Google’s Quantum AI team published a whitepaper Monday indicating Bitcoin security may face threats sooner than expected. New calculations suggest fewer than 500,000 qubits could crack the blockchain, with Taproot technology partially to blame. This development raises urgent questions about the timeline for post-quantum migration.
Lowered Attack Thresholds
Researchers found that cracking the cryptography used by Bitcoin and Ethereum could require significantly fewer resources than previously assumed. In the paper, the team identified specific methods needing roughly 1,200 to 1,450 high-quality qubits. That is a fraction of earlier estimates and suggests the gap between current technology and a viable attack may be smaller than investors think.
The computing power required to break Bitcoin’s security may be far lower than previously assumed, raising fresh questions about how soon quantum threats could become a reality, the team said.
Google outlined how such an attack could work in practice without targeting old wallets. A quantum attacker could go after transactions in real time when someone sends bitcoin. A piece of data called a public key is briefly revealed during this process.
A fast enough quantum computer could use that information to calculate the private key and redirect the funds. Google’s model shows a system could prepare part of the calculation in advance, then complete the attack in about nine minutes once a transaction appears. Bitcoin transactions typically take around 10 minutes to confirm, giving an attacker roughly a 41% chance of beating the original transfer.
Vulnerable Funds and Design Flaws
The paper also estimates that about 6.9 million bitcoin, roughly one third of the total supply, already sit in wallets where the public key has been exposed. That includes around 1.7 million bitcoin from the network’s early years, as well as funds affected by address reuse. That figure is far higher than recent estimates from CoinShares, which argued that only about 10,200 bitcoin are concentrated enough to significantly move markets if stolen.
Findings also cast a new light on Taproot, Bitcoin’s 2021 upgrade. While Taproot improved privacy and efficiency, it also made public keys visible on the blockchain by default. Google’s researchers say that design choice could expand the number of wallets vulnerable to future quantum attacks.
Ethereum may be less exposed to this specific risk because it confirms transactions faster, leaving less time for an attack. This distinction highlights how network architecture influences security against emerging computing threats. Other cryptocurrencies will need to evaluate their own confirmation speeds against the quantum window.
Future Security Implications
Google is also changing how it shares sensitive security research for this project. Rather than releasing the step-by-step details of how to break crypto systems, the team used a technique called a zero-knowledge proof. That allows others to verify the results while limiting the risk the research could be misused.
The takeaway for investors is not that quantum computers are about to break crypto immediately. However, the timeline may be shorter, and the risks broader, than previously thought. As stablecoins evolve into core financial infrastructure, security protocols must evolve at the same pace.
Google has previously pointed to 2029 as a potential milestone for useful quantum systems. Migration needs to come before that date to protect existing assets effectively. The research accelerates the push toward post-quantum security standards across the digital asset ecosystem.
