Google Reduces Quantum Threat Estimates, Impacting $600 Billion in Crypto

A recent publication from Google Quantum AI has dramatically altered the landscape of quantum computing risks to cryptocurrencies by significantly lowering the estimated hardware resources needed to compromise the elliptic-curve cryptography that secures Bitcoin and Ethereum. This development brings the ongoing security discussions into a more immediate context.

Current market evaluations suggest that the potential threats posed by quantum computing could jeopardize over $600 billion worth of assets across Bitcoin, Ethereum, and stablecoins.

TRUSTED PARTNER

3.9 ★★★☆☆

Review and Opinions →

🔥 Bonus 1.400 $

Bonus Instant + 225 FS 🏆

Open an account

The collaborative paper, authored by a team from Google, along with Ethereum Foundation researcher Justin Drake and Stanford cryptographer Dan Boneh, indicates that Shor’s algorithm could operate effectively with either a maximum of 1,200 logical qubits and 90 million Toffoli gates, or 1,450 logical qubits with 70 million Toffoli gates.

According to Google’s findings, these quantum circuits could theoretically be run on a superconducting quantum computer possessing fewer than 500,000 physical qubits within several minutes. This marks a significant reduction in previous estimates, which suggested a much higher requirement of physical qubits, roughly 20 times greater.

Importantly, Google clarified that such a machine is not currently in existence. Nevertheless, Justin Drake has expressed increased optimism regarding the timeline for a ‘Q-day’, suggesting that by 2032, there might be at least a 10% chance of a quantum computer capable of extracting a secp256k1 private key from a public key.

In conjunction with their research findings, Google revealed an unusual disclosure model, indicating engagement with the U.S. government and the use of zero-knowledge proofs for the purpose of verification, given the sensitivity of the information.

The paper emphasizes that advancements in quantum computing have reached a stage where detailing the specifics of potential attacks could be risky, even while providing reliable research output.

In the context of Bitcoin, the implications of this paper are particularly pressing. The authors model an attack scenario where an agile quantum machine could deduce a private key after a public key is disclosed during a transaction broadcast, aiming to execute a competing transaction before the original is confirmed. This raises concerns, as a fast quantum computer might narrow the window for such an attack to about nine minutes, closely aligning with Bitcoin’s average block time of roughly ten minutes.

This scenario presents a theft success probability of just under 41%. Furthermore, the paper notes that approximately 6.7 million BTC are currently at risk in vulnerable addresses, representing nearly $444 billion, which is roughly 32% of Bitcoin’s capped total supply.

The research indicates that over 1.7 million BTC, or about $112.6 billion, are still secured by older Pay-to-Public-Key scripts. The total amount of dormant Bitcoin susceptible to quantum threats could reach approximately 2.3 million BTC, worth around $152.3 billion. However, migrating these coins is not straightforward, as many are believed to be lost, abandoned, or inactive.

The authors further argue that while the Taproot upgrade benefits privacy and flexibility, it inadvertently reintroduces quantum vulnerabilities due to the way the tweaked public key is incorporated into the locking script. They also contend that Grover-based attacks on Bitcoin mining are unlikely to be practical for decades, thereby keeping the fundamental risks on signatures rather than proof of work.

TRUSTED PARTNER

4.4 ★★★★☆

Review and Opinions →

🔥 100% up to 1 BTC

180 Free Spins 🏆

Open an account

The dual challenges for Bitcoin revolve around live transactions and the substantial reserve of older or exposed coins that could be targeted in a post-quantum reality. The authors assert that every existing Bitcoin transaction type is susceptible to potential on-spend attacks by future quantum machines.

Turning to Ethereum, the quantum threat is framed differently. The paper suggests that early quantum computers may not execute on-spend attacks effectively here, as Ethereum’s transactions occur in deterministic 12-second intervals and typically resolve within a minute, relying significantly on private mempools. Instead, the primary danger stems from long-term accounts and associated systems being vulnerable to at-rest attacks.

It is estimated that a fast-clock quantum attacker could compromise the 1,000 highest-value Ethereum accounts, which collectively hold about 20.5 million ETH, in under nine days. At current market rates, this amounts to approximately $41.5 billion. Among the top 500 contract accounts, vulnerabilities related to administrative keys expose at least 2.5 million ETH, worth around $5.1 billion.

The potential consequences of successful quantum breaches on such accounts could range from arbitrary minting and misleading price feeds to frozen assets and drained liquidity pools, highlighting the underestimated risks within standard asset-balance models.

The paper also identifies vulnerabilities in Ethereum’s broader infrastructure, linking approximately 15 million ETH in Layer 2 and protocol values to code and data-availability weaknesses, along with about 37 million ETH in consensus stakes that are susceptible to risks associated with BLS signatures.

As the urgency grows, the blockchain community confronts the critical question of whether they can adequately migrate wallets, exchanges, and other tokenized asset frameworks before the threat landscape shifts unfavorably. Charles Guillemet, CTO at Ledger, remarked that while the necessary tools for post-quantum cryptography are available, the time to act is now. He emphasizes that the transition will take time, and the industry must not wait for absolute clarity regarding the arrival of cryptographically relevant quantum computers.

The findings from the Google paper underscore the pressing need for vulnerable cryptocurrency communities to transition to post-quantum cryptography urgently. For Bitcoin, this represents a race against a closing settlement window, while for Ethereum, the focus shifts from mere coin security to safeguarding a much larger ecosystem of contracts and tokenized entities relying on the same vulnerable mathematical foundations.