Quantum calculations kill bitcoin and mine? Is this some kind of alarm

On March 31, 2026, Google Quantum AI, under Google, released a white paper of wide concern stating that future quantum computer requirements for bitcoin encryption were about 20 times lower than previously estimated. The study quickly discussed warming in the industry and the major title “Quantum computers 9 minutes to break bitcoin” began to spread in the market. But to be honest, this panic happens once or twice a year, except this time because it's under Google's name。

We have systematized this 57-page paper and a number of key studies published during the same period to disintegrate the true credibility of the claims, the extent to which the current development of quantum calculations has affected the encrypted currency and mining industry, and the stage and urgency of the risks involved。

Remeasured technology risks

TRADITIONALLY, THE SECURITY OF BITCOIN IS BASED ON A ONE-WAY MATHEMATICAL RELATIONSHIP. WHEN CREATING A WALLET, THE SYSTEM GENERATES A PRIVATE KEY, WHICH IS DRIVEN BY THE PRIVATE KEY. WHEN BITCOIN IS USED, THE USER NEEDS TO PROVE THAT IT OWNS THE PRIVATE KEY, BUT NOT TO DISCLOSE IT DIRECTLY, BUT TO GENERATE A NETWORK-VERIFIABLE ENCRYPTED SIGNATURE USING THE PRIVATE KEY. THE MECHANISM IS SAFE BECAUSE MODERN COMPUTERS TAKE BILLIONS OF YEARS TO REVERSE THE PRIVATE KEY FROM THE PUBLIC KEY, SPECIFICALLY BY BREAKING THE ELLIPTICAL CURVE DIGITAL SIGNATURE ALGORITHM (ECDCSA), WHICH IS MUCH LONGER THAN IS CURRENTLY FEASIBLE, SO THE BLOCK CHAIN HAS BEEN THOUGHT TO BE IMPENETRABLE FROM A PASSWORD LEVEL。

But the presence of quantum computers breaks that rule. It works in a different way and does not examine the key by key, but explores all possibilities at the same time and uses quantum interference to find the correct key. For example, traditional computers are like a single test key for a man in a dark room, and quantum computers are like a few universal keys that match all lock cores and approach the right answer more efficiently. Once the quantum computer is strong enough, the assailant can quickly calculate your private key from the public key you exposed, then forge a deal and transfer your bitcoin to his own name. Once such attacks occur, the irreversibility of the block chain trade makes asset recovery difficult。

On March 31, 2026, Google Quantum AI United Stanford University and the Etherdorf Foundation published a 57-page White Paper. Central to this paper is the assessment of the specific threat of quantum calculations to the elliptical curve digital signature algorithm (ECDCSA). Most block chains and encrypted currencies protect wallets and transactions using 256-bit elliptical curve passwords based on discrete logarithmic questions (ECDLP-256). The research team found that the quantum resources required to decipher CCDLP-256 had been significantly reduced。

They designed a quantum circuit to run the Shor algorithm, which is designed to reverse the private key from the public key. The circuits need to be operated on a specific type of quantum computer, i.e. a superconductive quantum computing structure. This is the main technological route currently being developed by Google, IBM and others, characterized by fast computing, but very low temperatures are needed to maintain quantum bits stability. Assuming that hardware performance meets Google Flag Quantum Processor standards, the attack can be completed with less than 500,000 physical quantum bits in minutes. This figure is about 20 times lower than previously estimated。

In order to assess this threat more intuitively, the team conducted a decomposition simulation. By configuring the above-mentioned circuits into the real trade environment of Bitcoin, they found that a theoretical quantum computer could be able to carry out reverse extrapolations from public to private keys in about 9 minutes, with a success rate of about 41 per cent. And the average bitcoin out of block is 10 minutes. This means more than about 32 to 35 per cent of the Bitcoin supply because the public key is already exposed to the threat of static break-ups, while the attackers can theoretically initiate a half-way block before your transaction is confirmed and steal the money. Although quantum computers with the above capabilities have not yet appeared, this finding has extended quantum attacks from “static asset harvesting” to “real-time transaction interception” and has caused considerable market anxiety。

Google gave another key message at the same time: the company advanced the internal deadline for late quantum code (PQC) migration to 2029. In short, the back quantum cipher migration is the "relocking" of all systems today that rely on the encryption of the RSA and elliptical curves, which is difficult to break into. This would have been a long planning cycle before Google released the White Paper. The timeline given by the National Institute of Standards and Technology (NIST) was to abandon old algorithms by 2030, to completely disable them by 2035, and the industry generally thought that it had about a decade to prepare. Google, however, based on recent progress in estimating three directions based on its own resources for quantum hardware, quantum error, and quantum factor disaggregation, judged that the quantum threat was closer than originally thought, and moved its internal migration to 2029. This objectively compresses the industry ' s preparation cycle and sends a signal to the encryption industry that quantum computers are moving faster than expected and that security upgrades need to be moved ahead of schedule. This is undoubtedly a landmark study, but anxiety has also been amplified during media dissemination. How should we rationally view this shock

Do you need to worry

Will quantum calculations disable the entire bitcoin network

There is a threat, but the threat is concentrated at the signature security level. Quantum calculations do not directly affect the bottom structure of the block chain or render mining mechanisms ineffective. It really targets digital signature links. Each transaction of Bitcoin requires a private key signature to prove the attribution of funds. The network verifies whether the signature is correct. The potential capability of quantum computing is to forge a signature by rolling out a private key after the public key。

this poses two real risks. one occurs in the course of a transaction. when a transaction is initiated, information enters the network but is not packed into the block, there is theoretically a possibility of being replaced first, and such attacks are called “on-send attack”. the other is for addresses that have historically been exposed to public keys, such as wallets that have not been used for a long time or that have been used again, which are more time-consuming and understandable。

However, it needs to be emphasized that these risks are not common to all Bitcoin or all users. Only during the few minutes of the window during which you initiated the transaction, or when the public key has been revealed in the history of your address. This is not an instant subversion of the entire system。

Is the threat coming so soon

“9 min decomposition” presupposes that a faulty quantum computer with 500,000 physical quantum bits has been manufactured. And Google's current state-of-the-art Willow chip has only 105 physical quantum bits, and IBM's Condor processors have about 1,121, several hundred times the threshold of 500,000. The estimate given by Justin Drake, a researcher at the ETA Foundation, is that the probability of Q-Day is only 10% by 2032. So it is not an imminent crisis, but it is not a tail risk that can be completely ignored。

What is the greatest threat to quantum computing

Bitcoin is not the most affected system; it is only the most visible and easily accessible system. The challenge posed by quantum calculations is a broader systemic problem. All Internet infrastructure that relies on public key encryption, including banking systems, government communications, secure e-mail, software signatures, and identification systems, will face the same threat. This is why institutions such as Google, the United States National Security Agency (NSA) and the United States National Institute of Standards and Technology (NIST) have continued to promote late quantum code migration over the past decade. Once a quantum computer with actual attack capability appears, it is not just the encrypted currency, but the trust system of the digital world as a whole. Thus, this is not a single risk for Bitcoin, but a systematic upgrading of the global information infrastructure。

Ideas and feasibility of quantum mining

On the same day as Google, GTQ Technologies published a research paper entitled " Kardashev Scale Quantum Company for Bitcoin Mining " which quantified the feasibility of quantum mining from a physical and economic standpoint. The author of the paper, Pierre-Luc Dallaire-Demers, from the bottom hardware to the upper tier algorithms, modeled the entire technical chain involved in quantum mining, thus estimating the actual cost of mining using quantum computers。

The study found that even under the most favourable assumptions, mining with quantum computers would require approximately 108 physical quantum bits and 104 MW, which would be equivalent to the total output of a large national grid. In January 2025, the main network of Bitcoin was difficult, and the resource requirements soared to approximately 1,023 physical quantum bits and 1025 watts, which is close to the energy output level of a star. In contrast, the entire Bitcoin network currently consumes approximately 13-25 gigawatts, which is more than one measure different from the energy required for quantum mining。

The study further noted that the theoretical acceleration advantage of Grover algorithms would be offset by various costs in the actual works and could not really be translated into mining revenues. Quantum mining is impractical at the physical and economic levels。

Google is not the only body discussing this issue. Research is already under way, including the Coinbase, the Etherwood Foundation and the Stanford Block Chain Research Centre. Justin Drake, a researcher at the ETA Foundation, evaluated that “by 2032, quantum computers will recover at least 10 per cent of their personal key from exposed public keys. Although the emergence of a coded quantum computer before 2030 is still unlikely, it is certainly time to start preparing.”

So we do not need to worry at this point about the fatal impact of quantum calculations on mining, because the magnitude of its resource requirements goes well beyond any rational economic decision-making. Nobody spends so much energy to rob a block of 3.125 bitcoins。

Encryption money doesn't die, but it needs to be upgraded

If quantum calculations raise a question, then the industry has always had an answer. The answer is "Post-Quantum Criptoppropy, PQC" -- encryption algorithms that are also resilient to quantum computers. Specific technical pathways include the introduction of antiquant signature algorithms, the optimization of address structures to reduce public key exposure, and the gradual completion of migration through protocol upgrading. At present, NIST has completed the standardization of late quantum cryptography, in which ML-DSA (digital signature algorithm based on modular cells, FIPS 204) and SLH-DSA (non-state signature algorithm based on Hashi, FIPS 205) are the two main core late quantum signature programs。

At the Bitcoin network level, BIP 360 (Pay-to-Merkle-Root, short P2MR) was formally incorporated into the Bitcoin Improvement Proposal Library in early 2026. It's about a trade model introduced by the Taproot upgrade activated in 2021. Taproot is intended to enhance the privacy and efficiency of Bitcoin, but its key path-consuming function exposes the public key at the time of the transaction and may become the target of quantum attacks in the future. The core idea of BIP 360 is to remove this exposure path, change the structure of the transaction, and eliminate the need for a public key to be displayed for money transfers, thereby reducing quantum risk exposure from the source。

For the encrypted money industry, the upgrading of block chains involves a range of issues such as chain compatibility, wallet infrastructure, address systems, user migration costs and community coordination, requiring the participation of agreement layers, clients, wallets, exchanges, trustees and even ordinary users to upgrade the entire ecosystem. But at least there is industry-wide consensus on this, and follow-up is only a matter of implementation landing and time cycles。

It's a scary title. It's not that fast

After detailed dismantling of these latest developments, it can be seen that things are not as sensational as they are. While human studies of quantum calculations are accelerating towards reality, we still have sufficient response time. Today's bitcoin is not a static system, but a network that has evolved over the past decade or so. From script upgrading to Taproot, from privacy improvement to outreach programmes, it has been searching for a balance between security and efficiency in a changing context。

The challenges posed by quantum calculations may only justify the next upgrade. The quantum clock is ticking. The good news is that we all hear its voice and have time to react. In this era of evolving computing capabilities, what we need to do is to keep the confidence mechanisms of the encrypted world ahead of technological threats。