Exclusive: Post-quantum expert says CLARITY Act could hit crypto security pricing

The CLARITY Act is mostly a crypto market structure bill, but it could still drag security risk into digital asset pricing. Moona Ederveen-Schneider, a post-quantum security consultant, told Coinpedia that the proposed Clarity Act may do more than decide who regulates which part of crypto. On May 18, 2026, the sharper investor read is simple: BTC, ETH, COIN, and crypto firms built around custody could be repriced for security risk long before quantum computers become a normal market concern. My take: this is where a dry policy bill starts touching the price screen.

Ederveen-Schneider says crypto regulation is starting to run into a harder question: can the cryptography hold up? The source post centers on Ederveen-Schneider, founder of a quantum security consultancy and former Executive Director EMEA, Financial Services. She told Coinpedia that the crypto debate is moving past compliance and into long term cryptographic survival. Most guides treat the Clarity Act as a market-structure story. That is only half right. The Clarity Act, as described in the source, is still mainly about market structure, but she says its effect on custody expectations and institutional standards could be “profound.” I do not think that is a throwaway line in 2026. After the January 10, 2024 spot BTC ETF approvals and the July 23, 2024 spot ETH ETF launch context, parts of crypto now trade like financial plumbing.

More regulatory pressure could make security part of how investors value crypto assets and the firms that hold them. The logic is blunt. If the Clarity Act leads to tougher custody norms, then security becomes part of the valuation story for COIN, BTC ETF issuers, ETH staking providers, and institutional wallets. That is analysis, not a new fact from the source. Still, it is the market link traders should watch. In 2024, BTC’s institutional pitch was ETF access. In 2026, the next question may be whether custodians can prove crypto agility, quantum resilience, post-quantum planning, and recovery discipline. Annoying but true: investors usually price security after something breaks. Regulators may force the issue earlier. Good.

Post-quantum planning is moving onto the board agenda for financial firms that touch digital assets. The source has an adoption signal, even if it does not frame it that way. Ederveen-Schneider pointed to Google’s internal 2029 migration target, similar timelines from IBM and Cloudflare, and government guidance in the US, UK, EU, and India. Why does this matter? Because those are not crypto-native timelines; they are enterprise risk timelines spilling into crypto custody. For crypto markets, that puts post-quantum planning next to reserves and custody mandates. Treasury controls sit in the same conversation too. If banks and asset managers keep adding digital asset exposure after the 2024 BTC and ETH ETF milestones, they will ask more than whether a chain works today. They will ask whether it can survive the next cryptographic era.

Bitcoin’s decentralized governance is part of the appeal. In a quantum emergency, it could also be the bottleneck. BTC has the cleanest tension here. Ederveen-Schneider said Bitcoin’s decentralized governance could become a coordination problem during a quantum-related emergency. She added that “Bitcoin’s resistance to change is both its greatest strength and its greatest vulnerability.” Anyone who traded through the 2017 block size fight or watched the 2021 Taproot activation process knows the pattern. I will be honest: Bitcoin’s slowness is one reason institutions trust it. Counter to the usual advice, though, slow governance is not always a virtue. If a fast security migration becomes necessary after other institutions hit their 2029 planning deadlines, slow change may stop looking like discipline and start looking like a discount.

The “Harvest Now, Decrypt Later” risk window is already open, even if quantum computers cannot break Bitcoin today. The source does not claim that quantum machines can crack Bitcoin right now. It says the “Harvest Now, Decrypt Later” exposure window is already open. In plain English, attackers can collect encrypted data now and try to decrypt it later when quantum capability improves. This is not a CPI print. It is not a Fed decision. It is not a sudden exchange lawsuit. The risk seeps in through custody questionnaires, insurance pricing, audit standards, board minutes, and eventually maybe even basis trades tied to BTC and ETH market structure.

Ethereum may give regulators more places to ask post-quantum questions. For ETH, the issue looks different in 2026. Ethereum investors already think in terms of upgrades, roadmap tradeoffs, staking infrastructure, client diversity, and smart contract risk. That could help if post-quantum migration becomes a protocol priority. Yes, this slightly contradicts the clean Bitcoin-versus-Ethereum framing above, but bear with me. ETH’s flexibility can be an advantage and a compliance burden at the same time. ETH also has more moving parts than BTC: staking providers, smart contract wallets, bridges, restaking systems, institutional custody integrations, and client teams. If post-quantum readiness becomes part of the Clarity Act conversation, ETH infrastructure may face more compliance touchpoints than BTC, even if Ethereum’s governance culture can move faster.

Platforms with clear post-quantum migration plans could get treated differently by investors. COIN is the obvious public market proxy. Coinbase is not named in the source, so this is market analysis, not source reporting. Still, COIN trades like a regulated crypto infrastructure bet, and custody standards sit close to its business model. Is this too early to price? Maybe for a retail trader staring at next week’s candle; not for an institution signing a multi-year custody contract. If US rules under a Clarity Act-style framework raise expectations for operational security, investors may start sorting crypto venues by their post-quantum migration plans. Clear custody roadmaps could become a real advantage. Treating quantum risk like a distant academic problem may start to look lazy.

The “exposure window is already open,” so transition planning cannot wait forever. The strongest quote in the source is short: “The exposure window is already open.” Ederveen-Schneider also warned that crypto should move beyond research and into transition planning because cryptographic migrations can take years, sometimes decades. That timeline matters. Google’s 2029 internal migration target is only 3 years away from 2026. Dormant Bitcoin wallets, including Satoshi-era holdings mentioned in the source, make the harder question obvious: who moves coins when the owner never shows up? We have seen this same governance problem in quieter security reviews: the protocol can be ready before the people are.

What this means

The CLARITY Act may push crypto regulation toward a tougher security test: can BTC, ETH, and custody rails stay trustworthy under post-quantum pressure? The event suggests crypto regulation is starting to absorb that question. Not only who supervises exchanges. Not only which token fits which box. The uncomfortable question is whether the security story survives institutional due diligence in 2026, 2029, and beyond. For BTC, the affected “level” may be less a price line than a confidence line: the market’s belief that decentralized governance can coordinate before urgency turns into panic. Watch the next concrete marker around 2029 migration targets from Google, IBM, and Cloudflare. Those dates could become reference points in institutional crypto due diligence.

Traders should watch whether the Clarity Act debate turns custody security into a visible regulatory standard. The next thing to track is whether Washington turns custody security into a clear standard for BTC ETFs, ETH products, staking providers, and COIN-style infrastructure. Also watch CME BTC and ETH futures positioning after major crypto headlines from Washington, since institutional traders often express regulatory risk there before spot investors catch up. My read: the market will ignore this until it suddenly cannot. The technical question still starts with BTC. If security concerns ever hit during a major market drawdown, the useful signal will be whether long term holders defend cycle levels or begin treating post-quantum readiness as a real risk premium.