Researchers from Caltech and a quantum startup named Oratomic suggest a quantum computer with just 10,000 qubits could compromise Bitcoin and Ethereum wallets. The findings appear in a new paper posted to the arXiv preprint server on Monday. This data challenges previous estimates that required hundreds of thousands of qubits for such an attack.
Quantum Thresholds Drop
A system with approximately 26,000 qubits could break ECC-256 encryption in about 10 days, according to the study. RSA-2048, commonly used by financial institutions, requires closer to 102,000 qubits and three months of processing. These figures represent a five orders of magnitude reduction compared to 2012 projections.
Qubits are the basic units of quantum computers, similar to bits in traditional machines. They are a measure not of speed, like gigahertz or teraflops, but rather reflect the scale of the system. The paper, posted Monday to the arXiv preprint server, landed alongside a Google Quantum AI whitepaper that pegged the threshold at fewer than 500,000 physical qubits.
The Oratomic team uses Google’s quantum circuits designed to break 256-bit elliptic curve cryptography. Their neutral-atom setup shows a requirement of about 50% of the qubits Google previously estimated. Together, the papers mark one of the sharpest compressions yet in the timeline of quantum threats.
Risk Assessment
Elliptic curve cryptography is more exposed because it achieves comparable security with smaller keys. This makes the work easier for a quantum machine running Shor’s algorithm to derive private keys. A 10-day window makes the rapid on-spend attack outlined in Google’s paper unlikely under these assumptions.
All nine authors are shareholders in Oratomic, with six employed by the company. This positions the paper as both a scientific result and a roadmap for its hardware approach. The direction, however, is becoming harder to ignore for security auditors.
That framing comes with caveats regarding funds already sitting in vulnerable addresses. An estimated 6.9 million BTC are tied to early wallets and reused addresses facing this risk. This includes coins that have been dormant for years without movement.
Migration Challenge
The question is no longer whether quantum systems can break crypto, but whether the industry can migrate before the cost of doing so collapses further. Most crypto privacy models weaken as blockchain data grows, while encryption-based models like Zcash strengthen. The metadata available to machine learning models scales with blockchain adoption.
Security teams must now prioritize upgrades to address the narrowing window of vulnerability. This development marks one of the sharpest compressions yet in the timeline of quantum threats. The industry must watch for cost reductions in hardware manufacturing.
