Quantum resistant? Show me.

The next time a person or organization tells you that this or that cryptographic algorithm is quantum resistant, keep in mind that (so far as I know), the person does not yet exist who knows how to demonstrate quantum resistance.

I am disturbed by the number of official sounding pronouncements declaring an algorithm to be quantum resistant merely because Shor's algorithm cannot break it, for example. Shor's algorithm is just a factoring algorithm, it isn't like factoring numbers is the only thing that quantum computers can do.

Cryptography: navigating the early years of quantum computing

It seems probable that quantum computing will pass through some years during which quantum computers will be powerful enough to matter, but expensive enough that most people cannot afford them. If so, then cryptography will need to defend users of classical computers from quantum adversaries. Cryptography has never before had to do a thing like that.

In preparation, it seems prudent to develop open taxonomies which classify cryptocurrencies (and other applications) in terms of the cryptographic primitives on which their mandatory and optional features are based - and that also in turn classify those primitives by the mathematical assumptions on which they are based. Such a resource might help the community to more quickly, intelligently, and transparently respond to cryptanalytic surprises as they present themselves.

I do not see as much preparatory homework being done as I'd expect, and that makes me nervous.