography by 2029.

Post-quantum migration is becoming a competitive focus among blockchains. In the same month, the Ethereum Foundation released a roadmap for protecting the network against quantum computers. The ecosystem conducts weekly tests involving over 10 client teams, with the foundational protection infrastructure expected to be completed by 2029.

In April, Ripple unveiled a roadmap for the post-quantum readiness of the XRP Ledger, targeting 2028. The platform is testing validators in collaboration with Project Eleven.

It’s worth noting that in May, developers from Quantus stated that the cryptocurrency industry is not prepared for a transition to post-quantum cryptography, despite advancements in such computations. They claimed that much of the market still relies on classical signature schemes—ECDSA and Ed25519. Theoretically, Shor's algorithm could enable quantum computers to break these systems once they achieve sufficient power.