A scenario like the 2016 Ethereum split might end up being an option for reverting some specific fund transfers, but then, even if an alternative crypto patch would be instantly available to start things up again, if everyone has a private key that needs to be replaced at that moment in time, key replacement itself will become the new attack factor.

The IMO best solution is to offer a migration path to users while we can still trust the old keys (because powerful enough quantum computers aren't there yet). Not everyone will do this in time, if at all, so there is then a second problem. If your account is safe, but that of 40% of all HIVE holdings isn't, that 40% could disrupt the market to such an extent that you could lose most of the value of your holdings even if you have yourself migrated. As such, as a second part of being post-quantum ready (not covered by this proposal), we will need to look into measures that could allow for market separation between funds in accounts that have upgraded to post quantum ready signing keys, and funds held by accounts that still will only have ECDSA siging keys at the time that a QC attack becomes a realistic threat.