A group of researchers announced a new post-quantum cryptographic verifier for the Ethereum Virtual Machine (EVM) this Tuesday, May 19, at Ethereum Research. This development replaces a previous scheme that was compromised due to refutation of the rationale in three academic papers published between 2025 and 2026.
The new system will maintain cost parity with the current system, but introduces important changes. depends only on mathematical results Eliminates reliance on proven and unverified speculation.
This advancement is part of efforts to adapt Ethereum to scenarios using quantum computers that can break through elliptic curve cryptographic schemes such as Groth16, which is widely used in zero-knowledge (ZK) proofs. The plan is to fully secure the network by 2029.
Problems with previous design
The verifier presented in 2024 relied on a hypothesis known as. Proximity gap due to capacity limitations with Reed-Solomon code. Simply put, this conjecture attempts to narrow down the number of checks required to ensure that a polynomial is correct without checking it completely.
The problem is that this “law” has not been proven. Three subsequent studies cited on the Ethereum Research Blog, showed that it is not satisfied in all cases..
If this assumption fails, previous validation tools lose efficiency and security. More consultation is needed to maintain the same level of trust; This increases gas costs and leaves the possibility that invalid tests will be accepted at a higher rate than expected.
What’s changing: From guesswork to proven guarantees
Research shows that new validation tools replace their weaknesses with established mathematical tools.
One of the core changes is that Johnson limit, a typical result of code theorys. This limit defines a hard limit on the number of errors a system can tolerate when trying to reconstruct a message (or polynomial) without ambiguity.
In other words: Establish the extent to which information can be “corrected” without risking accepting inaccurate data. Contrary to previous speculation, this limit has been formally proven, allowing us to construct verifiable security guarantees.
Additionally, the system operates with 31-bit fields instead of the 254-bit of previous designs. This reduces computational complexity and makes validation within EVM more efficient.
Under these parameters, the authors estimate a robustness of 100 bits for a polynomial of size 2²². In practice, this means that the probability that a false test will be accepted is very low (on the order of 1 in 2¹⁰⁰).
Cost: In line with what Ethereum already uses
The estimated cost of the new validator is estimated at 5.64 million gas (approximately $3.98 in ETH trading at a price of 0.554 Gwei and over $2,200), a figure comparable to the system currently in operation.
For reference, ZK test-based solutions like StarkNet report nearly 5 million gas costs in 2021 and around 6 million gas costs in 2024.
This equivalence is important. This shows that, at least in this case, increased quantum resistance does not mean an exorbitant increase in costs.
Limitations: Cannot deploy yet
Despite the progress, the system is not yet ready for direct implementation into the main network.
The main hurdle is technical: verifier contracts. Exceeds the size limit allowed by Ethereum by more than 8,500 bytes Of 24,576 results. Therefore, the task has to be split into multiple contracts, and the task is not yet completed.
Additionally, important measurements are missing, such as the total cost of Merkle proofs excluding simplifications and the integration of verifiers within a complete knowledge proof system.
New validation tools solve important problems. Replace invalid theoretical foundations with solid mathematical foundations while maintaining competitive costs. However, it is still just one part of a larger system. Ethereum’s “post-quantum shield” until it is fully integrated and can be deployed to mainnet Continues to be a technical promise in developmentis more than a widely usable solution.
(Tag to translate) Quantum computing
