The Stellar Development Foundation (SDF) unveiled QPP, a quantum-computing response roadmap for the Stellar (XLM) network, and said it will complete the migration of all accounts to quantum-resistant signatures by the end of 2027.

Coinpost, a blockchain media outlet, reported on June 11 that the plan is designed to allow users to replace only signing keys while keeping existing addresses and transaction histories unchanged.

The Stellar Development Foundation said its “quantum response plan” divides potential threats to the network into two types. First, if Ed25519 signatures used by validators are forged, the consensus protocol (SCP) could be taken over. Second, there is the risk of account takeover. Stellar uses a structure that separates account addresses from signing keys, but because the public key is exposed as designed, critics say that if a quantum computer can derive the private key using Shor’s algorithm, accounts across the network could become targets.

The foundation cited account takeovers as the more difficult challenge. It said validator-related risks could be addressed through a protocol upgrade targeting a validator set in the hundreds, but account migration requires participation across the entire ecosystem. Still, it said Stellar, unlike existing blockchains, separates account addresses from signing keys, allowing a switch to quantum-resistant signing keys while keeping existing addresses and past transaction histories.

The rollout will proceed in three stages from 2026. In the first stage in 2026, Stellar will add quantum-resistant signature verification as a default host function to the Soroban smart contract platform. At this stage, it will support ML-DSA-44 and ML-DSA-65, standardised by the U.S. National Institute of Standards and Technology (NIST), and enterprise wallets are expected to be ready in the same year.

In the second stage in 2027, the network will formally introduce quantum-resistant signatures at the protocol level. Existing accounts can add a quantum-resistant signer to the current Ed25519 setup through set_options, without needing to create new accounts or move balances. After 2028, it will consider deprecating and retiring Ed25519 signatures, but the timing will be decided based on quantum-computing advances and the ecosystem’s readiness.

The remaining issue is how to handle dormant accounts. The foundation said community discussion will be unavoidable in the final stage. If the existing signing method is fully invalidated, it must decide whether to effectively freeze assets in those accounts or provide separate relief or recovery measures. It raised the issue as an important design point for that reason.

The Stellar Development Foundation said it is inevitable that quantum computers will break elliptic-curve cryptography on which many blockchains currently rely, and that the issue is not possibility but timing. It also said NIST established its first post-quantum cryptography (PQC) migration standard in 2024, and that the United States’ CNSA 2.0 and Europe’s DORA also set out migration timelines for financial infrastructure.

Stellar’s plan is closer to a long-term redesign of how the network operates overall. The Stellar Development Foundation said planned and safe migration is possible only by preparing now rather than moving after a crisis becomes reality. As a result, the Stellar ecosystem has entered a “long-term project” phase, moving from infrastructure adoption in 2026 to account migration in 2027 and a post-2028 clean-up of the existing signature system.