Google’s Warning: Crypto May Not Have As Much Time As We Thought

Summary

• A new Google paper, co-authored by an Ethereum Foundation researcher, suggests cryptographically relevant quantum computers (CRQCs) could break elliptic curve cryptography (ECC) by 2029, pulling the threat timeline forward.
• Oratomic's concurrent research indicates a CRQC could be built with as few as ~10,000 reconfigurable atomic qubits—a 50x reduction from recent estimates—making its development "plausible though not guaranteed" by the end of this decade.
• The threat is existential for public blockchains because their security and "not your keys" model is entirely dependent on ECC, and they lack a central authority to reverse fraudulent transactions.
• Attack vectors include "on-spend" attacks (stealing funds from exposed public keys in the mempool within ~9 minutes) and the eventual recovery of all private keys from exposed public keys (e.g., Satoshi's coins).
• Bitcoin is highly vulnerable due to its 10-minute block time enabling on-spend attacks and faces a massive coordination challenge to migrate ~6.7M BTC (~$450B) held in vulnerable addresses.
• Ethereum's faster block time (12s) mitigates near-term on-spend risk, but its proof-of-stake consensus and vast smart contract ecosystem create a larger, more complex attack surface to secure.
• The crypto industry's migration to post-quantum cryptography (PQC) is lagging; it requires rebuilding protocol foundations, smart contracts, and wallets, a process that will take years and must start immediately.
• Some "quantum-first" Layer 1 blockchains exist but are obscure; their success hinges on major chains failing to migrate in time.
• A key disagreement exists within the cryptography community on the urgency; some experts (e.g., Matthew Green) are skeptical of a near-term threat, while the physicists building the computers are more optimistic.