Google quantum advance may hasten threat to Bitcoin, Ethereum

On March 31, 2026, Google Quantum AI published a demonstration of an optimized quantum circuit that reduces the resources needed to solve the elliptic-curve discrete logarithm problem (ECDLP), the mathematics that secures private keys and addresses on Bitcoin and Ethereum. Google released a zero-knowledge proof (ZKP) confirming the result without publishing the full circuit designs.

Google’s claim centers on cutting both runtime and logical qubit counts for attacks on elliptic-curve signatures. The company said the approach would require fewer than 1,200 logical qubits. Logical qubits are error-corrected units; building each one requires many more physical qubits, so the figure points to a hard engineering challenge but to a lower bar than earlier public estimates.

Within weeks of the ZKP release, outside researchers and hobbyists reconstructed the technique. French researcher André Schrottenloher published a preprint describing circuit constructions with costs similar to Google’s proof. Hobbyist contributors and independent researchers reported further optimizations that improved Google’s initial numbers by more than 8 percent.

The ZKP design allowed outsiders to test candidate circuits without seeing Google’s proprietary designs. Ledger’s chief technology officer, Charles Guillemet, described the proof as being “designed to hide the attack” while noting that it effectively provided a way to score and refine candidate solutions.

Justin Drake of the Ethereum Foundation, a co-author on related work, updated timeline estimates after the public rediscovery and optimization. He places the probability of a quantum-capable attack on major blockchains-often referred to as Q‑Day-at 50 percent by 2032 and 10 percent by 2030. Drake rejected a 2035 deadline set by the U.S. government as overly optimistic. Ethereum, Google and Cloudflare are coordinating on a migration target to post-quantum cryptography by 2029, and Drake is working on replacing existing signatures with hash-based schemes that resist these quantum attacks.

Researchers and hobbyists used automated tools and machine learning to speed reconstruction and optimization. Craig Gidney, a quantum researcher, posted that outsider work produced circuits with comparable resource costs and highlighted rapid public progress. The public verification mechanism offered by the ZKP enabled automated searches to test and refine candidate circuits quickly.

Security specialists urged caution about switching to new cryptographic schemes without broad testing. Guillemet warned that adopting untested replacements too quickly could introduce vulnerabilities that pose other risks. Researchers noted the current practical danger is limited by the gap between available quantum hardware and the logical qubit counts required for an attack, while also observing that the gap between classified research and public knowledge is narrowing.

For now, experts recommend planning and accelerating migration strategies rather than immediate emergency action. Custodial services and projects that manage long-lived keys are being advised to audit key lifetimes, prepare for post-quantum upgrades and monitor advances in error correction and qubit scaling. The debate over publication control and disclosure timelines is ongoing as academic and hobbyist communities continue to test and share techniques for quantum cryptanalysis.