The Quantum Artificial Intelligence team at Google has presented a striking new estimate: next-generation quantum computers, still under development, could theoretically deduce the private key of a Bitcoin wallet from its public key in just nine minutes. This projection quickly spread across social media, generating significant anxiety in both the cryptocurrency community and financial markets.
The impact of quantum computers on Bitcoin
In the Bitcoin system, transactions are authorized through the use of a secret private key, with a corresponding public key shared across the network to verify the transaction’s authenticity. When users initiate bitcoin transfers, their transactions queue in the network’s so-called mempool—a staging area—until they are validated and added to the blockchain. Typically, this process takes about ten minutes. However, Google’s report suggests that, in the event quantum computers reach the projected capacity, a private key could be calculated from the public key in just nine minutes, challenging the very foundation of Bitcoin security.
To achieve such rapid results, attackers would need to conduct substantial preparatory calculations before any operation begins. Once the public key is available in the mempool, an attacker could, in theory, complete the necessary quantum calculations within nine minutes and retrieve the private key before the transaction is confirmed. With transaction validation times averaging ten minutes, this would create a vulnerability window where malicious actors could potentially redirect funds before a transaction is finalized.
Bitcoin’s security is currently built on mathematical puzzles considered infeasible for classical computers to solve. A truly advanced quantum computer, however, could run algorithms powerful enough to break these cryptographic safeguards, undermining one of the core assurances of the world’s most valuable cryptocurrency.
Risks associated with public keys and emerging threats
The gravest concern centers around older wallets and those with public keys exposed directly in the blockchain. Bitcoin addresses generated in its early years—using the so-called “pay-to-public-key” format—and wallets that repeatedly use the same address make their public keys permanently visible. In these instances, attackers might not even need to wait for a new transaction; their ability to target such wallets would not be constrained by standard transaction confirmation times.
Experts also highlight the Bitcoin “Taproot” upgrade as an additional risk factor. Taproot, which introduced changes to address formats, dramatically increased the number of wallets with public keys directly exposed on the chain—unintentionally expanding the potential attack surface for quantum adversaries.
At present, the most powerful quantum computers only reach about a thousand physical qubits, while experts estimate that a machine with 500,000 qubits would be required to feasibly break Bitcoin’s cryptography. In other words, this vulnerability remains theoretical for now and does not pose an immediate threat, given current technological limitations.
Furthermore, Bitcoin’s block production relies on the SHA-256 hashing algorithm. As quantum computers are not expected to deliver significant gains against SHA-256 in the mining process, the integrity of Bitcoin mining is unlikely to be compromised. Still, the eventual possibility that private keys could be quickly derived from public keys would fundamentally challenge users’ trust in Bitcoin’s security promises.
Addressing this looming issue will require a transition to post-quantum cryptographic techniques within blockchain technology. Ethereum has long been actively preparing for such a shift; in contrast, Bitcoin has yet to seriously discuss or implement preparations for quantum-resistant protocols, leaving the question of future-proofing the system unresolved.
