Quantum Threat To Bitcoin May Arrive Sooner Than Expected

A new study published by Google suggests that quantum computers may be able to break the cryptography behind Bitcoin and Ethereum far sooner than previously believed.

According to updated estimates, cracking elliptic curve cryptography: the foundation of blockchain security could require fewer than 500,000 physical qubits. This is roughly 20 times lower than earlier projections. Since qubits are the core units of quantum computation, this reduction significantly accelerates the timeline for potential real-world attacks.

A shrinking timeline for breaking Bitcoin

Researchers simulated quantum algorithms on a superconducting quantum system relevant to real-world cryptographic attacks. Their findings point to a concerning scenario: a sufficiently powerful quantum computer could extract a Bitcoin private key in approximately 9 to 12 minutes.

This timeframe is critical because Bitcoin’s average block confirmation time is about 10 minutes. In practice, this opens the door to what is known as an on-spend attack, where an attacker intercepts a public key during a transaction and derives the private key before the transaction is finalized.

Ethereum researcher Justin Drake, a co-author of the study, emphasized the urgency of the situation. He estimates at least a 10% probability that quantum computers could recover private keys from public keys by 2032.

Ethereum faces a deeper structural risk

While Bitcoin’s vulnerability exists within a narrow transaction window, Ethereum may face a more persistent and structural threat.

Once an Ethereum account makes its first transaction, its public key becomes permanently visible on the blockchain. This creates the possibility of at-rest attacks, where an attacker can attempt to derive the private key at any time, without time constraints.

Why this matters more than it seems

This architectural difference means Ethereum accounts could remain exposed indefinitely. Unlike Bitcoin users, who can reduce risk by avoiding address reuse, Ethereum users cannot fully eliminate this exposure without protocol-level changes.

Researchers estimate that the 1,000 largest Ethereum accounts, holding around 20.5 million ETH, could potentially be compromised in less than nine days under a sufficiently advanced quantum attack scenario.

The race toward post-quantum security

Google has already set a target of 2029 to transition its systems to post-quantum cryptography, warning that the “quantum frontier may be closer than it seems.”

Meanwhile, Ethereum developers have begun working on a transition roadmap that may require significant changes to validator signatures, storage systems, account structures, and proof mechanisms. Ethereum co-founder Vitalik Buterin has acknowledged that preparing for quantum threats will involve deep protocol redesign.

Bitcoin, on the other hand, is often seen as slower to adapt due to its conservative governance model.

The real bottleneck is still hardware

Despite the alarming projections, an important technical gap remains. The estimate of 500,000 qubits refers to physical qubits, not fully error-corrected logical ones. Building stable logical qubits would require significantly more resources, and this remains a major engineering challenge.

Today’s most advanced quantum processors operate with just over 100 qubits, far from the scale needed for practical cryptographic attacks.