Skip to main content

Asset migration and quantum-safe UX

This page tells the user-facing story of moving from a classical EOA to a PQ-protected smart wallet. The cryptographic boundary that frames everything below is laid out in Threat model — read that first if you haven't.

The user's question

"Can you make my MetaMask address quantum-safe?"

The honest answer is no, not the address itself — but yes, your assets. The reason matters and it's worth getting it right in any product copy you write.

Why an address can't be retroactively upgraded

An Ethereum address is the keccak-256 hash of a secp256k1 ECDSA public key. Two consequences:

  1. Changing the signing algorithm changes the address. There is no way to keep 0xabcd… and have it suddenly verify ML-DSA signatures.
  2. Any EOA that has ever signed an on-chain transaction has had its public key recovered on-chain. That public key is "out there" for anyone to harvest now and break later, once a sufficient quantum computer exists.

There is no protocol-level move that retroactively secures an existing address.

What we can do today

We move the assets to a new address that is PQ-protected. The new address is a Safe7579 smart-contract wallet with the PQValidatorModule installed. Transactions out of that wallet require an ML-DSA signature; the wallet has no exposed ECDSA public key on-chain.

┌──────────────────┐     migrate     ┌─────────────────────────┐
│ ECDSA EOA        │  ────────────▶  │ PQ Safe7579 wallet      │
│ 0xabc…           │    (one-time)   │ 0xdef…                  │
│ secp256k1 key    │                 │ ML-DSA-44/65 key         │
│ vulnerable post-Q│                 │ PQ-protected             │
└──────────────────┘                 └─────────────────────────┘

Steps the user actually takes:

  1. Install the extension (or, when shipped, the Snap).
  2. Create a PQ wallet — the extension generates the ML-DSA keypair, encrypts it under a vault password, and stores it locally.
  3. Optionally connect to the existing EOA via MetaMask.
  4. Hit Shield my assets — the wallet builds the migration transaction(s) and prompts MetaMask to sign them.
  5. Once confirmed, the user's USDT, ETH, and supported ERC-20s live in the PQ wallet. Future moves out of that wallet require an ML-DSA signature.

That's it. The user's old EOA still exists. It can still receive funds. It is just no longer where their assets live.

What we will be able to do once EIP-7702 ships on Arbitrum

EIP-7702 ("set code for an EOA") lets a user sign a one-time authorization that delegates code execution for their EOA to a smart contract. After delegation, transactions from that EOA execute through the smart-contract logic — including a PQ validator. The user's visible address does not change.

Practical implications:

  • The MetaMask address the user has been doxxing on Twitter for years can route through our PQ validator without becoming a new address.
  • Asset migration is no longer required for the day-to-day case. The user signs one authorization and is "upgraded" in place.
  • The cryptographic caveat is unchanged: the ECDSA public key behind that address is still recoverable from the user's historical signatures, and the EIP-7702 authorization itself is an ECDSA signature. A post-quantum adversary can still impersonate the user at the moment they construct the authorization, but only if they break ECDSA before the authorization is processed. Once the delegation is set, future transactions execute under the PQ rule.

We do not ship this path yet because Pectra is not live on Arbitrum. As soon as it is, this is the second supported flow.

The three paths in one table

This is the same table from Threat model. It belongs on both pages.

LevelMechanismSame address?Status
1 — Asset migrationUser transfers assets from an ECDSA EOA into a PQ Safe7579 walletNo, new addressWorks today
2 — EIP-7702 delegationEOA signs a one-time authorization delegating execution to a PQ smart contractYes, same addressAvailable once Pectra ships on Arbitrum
3 — Retroactive same-address upgrade"Make my existing EOA PQ-safe" with no migrationN/ACryptographically impossible

Language guide

Pin this to the wall before writing any product copy.

Use:

  • "Shield your assets with post-quantum signatures in one click."
  • "Future transactions are PQ-signed and unbreakable by quantum computers."
  • "Your assets move into a PQ-protected smart wallet."
  • "Same UX as MetaMask, quantum-safe execution under the hood." (EIP-7702; only honest once Pectra ships.)

Avoid:

  • "Make your existing address quantum-safe." (False.)
  • "Retroactively protect your address." (Impossible.)
  • "Your MetaMask becomes quantum-safe." (We create a new PQ wallet; the MetaMask EOA is unchanged.)
  • "Hybrid ECDSA + PQ security." (Misleading; we sign PQ-only.)