Google says a quantum attack on Bitcoin could take 9 minutes with a 41% success rate
Google says a quantum attack on Bitcoin could take 9 minutes with a 41% success rate 
Cryptocurrency Mar 31, 2026 Share
Google’s Quantum AI team has proved that a sufficiently powerful quantum computer could derive a Bitcoin (BTC) wallet’s private key in approximately nine minutes, fast enough to intercept and redirect a transaction before it is confirmed on the blockchain in an estimated 41% of cases.
Quantum computers’ attack speed vs network variance: Source: Google
The research, published on March 30 as a whitepaper co-authored by the Ethereum Foundation and Stanford University, estimates that cracking the elliptic curve cryptography protecting Bitcoin wallets may require fewer than 500,000 physical qubits, a roughly 20-fold reduction from prior published estimates. The researchers determined that a quantum attacker could extract a victim’s public key from the network’s mempool and apply Shor’s algorithm to derive the corresponding private key.
Given Bitcoin’s average block confirmation time of approximately 10 minutes, a 9-minute quantum derivation window creates an overlap during which an attacker could complete the process before a transaction is finalised. As such, the Google research team urged the Bitcoin network to migrate from its Elliptic Curve Digital Signature Algorithm (ECDSA) to post-quantum cryptography (PQC) before the end of this decade.
Bitcoin quantum computing attack worsened by Taproot upgrade
Reportedly, about 6.9 million BTCs, currently valued at $466 billion, are held in wallets whose public keys are already permanently visible on-chain. The Bitcoin Taproot upgrade, activated in November 2021, may have increased this exposure by making more public keys visible on-chain.
While Taproot improved transaction efficiency and privacy through Schnorr signatures, it implemented a structure in which public keys are made visible on-chain by default, increasing the number of wallets whose public keys are visible and potentially making more wallets vulnerable than in legacy formats.
What’s the reaction of BTC users?
The revelation of an imminent threat to the Bitcoin network from quantum computing attacks elicited different responses. For instance, Justin Drake, a Bitcoin security researcher, urged the community to start preparing for post-quantum encryption.
“There’s at least a 10% chance that by 2032, a quantum computer could recover a secp256k1 ECDSA private key from an exposed public key. While a cryptographically-relevant quantum computer (CRQC) before 2030 still feels unlikely, now is undoubtedly the time to start preparing,” Drake stated.
Charles Guillemet, CTO of Ledger, highlighted that the Bitcoin community has the cryptographic tools required for a post-quantum migration but must act promptly, warning that the network’s long-term security model is under increasing scrutiny as the threat timeline shortens.
