Home / Education / Crypto / Security / Google Warns Quantum Computers Could Break Bitcoin and Ethereum Encryption in 9 Minutes — Are Your BTC and ETH at Risk?
Google Warns Quantum Computers Could Break Bitcoin and Ethereum Encryption in 9 Minutes — Are Your BTC and ETH at Risk?
Share
Key Takeaways
For years, quantum computing breaking crypto was treated as a distant possibility. Google’s new research changes that narrative.
More than a million Bitcoin from early address types may eventually become vulnerable.
Bitcoin’s security model is relatively simple, but Ethereum’s programmable architecture introduces additional exposure.
Solutions already exist in the form of post-quantum cryptography, but migrating decentralized networks is complex.
On March 31, 2026, Google quietly published a research paper that may become one of the most consequential documents in the history of cryptocurrency security.
Google researchers suggested that future quantum computers may be able to break the encryption protecting Bitcoin, Ethereum, and other cryptocurrencies using far fewer resources than previously believed.
In some scenarios, they estimate that private keys could be derived in minutes.
Time Spent on Key Derivation (Days). | Source: Google
For an industry built entirely on cryptography, that is not just a technical detail. It is a foundational shift.
This is not the first time quantum computing has been discussed as a threat to cryptocurrency. But previous warnings often focused on distant timelines.
Google’s new analysis changes the conversation from “someday” to “prepare now.”
How Cryptocurrency Security Actually Works
To understand the implications, it is important to understand how cryptocurrencies are secured.
Bitcoin, Ethereum, and most blockchains rely on elliptic curve cryptography. This cryptography creates two keys:
Public key
Private key
The public key is visible to everyone. The private key must remain secret.
Security depends on a simple assumption. It is extremely easy to generate a public key from a private key, but practically impossible to reverse the process.
This mathematical challenge is called the Elliptic Curve Discrete Logarithm Problem.
If someone could efficiently solve this problem, they could:
Derive private keys
Sign transactions
Transfer funds
Control wallets
Classical computers cannot do this efficiently. Even the most powerful supercomputers would require enormous time.
Quantum computers change that.
Shor’s algorithm, discovered in 1994, allows quantum computers to solve discrete logarithm problems exponentially faster than classical machines. The algorithm has been known for decades, but running it at scale requires fault tolerant quantum computers.
Google’s research suggests that such machines may require fewer resources than previously believed.
Google’s New Resource Estimates
Google researchers developed optimized quantum circuits designed to break 256-bit elliptic curve cryptography.
Their findings suggest:
Less than 1200 logical qubits
Around 70 to 90 million quantum gate operations
Fewer than 500,000 physical qubits
Execution time measured in minutes
This represents roughly a twenty fold reduction compared to earlier estimates.
In quantum computing, reductions in resource requirements are critical. When required hardware shrinks, the timeline for practical attacks moves closer.
🚨 Google has sounded the quantum alarm 🚨
Today, they released groundbreaking progress towards breaking crypto using a quantum computer.
TLDR – Existing cryptography is dead. Mempool attacks are real. We must migrate to post-quantum now.
The research also introduces an important operational detail. Under certain assumptions, quantum attacks could occur within Bitcoin’s transaction confirmation window.
Bitcoin block time averages around ten minutes. Google estimates quantum key derivation could occur in roughly nine minutes.
This opens the possibility of real time transaction attacks.
Three Types of Quantum Attacks on Crypto
Google researchers identified three distinct categories of quantum attacks. Each type affects different parts of the crypto ecosystem and may emerge at different stages.
These include:
On-Spend Attacks
At-Rest Attacks
On-Setup Attacks
Each represents a different level of risk and complexity.
Each introduces additional cryptographic dependencies. That said, quantum attacks on these systems could create systemic risk.
Bitcoin Address Types and Quantum Risk
Bitcoin is often described as a static system, but its security model has evolved significantly over time. As the network matured, developers introduced new address types designed to improve efficiency, privacy, and flexibility.
Each upgrade solved existing limitations, but some also introduced new tradeoffs. Quantum computing now adds a new dimension to how these design choices are evaluated.
Each of these formats handles public keys differently. That difference matters when considering quantum attacks.
Quantum vulnerabilities of Bitcoin script types. | Source: Google
Early Bitcoin transactions, especially during the first years of the network, commonly used P2PK addresses. These addresses stored the full public key directly on the blockchain. At the time, this was efficient and simple. There was little concern about quantum computing, and exposing the public key did not pose any realistic risk.
However, from a quantum perspective, these early addresses are the most vulnerable. If a public key is already visible, a future quantum computer could theoretically derive the private key without needing to wait for any additional activity. This makes early Bitcoin addresses particularly sensitive to at-rest quantum attacks.
As Bitcoin matured, developers introduced P2PKH, which improved security by hashing public keys instead of revealing them directly. In this model, the blockchain stores a hash of the public key rather than the key itself. The actual public key is only revealed when funds are spent.
Evolution of Protocol Usage Over Time. | Source: Google
This design significantly reduces exposure. A quantum attacker cannot derive a private key without first seeing the public key. If funds remain unspent, the public key remains hidden, making dormant wallets harder to target.
Later, P2SH introduced even greater flexibility. This format allowed users to define more complex spending conditions, including multi-signature wallets and smart contract-like functionality. Importantly, P2SH also hides scripts and keys behind hashes until they are used, providing additional protection against long-term exposure.
The introduction of SegWit in 2017 further improved efficiency and reduced transaction size. SegWit also maintained the principle of hiding public keys until spending, which provided continued protection against at-rest quantum attacks.
However, Taproot, introduced in 2021, brought a new tradeoff. Taproot improves privacy, reduces transaction complexity, and enables more advanced scripting capabilities. But Taproot also stores public keys directly in certain cases. From a quantum perspective, this reintroduces exposure similar to early address formats.
Evolution of BTC supply over time by protocol type.| Source: Google
This does not mean Taproot is insecure today. Classical cryptography remains strong. But when evaluating long-term quantum risks, Taproot creates additional considerations.
The evolution of Bitcoin address types demonstrates how security, efficiency, and flexibility often compete. Improvements in one dimension may introduce tradeoffs in another. Quantum computing introduces a new factor in that balance, forcing developers to reconsider design decisions that once seemed safe.
Ethereum Expands Quantum Attack Surface
Bitcoin’s design is intentionally simple. It focuses primarily on storing and transferring value. Ethereum, by contrast, is a programmable blockchain that supports decentralized applications, financial services, and tokenized assets.
This flexibility also expands the potential quantum attack surface. Ethereum introduces several layers of cryptographic dependency:
User accounts secured by elliptic curve cryptography
Layer-2 scaling solutions relying on cryptographic proofs
Bridges connecting assets across networks
Stablecoins and tokenized assets governed by smart contracts
Taxonomy of Ethereum Components and Vulnerabilities. | Source: Google
Each of these components relies on cryptographic primitives that could eventually become vulnerable to quantum attacks.
For example, Ethereum accounts function differently from Bitcoin addresses. Ethereum uses an account-based model, where wallets remain visible and reused over time. This increases exposure, since public keys may remain accessible longer.
Validator infrastructure introduces additional risk. Proof-of-stake systems depend on validator keys that secure consensus. If these keys were compromised, attackers could potentially influence network operations.
Smart contracts create another layer of complexity. Many decentralized finance protocols rely on administrative keys for upgrades, governance, or emergency controls. If these keys were compromised, attackers could manipulate entire platforms.
Bridges and layer-2 networks introduce even more cryptographic dependencies. These systems often rely on multi-signature wallets, zero knowledge proofs, or trusted setups. Each introduces potential quantum vulnerabilities.
Breakdown of Total Value Secured (TVS) across major scaling protocols. | Source: Google
Stablecoins further expand the impact. Many stablecoins are governed by smart contracts and administrative controls. Quantum attacks on these systems could extend beyond cryptocurrency into broader financial infrastructure.
Admin Vulnerability exposure across distributed Real World Assets (RWAs). | Source: Google
Ethereum’s flexibility has enabled innovation across decentralized finance, NFTs, and tokenized assets. At the same time, this complexity increases the number of components that must eventually transition to quantum resistant cryptography.
Quantum Progress Is Accelerating
Quantum computing has long been described as a future threat to encryption. What has changed recently is the speed of progress.
Earlier estimates suggested millions of qubits would be required to break elliptic curve cryptography. These numbers made quantum threats seem distant.
Recent research, including Google’s analysis, suggests far fewer qubits may be required. Improvements in algorithms, error correction, and architecture have steadily reduced resource requirements.
Quantum computing development follows two parallel tracks:
Hardware improvements increase the number and quality of qubits.
Algorithmic improvements reduce the number of qubits required.
These trends compound. Even modest improvements in both areas significantly reduce timelines.
Today, Google Quantum AI published a research paper that might boost the post-quantum migration. Their team has tailored Shor’s algorithm to solve the 256-bit Elliptic Curve Discrete Logarithm Problem. ECDLP is the hard mathematical problem that secures ECDSA: the signature… pic.twitter.com/CDzn4ydN2z
Google’s research highlights how algorithmic optimization alone can reduce resource requirements by an order of magnitude. Future advances may reduce them further.
Quantum computing is also moving beyond experimental demonstrations. Companies and research labs are scaling hardware, improving error correction, and exploring new architectures.
While large scale fault tolerant quantum computers remain difficult to build, progress is steady. The direction of travel is clear, even if timelines remain uncertain.
What Can Be Done to Protect Bitcoin and Ethereum From Quantum Attacks
Google’s research makes one point clear. Quantum risk is not immediate, but preparation cannot wait. The transition to quantum-resistant cryptography will take years, and early mitigation steps can significantly reduce exposure in the meantime.
One of the most practical recommendations is reducing public key exposure. Quantum attacks require access to public keys. Bitcoin users can lower risk by avoiding address reuse and moving funds from older formats such as P2PK or reused P2PKH addresses into newer wallets that hide public keys until spending. Ethereum users can similarly rotate wallet keys or migrate to smart contract wallets with upgrade capabilities.
Google also highlights private transaction infrastructure as an important defense. Private mempools or commit-reveal schemes can limit the time attackers have to intercept transactions. These approaches reduce the risk of real-time on-spend attacks by hiding public keys until confirmation.
Another short-term measure involves multi-signature wallets and key rotation. Requiring multiple keys increases attack complexity and reduces exposure from long-term key reuse. Validator key rotation is particularly important for Ethereum’s proof-of-stake system.
Ultimately, the long-term solution is post-quantum cryptography. Several quantum-resistant signature systems already exist, and some blockchains have begun testing them. However, upgrading decentralized networks requires coordination, consensus, and time.
Some blockchain projects are already exploring quantum resistant designs. However, migrating large decentralized networks is challenging.
Blockchain upgrades require:
Network consensus
Wallet software updates
Protocol modifications
Infrastructure changes
These processes take time. Past upgrades such as SegWit and Taproot illustrate how long consensus driven systems evolve.
Migration must also balance efficiency and decentralization. Post quantum cryptography often requires larger signatures and increased computational overhead.
This creates tradeoffs between security and scalability.
Despite these challenges, migration remains technically feasible. Many experts believe gradual transition will occur over time.
Crypto Has Time But Not Forever
Google’s research does not mean Bitcoin or Ethereum are about to be hacked.
Large scale quantum computers capable of these attacks do not yet exist. Engineering challenges remain significant.
However, the trend is unmistakable:
Quantum computing is advancing.
Resource requirements are shrinking.
Algorithmic improvements continue.
Google’s whitepaper frames quantum computing as a singular discontinuity in digital security, with wide ranging consequences across cryptocurrencies and digital infrastructure.
For cryptocurrency, the implications are especially important. Unlike traditional finance, blockchain systems offer no recourse once funds are stolen. A single forged signature could result in irreversible losses.
The industry has navigated existential challenges before:
Exchange collapses
Protocol bugs
Governance disputes
Scaling limitations
Each time, it adapted.
Quantum computing may represent the next major transition. The difference this time is that the warning has arrived early. That gives developers, institutions, and users time to prepare.
But the timeline is no longer theoretical. And the race to build quantum resistant crypto has already begun.
No. Quantum computers capable of breaking elliptic curve cryptography do not yet exist. Current quantum machines are still far from the scale required for real-world attacks. Google’s research focuses on future scenarios, not present vulnerabilities. However, the shrinking resource estimates suggest that preparation should begin sooner rather than later.
Which crypto assets are most vulnerable to quantum attacks?
Early Bitcoin addresses that expose public keys are among the most vulnerable. This includes early mining rewards, reused addresses, and some dormant wallets. Ethereum also faces broader exposure due to smart contracts, validators, and Layer 2 infrastructure. Assets stored in modern wallets with hidden public keys are currently less exposed.
Could quantum computers steal lost or dormant Bitcoin?
Potentially, yes. If a wallet’s public key is already visible and the owner no longer controls the private key, a quantum computer could theoretically derive the private key in the future. This could result in dormant coins moving unexpectedly. However, this depends on the development of large-scale quantum computers, which remain under development.
How is the crypto industry preparing for quantum threats?
Developers are exploring post-quantum cryptography, address rotation strategies, key rotation, multi-signature wallets, and protocol upgrades. Some blockchain projects are already testing quantum-resistant signatures. Migration will likely happen gradually over time, with hybrid cryptography and incremental upgrades forming the first steps toward quantum-resistant networks.
Disclaimer:
The information provided in this article is for informational purposes only. It is not intended to be, nor should it be construed as, financial advice. We do not make any warranties regarding the completeness, reliability, or accuracy of this information. All investments involve risk, and past performance does not guarantee future results. We recommend consulting a financial advisor before making any investment decisions.
Onkar Singh has three years of experience as a digital finance content creator. Throughout his career, he has collaborated with various DeFi projects and crypto media outlets. In his leisure time, he enjoys fitness activities at the gym and watching movies across different genres. Balancing his professional and personal interests, Onkar continues to contribute to the digital finance landscape while pursuing his hobbies.
Easy 
