Google just sounded the alarm. The company published new research showing that quantum computers are much closer to breaking cryptocurrency cryptography than anyone thought. The timeline has collapsed from months to minutes.
The breakthrough changes the threat model entirely. Mempool attacks (where an attacker steals funds before a transaction confirms) just became a real possibility.
Project Eleven, a research account focused on quantum risk, summed up the findings in a thread that quickly went viral. Their take: existing cryptography is dead. Migration to post-quantum standards needs to happen now.
What you'll learn 👉
The Numbers That Changed Everything
Google’s new resource estimates show that cracking a private key requires only 1,200 to 1,450 logical qubits, depending on the architecture. That is a 10‑fold improvement over previously published work. Until now, estimates placed the required qubit count well beyond current hardware capabilities. Google just shrunk the gap.
Even more alarming is the speed. A quantum computer could now crack a private key in nine minutes. Bitcoin’s average block time is ten minutes.
That timing matters. A mempool attack works like this: an attacker watches the mempool for a transaction, cracks the private key of the sending address before the transaction is confirmed, and broadcasts a competing transaction to redirect the funds. With a nine‑minute crack time, that window is wide open.
Vulnerable Bitcoin at Risk
Google used Project Eleven’s Bitcoin Risq List to identify the roughly 6.7 million Bitcoin sitting in vulnerable addresses. Of that total, 1.7 million BTC sits in P2PK scripts, including Satoshi-era mining rewards where the public key is permanently exposed onchain. Those coins are effectively sitting targets.
The top 1,000 Ethereum wallets, Google notes, could be broken in less than nine days.
Read also: Here’s What Happened the Last Time Bitcoin Price Had 6 “Red” Months in a Row
Google Is Treating This as a Security Vulnerability
In an unusual move, Google considered the underlying quantum circuits too dangerous to publish. Project Eleven pointed out that this is the first time such a precaution has been taken in quantum resource estimation. Google is treating blockchains like a security vulnerability that will be exploited unless the industry acts.
The company also warned that quantum progress will be swift. There will be no extra warning signs or canaries in the coal mine. What the public sees now is the threshold.
For Bitcoin and other blockchains, the path forward is clear but difficult. The industry must migrate to post‑quantum cryptography—signature schemes like SPHINCS+, Falcon, or Dilithium that resist quantum attacks. No major chain has completed that transition yet.
The clock is no longer theoretical. Google just showed that the math behind crypto’s security is not safe forever. The question now is how fast the industry can move before the first quantum computer gets used for something other than research.
Subscribe to our YouTube channel for daily crypto updates, market insights, and expert analysis.
