Does quantum computing spell the end for Bitcoin and mining? Is this just alarmism?

On March 31, 2026, Google’s Google Quantum AI released a white paper that garnered widespread attention, stating that the resources required for future quantum computers to crack Bitcoin encryption are approximately 20 times lower than previously estimated. This research quickly sparked discussions within the industry, and the sensational headline "Quantum Computers Breach Bitcoin in 9 Minutes" began circulating in the market. To be honest, this kind of panic occurs once or twice a year; it's just that this time, it sounds particularly alarming because it's backed by Google's name.

We systematically analyzed this 57-page document and several key studies released at the same time to break down the credibility of the related claims, assess the current impact that quantum computing development has on the cryptocurrency and mining industry, and evaluate the related risks, including whether they are imminent.

Reassessing Technical Risks

Traditionally, the security of Bitcoin is based on a one-way mathematical relationship. When creating a wallet, the system generates a private key, and the public key is derived from the private key. When using Bitcoin, users need to prove ownership of the private key, but they do not directly reveal it; instead, they generate a cryptographic signature that the network can verify using the private key. This mechanism is secure because modern computers would need billions of years to reverse engineer the private key from the public key. Specifically, the time required to break the Elliptic Curve Digital Signature Algorithm (ECDSA) exceeds the currently feasible limits, thus the blockchain has always been regarded as unbreakable from a cryptographic perspective.

However, the emergence of quantum computers breaks this rule. They operate differently; instead of checking keys one by one, they explore all possibilities simultaneously and utilize quantum interference effects to find the correct key. To illustrate, traditional computers are like a person in a dark room trying keys one by one, while quantum computers are like multiple master keys that can simultaneously match all locks, arriving at the correct answer more efficiently. Once quantum computers become powerful enough, attackers can quickly calculate your private key from your exposed public key and forge a transaction to transfer your Bitcoin to their own account. Once such an attack occurs, due to the irreversibility of blockchain transactions, assets will be very difficult to recover.

On March 31, 2026, Google Quantum AI, in collaboration with Stanford University and the Ethereum Foundation, released a 57-page white paper. The core of this paper is evaluating the specific threats that quantum computing poses to the Elliptic Curve Digital Signature Algorithm (ECDSA). Most blockchains and cryptocurrencies use 256-bit elliptic curve cryptography based on the discrete logarithm problem (ECDLP-256) to secure wallets and transactions. The research team found that the quantum resources needed to crack ECDLP-256 have significantly reduced.

They designed a quantum circuit running Shor's algorithm specifically for the purpose of deriving the private key from the public key. This circuit must run on a specific type of quantum computer, namely superconducting quantum architecture. This is the primary technological route being developed by companies such as Google and IBM, characterized by fast computation speeds but requiring extremely low temperatures to maintain qubit stability. Assuming hardware performance meets the standards of Google's flagship quantum processor, this attack could be completed in under 500,000 physical qubits in just a few minutes. This number is approximately 20 times lower than previous estimates.

To better assess this threat, the research team conducted a cracking simulation. They applied the above-mentioned circuit configuration to a real Bitcoin transaction environment and found that a theoretical quantum computer could complete the reverse derivation from public key to private key in about 9 minutes with a success rate of about 41%. The average block time for Bitcoin is 10 minutes. This means that approximately 32% to 35% of the Bitcoin supply is at risk of being statically breached due to exposed public keys, and attackers could theoretically intercept transactions before they are confirmed and withdraw funds first. Although quantum computers capable of such feats have not yet emerged, this finding extends quantum attacks from "static asset harvesting" to "real-time transaction interception," also causing considerable anxiety in the market.

At the same time, Google provided another key piece of information: the company has moved the internal deadline for transitioning to post-quantum cryptography (PQC) to 2029. In simple terms, the transition to post-quantum cryptography means "changing locks" on all systems currently dependent on RSA and elliptic curve cryptography to locks that are difficult for quantum computers to breach. Before Google released this white paper, this was a long-term project. The previous timeline given by the National Institute of Standards and Technology (NIST) was to phase out old algorithms by 2030 and completely ban them by 2035. The industry generally believed there was still about a decade to prepare. However, based on recent progress in its quantum hardware, quantum error correction, and quantum factorization resources, Google judged that the quantum threat is closer than originally thought and significantly advanced its internal migration deadline to 2029. This objectively compresses the preparation period for the entire industry and sends a signal to the cryptocurrency industry: the advancement of quantum computers is faster than expected, and security upgrades need to be prioritized. This is undoubtedly a milestone research, but in the process of media dissemination, anxiety has also been amplified. How should we rationally view this shock?

Should We Really Worry?

Will Quantum Computing Render the Entire Bitcoin Network Ineffective?

There is a threat, but the threat is concentrated at the signature security level. Quantum computing will not directly affect the underlying structure of the blockchain or make the mining mechanism ineffective. Its real target is the digital signature process. Every Bitcoin transaction requires a private key signature to prove fund ownership. The network verifies if the signature is correct. The potential capability of quantum computing is to reverse engineer the private key after the public key is made public, thereby forging the signature.

This brings two types of real risks. One occurs during the transaction process. When a transaction is initiated, and information enters the network but has not yet been packaged into a block, there is theoretically a possibility of being replaced in advance; such an attack is called an "on-spend attack." The other risk targets historically exposed public keys from addresses, such as wallets that have not been used for a long time or those that have reused addresses; these attacks have more time and are easier to understand.

However, it is important to emphasize that these risks do not apply universally to all Bitcoin or all users. You will only face the threat during that few-minute window after initiating a transaction or if your address has previously exposed a public key. This is not an immediate overturn of the entire system.

Will the Threat Come So Soon?

The premise of “breaking in 9 minutes” is that a fault-tolerant quantum computer with 500,000 physical qubits has been created. However, Google's most advanced Willow chip currently has only 105 physical qubits, while IBM's Condor processor has about 1,121, leaving hundreds of times the gap to the 500,000 threshold. Ethereum Foundation researcher Justin Drake estimates that the probability of a quantum cracking day (Q-Day) occurring by 2032 is only 10%. So this is not an imminent crisis, but it is also not a tail risk that can be completely ignored.

What Is the Greatest Threat of Quantum Computing?

Bitcoin is not the most affected system; it is merely the most intuitively valued and easiest for the public to perceive. The challenge posed by quantum computing is a broader systemic issue. All internet infrastructure that relies on public key cryptography, including banking systems, government communications, secure email, software signatures, and identity authentication systems, will face the same threat. This is precisely why organizations such as Google, the National Security Agency (NSA), and the National Institute of Standards and Technology (NIST) have continuously promoted the transition to post-quantum cryptography over the past decade. Once quantum computers with real attack capabilities emerge, the impact will not just be on cryptocurrencies but on the entire trust system of the digital world. Therefore, this is not a singular risk belonging to Bitcoin, but a systemic upgrade facing the global information infrastructure.

The Imagination and Feasibility of Quantum Mining

On the same day that Google released its paper, BTQ Technologies published a research paper titled "Kardashev Scale Quantum Computing for Bitcoin Mining," quantifying the feasibility of quantum mining from physical and economic perspectives. The paper's author, Pierre-Luc Dallaire-Demers, modelled every technical aspect involved in quantum mining from bottom-level hardware to upper-level algorithms, thereby estimating the actual costs of mining with quantum computers.

The study found that even under the most favorable assumptions, mining with quantum computers still requires about 10⁸ physical qubits and 10⁴ megawatts of power, which is approximately equivalent to the total output of a large national power grid. Under the Bitcoin mainnet difficulty as of January 2025, the required resources soar to about 10²³ physical qubits and 10²⁵ watts, which is already close to the energy output level of a star. In contrast, the total power consumption of the entire Bitcoin network is currently about 13-25 gigawatts, differing by more than an order of magnitude from the energy scale required for quantum mining.

The research further indicates that the theoretical speed-up advantage of Grover’s algorithm would be offset by various overheads in practical engineering, making it impossible to translate directly into mining profits. Quantum mining is impractical both physically and economically.

Google is not the only institution discussing this issue. Organizations including Coinbase, the Ethereum Foundation, and the Stanford Blockchain Research Center are also advancing related research. Ethereum Foundation researcher Justin Drake commented, "By 2032, the probability of a quantum computer recovering the secp256k1 ECDSA private key from an exposed public key is at least 10%. While it still feels unlikely that a cryptographically significant quantum computer will appear before 2030, it is undoubtedly time to start preparing."

Therefore, we currently do not need to worry about quantum computing posing a fatal blow to mining, as the resource requirements are far beyond any rational economic decision-making range. No one would spend so much energy to grab 3.125 bitcoins from a block.

Cryptocurrencies Will Not Vanish, But Upgrades Are Necessary

If quantum computing has raised a question, the industry has actually had an answer all along. This answer is "post-quantum cryptography" (PQC), which refers to cryptographic algorithms that can withstand quantum computers. Specific technical pathways include introducing quantum-resistant signature algorithms, optimizing address structures to reduce public key exposure, and gradually completing migrations through protocol upgrades. Currently, NIST has completed the standardization of post-quantum cryptography, with ML-DSA (Module-Lattice-Based Digital Signature Algorithm, FIPS 204) and SLH-DSA (Hash-Based Stateless Signature Algorithm, FIPS 205) being the two core post-quantum signature schemes.

At the level of the Bitcoin network, BIP 360 (Pay-to-Merkle-Root, abbreviated as P2MR) was officially included in the Bitcoin Improvement Proposal library in early 2026. It targets a transaction mode introduced by the Taproot upgrade activated in 2021. Taproot was originally intended to enhance Bitcoin’s privacy and efficiency, but its "key path spending" feature exposes the public key during transactions, potentially making it a target for quantum attacks in the future. The core idea of BIP 360 is to remove this exposed public key path, changing the transaction structure so that fund transfers no longer require displaying the public key, thereby reducing the exposure to quantum risk from the source.

For the cryptocurrency industry, upgrading the blockchain involves a series of issues related to on-chain compatibility, wallet infrastructure, address systems, user migration costs, and community coordination. It requires participation from the protocol layer, clients, wallets, exchanges, custodians, and even ordinary users to update the locks of the entire ecosystem. However, at least the entire industry has reached a consensus on this, and the subsequent advancement is merely an issue of execution and time cycle.

The Headline Is Alarming, But Reality Is Not So Urgent

After dissecting these latest developments in detail, it is clear that things are not as sensational as they seem. While human research on quantum computing is undoubtedly accelerating towards reality, we still have ample response time. Today's Bitcoin is not a static system but a network that has continuously evolved over the past decade. From script upgrades to Taproot, from privacy improvements to scalability solutions, it has been searching for a balance between safety and efficiency amidst continuous change.

The challenges brought by quantum computing may simply be a reason for the next upgrade. The quantum computing clock is ticking. The good news is that we can all hear its sound and have time to respond. In this era of ever-evolving computational power, what we need to do is ensure that the trust mechanisms of the cryptocurrency world always stay ahead of technological threats.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。