A new wave of concern has arisen over the security of digital assets, following research suggesting that quantum computers may be able to break current blockchain encryption protections much sooner than previously thought. A collaborative study by the California Institute of Technology and the startup Oratomic found that the ECC-256 encryption safeguarding Bitcoin and Ethereum blockchains may be vulnerable to attack by quantum computers equipped with far fewer qubits than once assumed.
Threshold for quantum threat lowered
The study concluded that a quantum system with around 26,000 qubits could, in theory, solve the 256-bit elliptic curve encryption (ECC-256)—the backbone of wallet security for Bitcoin and Ethereum—in as little as ten days. In contrast, the widely used RSA-2048 standard, which is common in financial institutions for internet protection, would require more than 102,000 qubits and up to three months to breach, according to the researchers.
The research further argued that the cryptography guarding Bitcoin and Ethereum wallets is not as impervious as once thought. Where early forecasts estimated that hundreds of thousands of qubits would be needed to crack such systems, the new analysis cuts this requirement down to as few as 10,000 qubits in optimal scenarios.
Qubits, the quantum analogue of classical computing bits, define a quantum computer’s scale and processing capacity in much the same way that core or transistor count defines the scope of traditional digital processors. The significance lies not in the raw speed, but in the scale at which quantum computers can execute complex operations simultaneously.
Mounting risk to encryption standards
A separate report from Google’s Quantum AI team had previously indicated that ECC-256 encryption could be cracked with under 500,000 qubits. The Oratomic researchers, however, proposed that with their emerging “neutral atom” approach—which involves manipulating atoms with lasers—similar results might be achieved with as little as a fiftieth of the qubit count suggested by Google’s findings.
Taken together, these studies illustrate a dramatic reduction in hardware needs for codebreaking using Shor’s algorithm over the past two decades. What once seemed to require billions of qubits now looks plausible with tens of thousands, meaning plausible timelines for potential “quantum attacks” on major digital assets may be significantly closer than expected.
If these new techniques reach full operational maturity, the researchers say, quantum computers could potentially extract private keys within ten days—enabling attackers to take control of targeted digital assets. For RSA-2048 encryption, as typically used in banking standards, coordinated quantum efforts could reduce the cracking time to approximately three months.
Elliptic curve encryption appears especially vulnerable because it provides robust security with shorter key lengths, making it a relatively easier target for quantum machines compared to RSA-2048. However, while the Google report explored hypothetical “instant attack” scenarios, analysts generally agree that, based on current expectations, such risks are unlikely to be realized in the very near term.
Still, millions of Bitcoins and other digital currencies stored in dormant wallets—or in addresses that have not updated their encryption standards—may face increasing long-term risk. Some of the researchers are affiliated with Oratomic, and the report serves both as a scientific finding and as a strategic blueprint for the company’s hardware development approach.
