Key Highlights
- Google’s Quantum AI team warns that breaking Bitcoin’s encryption requires fewer qubits than previously estimated.
- A fast quantum computer could potentially calculate a private key from an exposed public key and intercept a transfer before the network confirms it.
- While the Taproot upgrade boosts efficiency, it may expose more wallets to future quantum risks.
Google has issued a stark warning to the cryptocurrency industry: quantum computers could threaten Bitcoin security sooner than expected. In a newly released whitepaper, Google’s Quantum AI team found that breaking Bitcoin’s and Ethereum’s encryption may need far fewer qubits than previously estimated.
While earlier estimates suggested millions of physical qubits would be required to crack the network, new calculations suggest fewer than 500,000 could be enough. This means the window for a potential quantum attack is closer than experts once believed.
Lower bar for quantum attacks
Google’s researchers outlined two possible ways quantum computers could attack Bitcoin, needing roughly 1,200 to 1,450 logical qubits. This is far fewer than previous estimates, showing the threat may be closer than expected.
The team also explained how an attack could happen in real time. When someone sends Bitcoin, the network briefly exposes a public key. A fast quantum computer could use that information to calculate the private key and steal the funds before the transaction completes.
Since Bitcoin transactions usually take about ten minutes to confirm, the model suggests an attacker could succeed about 41% of the time within nine minutes.
In addition, roughly 6.9 million Bitcoin are already in wallets where public keys have been exposed. This includes early Bitcoin holdings and addresses that have been reused. That number is much higher than estimates from CoinShares, which suggested only a small fraction of Bitcoin might be at risk.
Taproot and expanding risk surface
The whitepaper also raises concerns about Bitcoin’s Taproot upgrade. While Taproot improved efficiency and privacy, it made certain information more visible on the blockchain. That change could leave more wallets vulnerable if quantum computers become powerful enough. In short, what was once considered a distant risk may now deserve more immediate attention.
While the blockchain industry races to adapt, Google is preparing its own infrastructure for a post-quantum world. The company said it plans to switch its systems to quantum-resistant cryptography by 2029. Android 17 already uses quantum-resistant signatures, and Chrome supports post-quantum key exchange.
The research builds on Google’s 2024 Willow chip, which has 105 qubits. Scientists improved error correction, making it easier to scale up quantum computers. Experts say this progress could bring practical quantum applications closer.
The broader ecosystem is also beginning to take the threat seriously. Ethereum Co-Founder Vitalik Buterin also recently stressed the importance of future-proofing networks. He pointed to EIP-8141, a proposed upgrade that strengthens privacy and quantum resistance. He said it “makes privacy protocols much more first-class.”
For Bitcoin, however, the path forward remains highly complex, demanding consensus on upgrades that the network has historically been slow to adopt. What was once considered a distant, theoretical risk is now an immediate engineering challenge.
Also Read: Pune Woman Loses ₹69L in India Crypto Scam Posing as TRAI