Google just said Quantum computers can crack Bitcoin in 9 minutes. Should we panic?
A no-jargon breakdown of Google’s 57-page quantum paper, what it actually means for your crypto, and why the sky is not falling (yet).
If you’ve been anywhere near Crypto Twitter in the last 48 hours, you’ve probably seen some version of this headline: “Google can crack Bitcoin in 9 minutes.”
Scary stuff. Also, not exactly what happened.
On March 31, 2026, Google’s Quantum AI team published a 57-page whitepaper that significantly reduces the estimated resources needed to break the cryptography protecting Bitcoin, Ethereum, and most other cryptocurrencies.
It was co-authored alongside Ethereum Foundation researcher Justin Drake and Stanford cryptographer Dan Boneh, two names that carry serious weight in this space.
The paper is real. The findings are significant. But the full picture is a lot more nuanced than the panic headlines suggest.
Let’s break it all down in plain language. No finance degree required. We promise.
First, what actually protects your crypto?
Before we get into what Google found, let’s quickly cover why it matters.
Every crypto wallet, whether it holds Bitcoin, Ethereum, or anything else, is protected by something called elliptic-curve cryptography (ECC). Specifically, most blockchains use a version called ECDSA running on a mathematical curve called secp256k1.
Here’s how it works in simple terms:
You have two keys:
a private key (your secret password), and
a public key (derived from the private key using complex math)
You can easily go from private key to public key. But going the other direction, figuring out someone’s private key from their public key, is essentially impossible with today’s computers.
That “essentially impossible” part is the entire security foundation of crypto.
Quantum computers threaten to change that equation.
What Google actually found
Google’s paper presents two optimized methods for using a future quantum computer to reverse that “impossible” math.
The technical term is “solving the Elliptic Curve Discrete Logarithm Problem,” but all you need to know is this: they found a way to do it with 20 times fewer resources than previously estimated.
In 2019, researchers figured you would need around 20 million physical qubits (the basic unit of quantum computing power) to break this encryption. That number felt safely out of reach for decades.
Google’s new paper brings that number down to roughly 500,000 physical qubits.
Still a massive number. Google’s best quantum chip today, called Willow, has just 105 qubits. So, we are actually nowhere close.
But the gap between 105 and 500,000 feels a lot less comfortable than the gap between 105 and 20 million.
The paper also models a specific attack scenario: a quantum computer that can derive your private key in approximately 9 minutes, which is faster than Bitcoin’s average 10-minute block confirmation time.
In theory, an attacker could intercept a Bitcoin transaction, extract the briefly exposed public key, crack the private key, and redirect the funds before the original transaction confirms. The paper estimates a 41% success rate for this particular scenario.
Again, no machine exists today that can actually do this. But the math checks out.
How Google disclosed this (and why it matters)
Here’s a detail that tells you how seriously Google takes its own findings.
They did not publish the actual quantum circuits. No step-by-step attack blueprint. Instead, they used something called a zero-knowledge proof to verify their results. In simple terms, they proved the math works without showing anyone exactly how to replicate it.
Google’s blog post explains that they consulted with the US government before publishing and specifically designed this verification method to avoid handing bad actors a how-to guide. They also urged other quantum research teams to adopt similar responsible disclosure practices going forward.
When a research institution treats its own paper like sensitive material, that is worth paying attention to.
How much crypto is actually at risk?
Not all crypto is equally vulnerable. The key factor is whether your public key has been exposed on the blockchain.
For Bitcoin, the paper identifies approximately 6.9 million BTC sitting in addresses where public keys are already visible on-chain. That is roughly one-third of all Bitcoin in circulation. This includes three main categories:
Early Bitcoin addresses (called P2PK format) that store public keys directly in the transaction script. About 1.7 million BTC falls in this bucket, including the estimated 1 million BTC attributed to Bitcoin’s creator, Satoshi Nakamoto.
Reused addresses where the owner received Bitcoin at the same address more than once, which exposes the public key after the first outgoing transaction.
And, somewhat ironically, Bitcoin’s 2021 Taproot upgrade, which was designed to improve privacy, actually makes public keys visible by default in certain spending conditions.
The good news?
Roughly 65% of Bitcoin’s supply sits in address formats where the public key has never been exposed.
Those coins are protected until the moment of spending.
For Ethereum, the situation is more complex. Google’s paper identifies five distinct attack paths, collectively putting over $100 billion at risk:
Wallet attacks targeting accounts with exposed public keys. Unlike Bitcoin, Ethereum permanently exposes your public key after your very first outgoing transaction.
Admin key attacks on smart contracts. Many major DeFi protocols and stablecoins (including USDT and USDC) are controlled by administrator keys. Cracking a single admin key could have cascading effects across lending markets and beyond.
Consensus attacks targeting the staked ETH that secures the network.
Layer 2 attacks on rollups and bridges.
And a fifth, more technical vector targeting Ethereum’s data availability infrastructure.
The timeline: when could this actually happen?
This is the part where we all take a breath.
No quantum computer exists today that can execute these attacks. Google’s Willow chip has 105 qubits. The attack requires roughly 500,000. That is a gap of about 5,000x.
Expert timeline estimates vary widely, but most cluster around the mid-2030s as the likeliest window for a quantum computer powerful enough to threaten crypto:
Google has set an internal 2029 migration deadline for transitioning its own products to quantum-resistant cryptography. That is a signal they take the timeline seriously.
Justin Drake, the Ethereum Foundation researcher who co-authored the paper, has said there is at least a 10% chance a quantum computer could recover a crypto private key by 2032.
IBM’s quantum roadmap targets its first large-scale fault-tolerant system by 2029, with more powerful systems projected for 2033.
The US National Institute of Standards and Technology (NIST), which sets encryption standards for the entire country, has called for deprecating vulnerable algorithms by 2030 and fully removing them by 2035.
So the threat is not imminent. But it is closer than it used to be, and the preparation window is narrowing.
“Harvest now, decrypt later”: the sneaky risk nobody talks about
There is one angle that makes this more urgent than the timeline alone suggests.
It is called “harvest now, decrypt later.” The concept is straightforward: a bad actor can download and store encrypted data today, then wait until quantum computers are powerful enough to crack it later.
For blockchains, this is particularly relevant because all transaction data is permanently public. Every public key that has ever been exposed on Bitcoin or Ethereum is sitting on a public ledger, right now, freely available to anyone who wants to copy it. There is no need to hack anything. The data is already out there.
That means the clock is not just ticking forward from today. It is ticking backward from whenever quantum computers become powerful enough. If your public key is exposed on-chain today, it is already “harvested.” The only question is how long until someone can decrypt it.
This is why good address hygiene matters now, not later.
What is the crypto industry doing about it?
The response has been split, and the split is revealing.
Ethereum is moving fast.
The Ethereum Foundation established a dedicated Post-Quantum Security team in January 2026 and launched a public resource hub at pq.ethereum.org.
Vitalik Buterin proposed EIP-8141, which would allow wallets to swap their signature scheme to quantum-resistant algorithms without changing addresses.
The Foundation has set a target to implement core protocol changes by 2029 through a series of hard forks. Ethereum’s governance model, while still decentralized, allows for faster coordinated upgrades.
Bitcoin is debating.
A proposal called BIP-360 was merged into Bitcoin’s official repository on February 11, 2026.
It introduces a new quantum-resistant output type, which is a meaningful first step. But BIP-360 does not replace Bitcoin’s current signature scheme on its own.
Follow-on proposals are needed, and the co-author of BIP-360 has estimated that a full post-quantum migration could take up to 7 years. Bitcoin’s decentralized governance model, while one of its greatest strengths, makes coordinated upgrades significantly harder.
The broader industry is starting to pay attention. Coinbase formed a dedicated quantum advisory board in January 2026. NIST finalized three post-quantum encryption standards in August 2024. And US federal agencies face an April 2026 deadline to submit their own post-quantum transition plans.
The takeaway: solutions exist. The challenge is deploying them at scale across decentralized networks that require broad community consensus for any upgrade.
How did the market react?
The market’s immediate response was relatively calm.
Bitcoin dipped about 1.6% to approximately $66,500 on March 31, while Ethereum dropped roughly 1.2% to around $2,040.
Both moves were orderly and partly driven by existing macro headwinds.
The more interesting reaction came from quantum-resistant tokens. The Quantum Resistant Ledger (QRL) surged over 40%, with trading volume spiking more than 1,000%. The broader quantum-resistant crypto sector exceeded $9 billion in market cap.
Industry leaders struck a mostly confident tone. Binance co-founder CZ said crypto simply needs to upgrade to quantum-resistant algorithms, adding there is “no need to panic.”
Saw some people panicking or asking about quantum computing’s impact on crypto.
At a high level, all crypto has to do is to upgrade to Quantum-Resistant (Post-Quantum) Algorithms. So, no need to panic. 😂In practice, there are some execution considerations. It’s hard to organize upgrades in a decentralized world. There will likely be many debates on which algorithm(s) to use, resulting in some forks.
And some dead project may not upgrade at all. Might be a good to cleanse out those projects anyway.
New code may introduce other bugs or security issues in the short term.
People who self custody will have to migrate their coins to new wallets.
This brings to the question of Satoshi’s bitcoins. If those coins move, then it means he/she is still around, which is interesting to know. If they don’t move (in a certain period of time), it might be better to lock (or effectively burn) those addresses so that they don’t go to the first hacker who cracks it. There is also the difficulty of identifying all his addresses, and not confuse with some old hodlers. Anyway, it’s a different topic for later.
Fundamentally:
It’s always easier to encrypt than decrypt.
More computing power is always good.
Crypto will stay, post quantum.
(@cz_binance)
Coinbase CEO Brian Armstrong called it a “very solvable issue.”
Michael Saylor argued that quantum computing would ultimately strengthen Bitcoin by forcing necessary upgrades.
The market is telling you something: this is a real concern, but not an immediate crisis. It is a preparation problem, not a panic problem.
What should you actually do right now?
Here is the practical part. No quantum computer can threaten your crypto today. But smart preparation costs you nothing and could save you a lot down the road.
Stop reusing wallet addresses
This is the single most impactful step you can take. Approximately 70% of Bitcoin’s quantum-vulnerable coins come from address reuse. Modern wallets automatically generate fresh addresses for each transaction. Check that yours does this.
Move funds from exposed addresses
If you have crypto in addresses that have previously sent outgoing transactions, consider transferring them to fresh addresses where the public key has never been revealed on-chain. For Bitcoin, SegWit addresses offer the strongest current protection.
Keep your wallet software updated
When post-quantum signature schemes become available for your blockchain of choice, you will want firmware and software that can support them. Hardware wallet users should prioritize devices with upgradable firmware.
Stay informed, not anxious
This is a multi-year engineering challenge, not a sudden crisis. Follow your preferred blockchain’s development roadmap and watch for post-quantum upgrade announcements. The projects that prepare now will come out stronger on the other side.
The bottom line
Google’s paper does not announce doomsday for crypto. It announces a shorter preparation window than anyone expected.
The 20x reduction in estimated quantum resources continues a clear trend: every major research update moves the threat closer. The gap between today’s quantum hardware and what is needed to break crypto encryption is still enormous. But it is shrinking, and the migration timelines for decentralized networks are long.
The smartest play?
Treat this like any other risk in crypto. Stay aware. Take practical steps to protect your holdings. Do not panic-sell based on headlines. And keep an eye on how the projects you invest in are preparing for a post-quantum world.
Crypto has survived Mt. Gox, the DAO hack, multiple 80%+ drawdowns, regulatory crackdowns, and an entire bear market fueled by collapsed exchanges. Adapting to new cryptographic standards is a solvable engineering problem, not an existential one.
The projects and communities that take it seriously now will be the ones standing strongest when the quantum era arrives.
Stay ahead of the curve with mb.io
The crypto landscape is always evolving, and so are we. Whether you are buying Bitcoin, swapping ETH, or exploring the next opportunity, mb.io gives you a secure, regulated environment to trade with confidence.
Buy, sell, and swap your favorite crypto assets in as fast as 3 simple steps. Backed by MultiBank Group’s global regulation and institutional-grade MPC custody, your assets are protected by the security standards of today while we prepare for the challenges of tomorrow.
Trading involves risk. Past performance is not indicative of future results. This article is for informational purposes only and does not constitute financial advice.