New Google research suggests quantum computers may need far fewer resources than previously thought to break the cryptography that secures major blockchains. The company’s paper, published Monday, reevaluates hardware assumptions and describes two quantum circuits designed for a superconducting-qubit, cryptographically relevant quantum computer (CRQC). Under those assumptions Google estimates a machine could tackle the 256-bit elliptic curve discrete logarithm problem (ECDLP-256) used by Bitcoin and Ethereum with under 500,000 physical qubits—about a 20-fold reduction in qubit requirements compared with earlier estimates.
In a striking theoretical scenario, the team calculates a quantum device could recover a Bitcoin private key in roughly nine minutes. Because Bitcoin’s average block time is ~10 minutes, that creates a narrow window for an “on-spend” attack: an adversary learns a public key when a user spends funds, then races to derive the matching private key before the transaction is confirmed. Google estimates the time to launch such an attack from a primed state after the public key is revealed is on the order of nine to 12 minutes.
Researchers warn Ethereum’s account model is even more vulnerable to “at-rest” attacks. Once an account transacts for the first time its public key is permanently visible on-chain, giving attackers unlimited time to recover the private key unless the protocol moves to post-quantum cryptography (PQC). Under Google’s assumptions, the 1,000 wealthiest exposed Ethereum accounts—holding about 20.5 million ETH—could be cracked in fewer than nine days.
Co-author and Ethereum researcher Justin Drake said the findings make a quantum-capable break (a “Q-Day”) by 2032 more plausible, estimating at least a 10% chance that exposed public keys could be used to recover private keys by then. Google says the study’s goal is to raise awareness and urges the crypto community to accelerate migration to PQC rather than wait for an active quantum threat.
Google also announced an internal deadline to complete its own post-quantum cryptography migration by 2029, arguing that “quantum frontiers” may be closer than commonly assumed. Reactions from the crypto community have varied: some, like analyst Nic Carter, say elliptic curve cryptography is approaching obsolescence; Ethereum developers have published a PQ roadmap and proposals from figures such as Vitalik Buterin address changes to signatures, account handling and proofs. Bitcoin developers have been slower to adopt protocol-level mitigations.
What to take away: the paper does not claim an immediate, practical break of live networks today, but it tightens timelines and reduces uncertainty about resource needs for future quantum attacks. Google recommends accelerating post-quantum upgrades across blockchain ecosystems. Readers should follow developments from protocol teams and independently verify technical claims as this area evolves.