Key Takeaways
BitGo has completed what it describes as the first post-quantum multi-party computation transaction simulation conducted by a regulated digital asset custodian, a milestone the company says marks a meaningful shift in how institutional crypto infrastructure is being prepared for a threat that does not yet exist but is moving closer.
The demonstration was conducted in partnership with Silence Laboratories and took place at a private industry event that brought together researchers, security leaders, and practitioners from Google, Stanford, and the Linux Foundation.
The simulation integrated Silence Laboratories’ newly launched PQ MPC protocol with BitGo’s existing institutional custody platform, running a complete transaction signing workflow under quantum-resistant cryptography while keeping the operational framework institutions already use entirely intact.
The technical core of the demonstration involved replacing the cryptographic primitive underlying the signing process. Institutional custody today relies on elliptic-curve cryptography, specifically ECDSA, which a sufficiently capable quantum computer running Shor’s algorithm could eventually defeat.
The new infrastructure uses ML-DSA, the digital signature algorithm standardized by NIST in FIPS 204, integrated with BitGo’s institutional custody and wallet platform.
Akshay Thakur, Director of Product at BitGo, told CCN the client experience in the simulation was deliberately unchanged.
“From the client’s seat, almost nothing changes and that’s the point. The approvals, policy controls, segregation of duties, and audit trail all stay exactly as they are. What changes sits one layer down, in the cryptography. The hard engineering is making that swap invisible to the customer. That’s the bar for custody: the math can change; the controls cannot,” Thakur Noted.
The trade-off is not trivial. Thakur explained that post-quantum cryptography is not a free swap. “ML-DSA signatures run over a kilobyte versus roughly 70 bytes for ECDSA, about a 15 times expansion in on-chain footprint, which has real block-size, fee, and propagation consequences on every chain.”
Absorbing those costs inside the infrastructure rather than passing them to the client is where the bulk of the engineering work sits.
BitGo CEO Mike Belshe said quantum computing has moved from theoretical discussion to an infrastructure planning priority.
The regulatory timeline supports that framing. Thakur told CCN the clocks are already running, set by regulators rather than headlines.
“EU DORA has mandated digital operational resilience for financial entities since January 2025. The G7 Cyber Expert Group published a coordinated post-quantum roadmap in January 2026.
NIST’s transition guidance deprecates legacy public-key cryptography by 2030 and disallows ECDSA by 2035. Google has set itself an internal 2029 migration deadline.”
The urgency is also structural to Bitcoin specifically. Thakur flagged a figure that underscores the stakes: roughly 6.9 million Bitcoin sit in addresses whose public keys are already exposed on-chain.
On the first day a capable quantum computer becomes operational, those coins become vulnerable to whoever runs the attack first. No custodian can fix the base layer, but the institutional layer can be ready.
One of the more candid observations in Thakur’s comments to CCN concerns a gap the industry has not widely acknowledged.
“The post-quantum standards were optimized for things other than thresholding. MPC-friendliness was, frankly, the variable nobody standardized for,” Thakur said.
Most institutional custody runs on threshold signing, where no single party ever holds a complete private key.
The new NIST signature standards were not designed with that model in mind, which means integrating post-quantum signatures into MPC-based workflows involves solving an engineering problem left open by the standardization process.
Stanford’s Dan Boneh was among the researchers present at the demonstration event. Thakur told CCN BitGo currently intends to move toward mainnet deployment in step with blockchain networks as they implement their own quantum-resistant upgrades, describing the simulation as the beginning of a migration rather than its conclusion.
For an industry accustomed to measuring security in terms of today’s threats, BitGo’s demonstration is a signal that the timeline for tomorrow’s threats has shortened enough to warrant building now.