Google has published research that significantly compresses the expected timeline for quantum computers to threaten real-world cryptography — and the implications extend well beyond cryptocurrency into every system that relies on elliptic curve encryption.
The Core Finding: 20x Fewer Resources Than Thought
The research, published by Google Quantum AI on March 31, estimates that a quantum computer could break the 256-bit elliptic curve discrete logarithm problem (ECDLP-256) — the cryptographic foundation of Bitcoin, Ethereum, and a wide range of financial and communication systems — using fewer than 500,000 physical qubits.
That represents a 20-fold reduction in the quantum resources previously thought necessary. Google's researchers compiled two quantum circuits to test on a superconducting-qubit system and reported the reduction as the key finding.
"My confidence in Q-Day by 2032 has shot up significantly," wrote Ethereum researcher Justin Drake, who co-authored the paper. "IMO there's at least a 10% chance that by 2032 a quantum computer recovers a private key from an exposed public key."
Bitcoin: A 9-Minute Attack Window
For Bitcoin specifically, the threat materializes during transactions. When a Bitcoin user sends funds, their public key becomes briefly visible on the network. A quantum computer capable of deriving the corresponding private key within Bitcoin's 10-minute block confirmation window could redirect those funds before the transaction finalizes.
Google's paper estimates this on-spend attack could take between nine and twelve minutes from the moment the public key is first exposed — an uncomfortably tight margin against Bitcoin's existing block time.
The practical constraint remains hardware. No quantum computer in existence today comes close to 500,000 physical qubits with the error correction properties required. But the research revises downward the engineering target needed to mount such an attack.
Ethereum's Structural Problem Is Worse
Bitcoin's vulnerability is narrow and time-bounded. Ethereum's is neither.
Google's research identifies Ethereum's account model as "structurally prone to at-rest attacks." The issue: when an Ethereum account sends its first transaction, its public key is permanently and immutably recorded on the blockchain. That public key never expires. A quantum attacker doesn't need to race against a block clock — they can take days, weeks, or longer to derive the private key after the fact.
The researchers estimate the 1,000 wealthiest exposed Ethereum accounts, holding approximately 20.5 million ETH, could be compromised in fewer than nine days using a sufficiently capable quantum system. Unlike Bitcoin, no change in user behavior can mitigate the risk once a public key has been exposed — a protocol-level migration to post-quantum cryptography is required.
The Ethereum Foundation has released a post-quantum roadmap in response to these findings. Bitcoin developers, according to multiple researchers, have been slower to act.
What This Means Beyond Crypto
The cryptographic standards under threat here — elliptic curve cryptography — are not limited to blockchain systems. They underpin HTTPS connections, secure messaging applications, financial transaction systems, and government communications infrastructure worldwide.
Google set a 2029 internal deadline for migrating its own systems to post-quantum cryptographic standards — and issued the accompanying warning that "quantum frontiers could be closer than they appear." NIST finalized its first post-quantum cryptography standards in 2024, but enterprise-wide migration is a multi-year process that most organizations have not yet started.
The practical message from Google's research is simple: the clock is moving faster than the industry assumed. Organizations that have been treating post-quantum migration as a theoretical future concern should probably revisit that assessment.
