Quantum computing poses a theoretical threat to most of the cryptographic systems that underpin cryptocurrency. The relevant concern is that sufficiently powerful quantum computers could break elliptic curve cryptography — the mathematical basis for Bitcoin, Ethereum, Monero, and most other assets' key generation and transaction signing.
Zcash's situation is more complicated than a simple yes or no, because Zcash uses two different cryptographic systems for two different address types.
Zcash's two cryptographic layers
Transparent addresses (t-addresses) in Zcash use the same elliptic curve cryptography as Bitcoin — specifically secp256k1. These are not quantum resistant. A sufficiently powerful quantum computer running Shor's algorithm could derive private keys from public keys associated with these addresses. This is the same vulnerability Bitcoin faces.
Shielded addresses (z-addresses) use zk-SNARKs based on different mathematical structures. The current Orchard shielded pool uses the Pallas curve with a construction specifically chosen to have better security properties than the earlier Sprout and Sapling implementations. The quantum resistance of zk-SNARKs depends on which specific mathematical assumptions they rely on — and current SNARK constructions are not fully quantum resistant, though they have different vulnerability profiles than pure elliptic curve cryptography.
The practical timeline
Cryptographically relevant quantum computers — those capable of breaking 256-bit elliptic curve cryptography — do not exist today. The current state of quantum hardware is measured in hundreds to thousands of noisy qubits. Breaking secp256k1 would require millions of error-corrected logical qubits. The timeline for achieving this is measured in decades according to most serious estimates, with significant uncertainty in both directions.
The quantum threat to cryptocurrency is real in principle and distant in practice. Any asset that has not migrated to post-quantum cryptography before that threshold is reached faces the same class of vulnerability — including Zcash's transparent addresses.
What this means for Zcash users
Using Zcash with shielded addresses provides better long-term security posture than using transparent addresses, but does not fully eliminate quantum risk with current SNARK constructions. The Zcash development team has indicated awareness of post-quantum migration as a long-term concern. Bitcoin faces the same class of problem with no shielded pool offering even partial mitigation. In the near term — the next decade — quantum risk is not a practical concern for any cryptocurrency user.