In recent weeks, the crypto community has been shaken by news that seemed straight out of a science fiction script: Google published a paper estimating that future quantum computers could break the cryptography protecting Bitcoin and Ethereum in just nine minutes. Reactions were swift. While some interpreted the document as a death sentence for digital assets, others dismissed it as a fear, uncertainty and doubt (FUD) strategy designed to sow panic. But as is often the case in the deepest debates within this ecosystem, the reality is more complex than an apocalyptic headline.
The document in question, produced by Google’s Quantum AI team, is not a sensationalist press release; it is an effort to update estimates of the quantum resources required to break the elliptic curve cryptography (ECDSA) that protects most blockchains. The central conclusion is indeed unsettling: with a few hundred thousand physical qubits—a figure that Google’s own advances are bringing closer to reality—an attacker could theoretically derive a private key from a public key in a matter of minutes.
That means if a user has reused an address or exposed their public key (for example, by making a transaction), an adversary with a sufficiently powerful quantum computer could attempt to decipher their private key during the transaction confirmation window and insert a fraudulent transaction before the original block is mined
The paper also highlights a figure that has set off alarm bells: 6.7 million bitcoins reside in addresses with exposed public keys. In other words, under the quantum scenario, those funds would be a fixed target. Added to these are old wallets, dormant satoshis, active exchange accounts, and a significant portion of the DeFi ecosystem, which according to the researchers presents up to five distinct attack vectors: from bridges to layer‑2 networks and the smart contracts themselves.
Faced with this landscape, the question is not whether the danger exists—it does, and it is technically sound—but rather when it will arrive and, above all, whether it will arrive before we have time to react. Because here lies the crux of the matter: Google outlines a roadmap targeting 2029 for a responsible migration to post‑quantum cryptography (PQC), but warns that the first attacks could begin to materialize as early as 2028, with DeFi becoming a priority target in 2029 and direct attacks on Bitcoin arriving in 2030. These are not dates set in stone, but they are a timeline close enough that we cannot afford to ignore it.
Now, are we facing an imminent threat that should lead us to liquidate positions this very week? In my opinion, no, but we are facing a structural wake‑up call that the crypto ecosystem cannot keep postponing. And here I want to dwell on several points that I believe are crucial to separate reasonable alarm from sensationalism.
First, it is necessary to understand that Google itself has handled this matter with uncommon responsibility. Aware that irresponsible disclosure of vulnerabilities can become a FUD weapon—capable of undermining public confidence in cryptocurrencies without a functional quantum computer yet existing to exploit them—the Google team has published its estimates accompanied by a zero‑knowledge proof (ZKP) that allows third parties to verify the validity of their claims without revealing the exact details of the quantum circuits. In other words, they have struck a balance between transparency and security: they demonstrate that the risk is real without providing a manual for attackers.
Moreover, they have collaborated with the U.S. government, Coinbase, the Ethereum Foundation, and the Stanford Institute for Blockchain Research to coordinate an orderly transition to post‑quantum cryptography. This approach of coordinated disclosure is the same one used in the cybersecurity industry for critical vulnerabilities, reflecting that the issue is being taken seriously without falling into irresponsible alarmism.
Second, it is worth clarifying the actual scope of the vulnerability. Elliptic curve cryptography is only exposed when the public key is visible. In Bitcoin, for example, an address that has never sent a transaction (i.e., has only received funds) keeps its public key hidden thanks to hashing. Therefore, the vulnerable group is limited to those addresses that have already spent funds—legacy pay‑to‑public‑key addresses or those that have reused addresses—as well as exchange wallets and platforms that constantly operate with active keys.
The 6.7 million BTC affected represent a significant portion, but not the entire supply. This means that even in the worst‑case scenario, there is room to protect funds that have not yet exposed their public key, as long as users migrate in time.
That “in time” is precisely the great challenge
The transition to post‑quantum cryptography is not a patch that can be installed with a software update. It requires agreeing on new standards, modifying the core of protocols (something that is deliberately slow and conservative in Bitcoin), coordinating thousands of developers, nodes, exchanges, and users. If Google’s timeline holds and by 2028 there are quantum computers capable of executing these attacks, the window to upgrade the entire global infrastructure is extremely tight.
But here I want to introduce a note of critical optimism: the industry has been working on post‑quantum solutions for years. There are experimental blockchains that already implement PQC, and projects like Ethereum have begun exploring the integration of quantum‑resistant signature schemes into their roadmaps.
Google’s own paper acknowledges that the knowledge needed to protect against these threats is already available; what is lacking is large‑scale deployment. In that sense, rather than a forced technological reset, we are facing a long‑distance race where the determining factor will be the community’s ability to coordinate.
From a personal perspective, I believe that warnings of this kind should be taken seriously, but without paralyzing us. The history of technology is filled with apocalyptic predictions that did not materialize within expected timeframes, but also with vulnerabilities that were ignored until it was too late. The reasonable approach involves three concrete actions:
- For individual users: avoid reusing addresses, move funds from old addresses with exposed public keys to new addresses that have not yet spent, and stay informed about post‑quantum standards that wallets will gradually adopt.
- For exchanges and custodians: begin implementing systems to monitor vulnerable addresses and develop contingency plans to migrate client funds to post‑quantum formats before the threat becomes imminent.
- For protocols and developers: accelerate discussions on incorporating PQC into roadmaps, learn from existing experiments, and set realistic but ambitious timelines.
What we cannot do is fall into the trap of labeling this warning as “FUD” simply because it is uncomfortable. Google has been extraordinarily careful in its disclosure, and its role as a leader in quantum computing gives it a technical credibility we cannot dismiss. If the community responds with disdain or complacency, it could find itself, within a few years, facing a situation where a considerable portion of funds—especially those dormant or in old addresses—become an impossible‑to‑protect prize.
As with the “resets” we discussed in previous articles, this is another kind of purge: a technological purge that will force us to abandon obsolete cryptography and adopt more robust standards. Projects that succeed will emerge stronger; those that rest on their laurels risk being left behind, or worse, becoming victims of the first wave of quantum attacks.
Quantum computing is not a distant hypothesis; it is a reality evolving at an accelerating pace. And like any disruptive evolution, it presents a choice: resist and perish, or adapt and evolve. It is up to the crypto community to decide which path to take.
For my part, I trust that the maturity gained after fifteen years of cycles, crashes, and resurgences will allow us to face this challenge with the precise combination of urgency and serenity that the situation demands. Because, after all, the promise of cryptocurrencies—that of decentralized, borderless digital money—deserves to be protected not only against today’s attacks, but also against those of the future. And the future, like it or not, is already knocking at the door.
