Blockchain is often described as trustless. No central authority, no intermediary, just mathematics holding everything together. Smart contracts inherit that trust. They execute automatically when conditions are met, written in code rather than legalese, enforced by the network rather than the courts.
English law has gradually caught up with this. The UK Jurisdiction Taskforce’s 2019 Legal Statement on Cryptoassets and Smart Contracts confirmed smart contracts can be legally binding under English law, and the Law Commission’s 2023 report on digital assets reinforced that English common law is flexible enough to accommodate novel digital property. The Electronic Trade Documents Act 2023 went further, giving electronic documents including blockchain-based trade documents the same legal status as paper ones.
Under English law, a contract requires offer, acceptance, consideration, and an intention to create legal relations. A smart contract can satisfy all of these - the code embodies the terms, execution is the performance, and the parties’ intention is established by their conduct in deploying and interacting with it.
The UK Jurisdiction Taskforce’s statement was careful to note that a “smart contract” is a misnomer in one sense, not all smart contracts are legally binding contracts and not all legally binding contracts involving blockchain are “smart” contracts. But where the elements are present, the law will recognise them.
What makes blockchain the substrate of choice is its immutability and verifiability. A transaction is signed with a private key, broadcast to the network and permanently recorded. Anyone can verify it happened. No one can silently alter it. That’s the technical guarantee that makes legal reliance on blockchain records defensible.
When you sign a transaction on Ethereum or Bitcoin, you’re using ECDSA (Elliptic Curve Digital Signature Algorithm). Your private key generates a signature that proves ownership without revealing the key itself. The network verifies the signature using your public key.
The security of this system relies on the elliptic curve discrete logarithm problem. Given a public key, computing the private key is computationally infeasible. Factoring-based cryptography (RSA) and discrete log problems are too hard.
Blockchain’s record integrity relies on SHA-256 (Bitcoin) or Keccak-256 (Ethereum) hashing.
Shor’s algorithm is the problem. Running on a sufficiently powerful quantum computer, it can solve the discrete logarithm problem efficiently, breaking ECDSA. A quantum attacker who observes your public key (which is visible on-chain once you’ve made a transaction) could derive your private key and forge transactions in your name.
The timeline is contested but cryptographers take it seriously. IBM, Google and others have published roadmaps targeting millions of physical qubits within the decade. A quantum computer capable of breaking 256-bit elliptic curve keys likely requires on the order of thousands of error-corrected logical qubits.
Grover’s algorithm weakens hash functions but doesn’t break them. It roughly halves effective hash security, reducing SHA-256 to the equivalent of a 128-bit hash. Migrating to SHA-512 or larger hash sizes addresses this. It’s the digital signatures that present the deeper problem.
The critical vulnerability window is sometimes called “harvest now, decrypt later” meaning adversaries can record signed transactions today and crack them once quantum hardware matures. For blockchain, where every signed transaction is permanently public, this is particularly acute.
If a quantum attacker forges a transaction using a harvested private key -transferring assets, executing a smart contract, altering state -the transaction will look valid to the network. The real private key holder never authorised it. Under English law, this is fraud, but recovering assets from an immutable ledger is not straightforward.
Blockchain’s immutability, the very property that makes it legally reliable, becomes a liability when fraudulent transactions are recorded. English law has remedies for mistake and fraud, i.e. rescission, rectification, restitution. These require either a counterparty who can return what was received, or a court order that some authority can enforce. A decentralised network has no mechanism to “undo” a block. There is no registrar of blockchain to serve with an order.
This creates a genuine tension, the law offers remedies but the technology may not permit them.
Suppose a smart contract was validly entered, executed, and recorded but the underlying blockchain is later shown to be compromised by a quantum attack. Does the contract remain valid? The parties intended to be bound; the execution occurred. But the assurance of integrity on which they relied was false. English courts might look to operative mistake (a mistake as to a fundamental quality of the subject matter) or misrepresentation (if a party implicitly represented the security of the technology). Neither doctrine maps cleanly onto quantum-enabled fraud.
English courts have been willing to treat blockchain records as reliable evidence precisely because of their cryptographic integrity. If that integrity is in question, if it becomes known that ECDSA on a particular chain has been compromised - courts will need to reconsider what probative weight to give such records. The Law Commission’s digital assets work assumed cryptographic security. It may need revisiting.
The good news is that the problem is solvable at the protocol level. Post-quantum cryptography (PQC) provides signature schemes resistant to Shor’s algorithm. NIST finalised its first PQC standards in 2024, including CRYSTALS-Dilithium (lattice-based signatures) and SPHINCS+ (hash-based signatures).
Some blockchain projects are already exploring migration paths. Ethereum’s long-term roadmap includes quantum resistance as a consideration for future signature schemes. The challenge is coordinating a network-wide upgrade while preserving backwards compatibility and the validity of existing transactions.
For smart contracts specifically, the migration involves more than swapping signature algorithms. The contract logic itself may need updating if it verifies signatures internally. And any off-chain data feeds (oracles) - the services that provide real-world information to smart contracts need their own communication channels to be post-quantum secured.
A hybrid approach during the transition mirrors the NCSC’s guidance for enterprise systems, deploy both a classical and a post-quantum signature, requiring both to verify a transaction. If one is broken, the other holds. This adds overhead but maintains security during the migration window.
English common law is genuinely well-suited to this challenge in some respects. It evolves through precedent rather than requiring legislative intervention, and courts have shown willingness - in Tulip Trading v Bitcoin Association (2023) and related cases to engage seriously with technical blockchain disputes.
If a quantum attacker steals cryptoassets, are they “stolen” in the legal sense? The landmark AA v Persons Unknown [2019] established that cryptocurrency is property. The question is whether a quantum-facilitated transaction constitutes conversion, and whether tracing remedies can follow assets across the chain.
If a blockchain network fails to migrate to post-quantum cryptography and assets are lost as a result, who bears responsibility? This depends partly on how courts characterise the relationship between developers, validators and users - an area that remains underexplored.
Smart contracts operating over long time periods may contain no provision for technological disruption. English law’s frustration doctrine (where a supervening event makes performance radically different from what was contracted) could be argued but frustration is construed narrowly and generally does not apply where a party assumed the relevant risk.
The Civil Evidence Act 1995 and the courts’ approach to electronic evidence will need to grapple with what “authenticated” means for a blockchain record whose underlying cryptography is contested.
For anyone building on or relying on blockchain technology in legally significant contexts…
Plan for crypto agility now: Systems should be designed to swap signature schemes without architectural rebuilding. This is engineering discipline that also has legal implications - demonstrating reasonable care in anticipating foreseeable risks.
Review long-duration smart contracts: Any contract expected to run for years should consider what happens if the underlying cryptographic assumptions change. Dispute resolution clauses, termination provisions and governing law choices matter more here than they might seem.
Follow the post-quantum standards: NIST’s 2024 PQC standards are the benchmark. Auditors and regulators will increasingly treat them as the floor for “appropriate technical measures” under UK GDPR.
Watch the case law: Tulip Trading, the Law Commission’s ongoing digital assets work, and any future litigation involving blockchain-based fraud will shape how English courts think about these questions. The doctrines are still forming.
Smart contracts were supposed to remove the need for trust -in institutions, intermediaries, and even legal systems. Encode the rules in code; let the network enforce them. But that vision has always depended on the security of the underlying cryptography. Quantum computing doesn’t just threaten blockchain; it reveals that “trustless” systems still have a trust anchor, it’s just mathematical rather than institutional.
English common law, with its flexibility and its centuries of adapting to new commercial realities, is probably better placed than most legal systems to handle this. But it will need help from technologists who understand what they’re building, and from lawyers who understand what they’re being asked to enforce.
The chain is only as strong as its cryptography. The law can only protect what the technology can authenticate.
Related reading: UK Jurisdiction Taskforce, “Legal Statement on Cryptoassets and Smart Contracts” (2019); Law Commission, “Digital Assets: Final Report” (2023); NIST Post-Quantum Cryptography Standards (2024, FIPS 203–205); Tulip Trading Ltd v Bitcoin Association for BSV [2023] EWCA Civ 83.