A new report from Google Quantum AI reveals that quantum computing could compromise the security of old Bitcoin addresses much sooner than anticipated.
According to researchers at Google Quantum AI, the advancement of quantum computing has ceased to be a theoretical variable and has become a technical timeline with defined deadlines.
In a recent and comprehensive report published in collaboration with researchers from Stanford University and the Ethereum Foundation, Google Quantum AI updated its projections of computing power in light of the advancement of this technology, while also establishing a critical roadmap for the security of blockchain networks.
From this research, entitled “Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities: Resource Estimates and Mitigations”, Data emerges that compels the industry to accelerate its transition to quantum strength standards, placing the concept of "Q-Day" —the moment when traditional cryptography becomes vulnerable to quantum computing— on a much closer and more tangible horizon.
The publication of this report, however, does not represent a death knell for cryptocurrencies, but rather a catalyst for their evolution. Furthermore, the developer community is already working on solutions that guarantee the ecosystem's survival, turning this challenge into an opportunity to strengthen the global financial infrastructure.
Click here and buy BitcoinThe end of immunity: 1.200 qubits to unlock Bitcoin's vault
According to the recent report According to Google's research, the most remarkable advance in quantum computing lies in a profound optimization of Shor's algorithm, an improvement that redefines previous estimates of the power needed to breach cryptographic systems.
For years, the scientific community assumed that violating a private key of Bitcoin from its public key It was a virtually impossible task. It was thought that millions of physical qubits, or at least thousands of completely stable logical qubits, would be needed to achieve it. However, the new study presents a very different picture. According to the researchers, around one thousand two hundred logical qubits and more efficient control of so-called Toffoli gates to decrypt a Bitcoin address in a matter of minutes.
The Hash Shield: Why aren't all directions vulnerable?
Despite the risk pointed out by Google Quantum AI researchers, it is crucial to understand that quantum computing It is not a "master key" snapshot.
Shor's algorithm, the main quantum tool for breaking public keys, has a fundamental limitation: it is extremely efficient at breaking Elliptic Curve Cryptography (ECDSA), but It is not useful for reversing Hash functionsas the SHA-256This distinction is what protects the majority of current network users.
In modern Bitcoin addresses, such as the formats P2PKH (Legacy), P2WPKH (SegWit) y tap rootThe public key is not exposed on the blockchain; it is hidden behind a double hash. Thus, as long as the funds remain untouched, a quantum attacker does not have a public key to attack with Shor's algorithm. In contrast, old addresses from the "Satoshi era," which are in the format P2PKThese are the ones that are at critical risk, since they do permanently display the public key in the registry, leaving the "treasure chest" open to any sufficiently powerful quantum computer.
The "On-Spend" Attack: The Critical Moment in the Mempool
Considering the above, the Google report identifies a specific weakness: the time frame in which a transaction is executed and processed. To spend funds, it is mandatory to reveal the public key to the network to prove that the user is the legitimate owner of those funds. And it is in this brief interval, while the transaction waits in the mempool—the waiting room before being confirmed in a valid block—that a super-fast quantum attacker could attempt to strike.
If the attacker manages to use Shor's algorithm to calculate the private key from the newly revealed public key, they could issue a competing transaction with a higher fee to "get ahead" and divert the funds to their own address.
While this "On-Spend" attack scenario requires astonishing computing power and network speed, Google's report warns that with 1.200 logical qubits, this risk is no longer theoretical. However, it's also important to remember that the Proof-of-Work architecture remains resilient, meaning the network will continue operating, requiring only an update to its digital signature layer to close this vulnerability.
Go to Bit2Me and buy BitcoinThe dilemma of 6,7 million BTC and the post-quantum transition
Google's report also focuses on "dormant" assets. It is estimated that approximately 1,7 million BTC are locked in old P2PK scriptswhere the public key is visible today. Furthermore, if we add up the addresses that have reused keys—exposing them in past transactions—the total vulnerable supply amounts to approximately 6,7 million BTC.
Most of these wallets have been inactive for a long time and it is believed that their owners cannot update them—as in the case of Satoshi—which fuels an increasingly frequent discussion in the community about the “digital rescue”Basically, this refers to a proposal to create a hard fork to protect funds before quantum computing reaches a point where it could compromise them.
For now, the industry's response is largely positive and proactive. Post-Quantum Cryptography (PQC) is already being integrated into cutting-edge protocols and tested to ensure that digital value remains secure and immutable. Google's report concludes that current transparency is the best defense: by establishing a "critical date" and clear metrics, it allows the crypto ecosystem to build the safeguards today that will guarantee financial sovereignty for decades to come.
Access Bitcoin today: go to Bit2Me
