New research from Google indicates that quantum computers may need significantly less power than previously believed to break the cryptographic systems securing cryptocurrency blockchains.
Released Monday, the study estimates that a quantum computer could compromise the encryption protecting Bitcoin and Ethereum using fewer than 500,000 physical qubits, based on current hardware assumptions. A qubit is the fundamental unit of quantum computing.
Researchers designed and tested two quantum circuits on a superconducting, cryptographically relevant quantum computer (CRQC), achieving what they described as a 20-fold reduction in the number of qubits required to solve the 256-bit elliptic curve discrete logarithm problem (ECDLP-256), a core security mechanism used in many blockchains.
According to the findings, in a theoretical scenario, a quantum computer could crack a Bitcoin private key in as little as nine minutes—potentially enabling an “on-spend attack” within Bitcoin’s 10-minute block time.
An on-spend attack is a hypothetical method where a quantum computer derives a private key from a public key exposed during a transaction, allowing an attacker to steal funds before the transaction is fully confirmed.
“We should estimate the time required to launch an on-spend attack starting from this primed state at the moment the public key is learned to be roughly either 9 minutes or 12 minutes.”
Co-author and Ethereum researcher Justin Drake said the findings have significantly increased his expectations for the arrival of “Q-Day.”
“My confidence in Q-Day by 2032 has shot up significantly. In my opinion, there’s at least a 10% chance that by 2032 a quantum computer could recover a private key from an exposed public key,” he said.
Researchers say Ethereum’s account model is inherently vulnerable to so-called “at-rest attacks,” which don’t depend on timing constraints.
In this scenario, a quantum attacker can derive a private key from a publicly exposed key without needing to act within a short window. On Ethereum, a user’s public key becomes permanently visible on-chain after their first transaction, allowing attackers unlimited time to attempt a breach.
“This results in account vulnerability: a systemic, unavoidable exposure that cannot be mitigated by user behavior, short of a protocol-wide transition to post-quantum cryptography (PQC),” the researchers noted.
Google estimates that the 1,000 largest exposed Ethereum accounts—holding roughly 20.5 million ETH—could theoretically be compromised in under nine days using advanced quantum systems. The company said its goal is to raise awareness and provide guidance to help the crypto industry strengthen security before such threats become viable.
As a result, Google is urging blockchain networks to begin transitioning to post-quantum cryptography now, rather than waiting until quantum attacks become a reality.
Quantum Timeline Moves Forward
On Wednesday, Google set a 2029 target for completing its own transition to post-quantum cryptography, warning that breakthroughs in quantum computing may arrive sooner than expected.
Crypto entrepreneur Nic Carter said elliptic curve cryptography is nearing “obsolescence,” noting that Ethereum developers are already working on mitigation strategies, while Bitcoin developers have taken a comparatively slower approach.
The Ethereum Foundation released its post-quantum roadmap in February, and co-founder Vitalik Buterin has emphasized that key components—including validator signatures, data storage, accounts, and cryptographic proofs—must evolve to address future quantum risks.
