Quantum Threat to Cryptocurrency: Google Research Reveals Sooner-Than-Expected Vulnerability

According to a recent blog post by Google Research, the threat of quantum computers to cryptocurrency security may arrive sooner than initially predicted. The updated estimates suggest that future quantum computers could break the core security of cryptocurrencies, potentially compromising the security of Bitcoin wallets, live transactions, and other blockchain systems that rely on elliptic curve cryptography.

The majority of blockchain networks and cryptocurrencies depend on the 256-bit elliptic curve discrete logarithm problem (ECDLP-256) to protect wallets and transactions. Google cited a new whitepaper that compiled two recent quantum circuits, one using 1,200 logical qubits and 90 million Toffoli gates, and the other using 1,450 logical qubits and 70 million Toffoli gates. These circuits could potentially run on a cryptographically relevant quantum computer with fewer than 500,000 physical qubits in a matter of minutes.

The significance of this discovery lies in the estimated 20-fold reduction in the physical qubits needed to solve ECDLP-256, which narrows the gap between theoretical and real-world attack scenarios. This development raises fresh concerns for the security of Bitcoin and other cryptocurrencies, as it suggests that a sufficiently fast cryptographically relevant quantum computer could attack active Bitcoin transactions before network confirmation.

The average block time for Bitcoin is approximately 10 minutes, which means that a quantum computer capable of solving ECDLP-256 in under 10 minutes could potentially carry out 'on-spend' attacks during that window. This changes the threat model from long-term exposure to near-real-time vulnerability, placing active transactions in the mempool within reach of a sufficiently fast quantum computer.

Google's research also drew attention to Taproot, Bitcoin's 2021 upgrade, which improved privacy and efficiency but made public keys visible on-chain by default. This design choice could potentially widen the pool of wallets exposed to future quantum attacks, adding a second layer to the report. The first layer centered on the speed of quantum computers, while the second focused on the number of wallets that could face risk.

Industry figures have weighed in on the research, with Haseeb Qureshi, managing partner at Dragonfly, stating that the paper points to faster timelines for breaking widely used cryptographic systems. Alex Pruden, chief executive and co-founder of Project Eleven, noted that the results challenge the idea that only old or poorly managed wallets face danger, and that attackers could intercept transactions before confirmation if they could crack keys within minutes.

The implications of this research are far-reaching, and the need for post-quantum planning has become more urgent. With estimates for breaking standard encryption falling from billions of qubits to under a million in just over a decade, the importance of migrating to quantum-resistant cryptography cannot be overstated. As Google plans to accelerate its post-quantum cryptography migration to 2029, the warning signs are clear: the threat of quantum computers to cryptocurrency security is real, and it's coming sooner than expected.

In response to these findings, Google has changed its approach to releasing sensitive security research. Rather than publishing step-by-step details, the team used a zero-knowledge proof to validate its findings, allowing others to verify the results without providing a direct roadmap for misuse. This approach highlights the delicate balance between advancing research and protecting against potential threats.

As the cryptocurrency landscape continues to evolve, the threat of quantum computers will remain a pressing concern. The need for post-quantum planning and the development of quantum-resistant cryptography will become increasingly important. With Google's research serving as a warning sign, the industry must come together to address this challenge and ensure the long-term security of cryptocurrencies.