Google Quantum Risk Research Recap: Are Bitcoin and Blockchain in Danger?

Google Quantum Risk Research Recap: Are Bitcoin and Blockchain in Danger?


Google wrote an interesting paper on "quantum risk": Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities: Resource Estimates and Mitigations (Babbush et al, 2026). I have already written many articles in the past on quantum computers so I will not dwell on the theory.

A brief recap of asymmetric cryptography:
You have a private key (256 bits = 10 ^^ 77), a public key (derived from the private key) and an address (derived from the public key). If you receive funds, you expose your public key. From the private key, you obtain the public key, but from the public key, you cannot derive the private key (today, you could derive it with brute-force attacks that would require more than the lifetime of the entire universe).

Mathematically, we have (elliptic curve):
1) A base point G.
2) The private key is a secret number k.
3) The public key is P = k G (i.e., add P to itself k times on the curve).

- It's easy to derive from G to P.
- It's almost impossible to return from P to k.

a47cf0a213e04909e746573c6ecb3123a4476c4e6ba9cc6138bf244a321d2310.jpg

This problem is called the Elliptic Curve Discrete Logarithm Problem.
To solve this problem with classical computers, "brute force" is used. A hacker tries all possible values ​​of k until he finds the right one: with standard curves (such as 256 bits), the chance ≈ 2²⁵⁶. Even with all the computers in the world, it would take billions of billions of years, making it impractical.

A quantum computer uses Shor's Algorithm, which doesn't try all the keys: it directly finds k in "fast" (polynomial) time, but only with 1,000+ logical qubits and millions of operations (Toffoli). This is why "post-quantum" cryptography is being developed not only in the blockchain sector but also in banking (credit cards) and internet privacy.

The Google paper highlighted these quantum issues:
1) 1,200 logical qubits and 90 million CCX are needed (about 9 minutes to find a private key). The required qubits are 20 times fewer than previously assumed (Google demonstrated this with a ZK proof). Today we reach a maximum of 10 qubits, optimistic estimates 2035-2045).

2) Quantum improvement is non-linear (technological improvement can occur in a few years; the threat is not immediate, but not remote either).

Types of attacks:
1) At Rest: The attacker derives the private key from the public keys already exposed (old addresses). This attack is possible with slow-clock (ion traps) and fast-clock (photonic and superconducting) quantum computers.

2) On Spend: The private key is decrypted when a user signs the transaction before it is confirmed (sending a fraudulent transaction in its place). These attacks are only launched by fast-clock quantum computers.

3) On Setup (Bitcoin is not vulnerable, Ethereum and other chains are): The attack occurs on a protocol's trusted setups (this is a backdoor).

Let's see how quantum attacks can impact Bitcoin and Ethereum (Google Quantum AI research):
- Exposed Bitcoin addresses: P2PK (Satoshi Era), Taproot (bc1p), P2PKH (1 and bc1q; safe as holdings, if no transaction has ever been signed). Approximately 6.9 million BTC are vulnerable to at-rest attacks, considering all types of scripts with exposed or reused public keys. The most dangerous element (from a price action perspective) is that 2.9 million BTC are dormant (perhaps the owner is dead or the private keys are lost), thus presenting the possibility that quantum attacks will move these funds in the future. Proof of Work (mining) is not exposed to quantum attacks.

4900ef25f004a213a678303c12e6831afec8ea915f41cfcb2ac50bfcf5fc1e13.jpg

- Analysis of Ethereum identifies more vulnerabilities than Bitcoin: Proof of Stake (consensus), account model, smart contracts (admin/code) and Data Availability Sampling. However, on-spend attacks are much more difficult to execute than Bitcoin. Using fast clock QC, approximately 20.5 million ETH could be compromised in 7 days. The attack surface extends to smart contracts (over $200 billion in assets, stablecoins and RWA).

a5104e97a4b5f14fd544d5be1462dff40526d3255d9e0b978355f7c316911106.jpg

This does not mean that these technologies will die but that the protocols will be subject to updates via hard forks (which will lead to debates and discussions among devs and the various communities).

 

Are you interested in ways to earn crypto bonus? Check it out here: Some Sites To Earn Crypto Bonus (Old & New)

How do you rate this article?

39


☑️0🆇D̺͈͙͕̿ͧ̑ͣ🅰🆅🅸🅳eͤ
☑️0🆇D̺͈͙͕̿ͧ̑ͣ🅰🆅🅸🅳eͤ Verified Member

I love Bitcoin since 2012. I also love NFT. #BTC #ETH #MLBSorare


Darknet
Darknet

The topics will be 🅒🅡🅨🅟🅣🅞, of course. BTC and Degen crypto since 2012.⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.