rewrite this title and make it good for SEO 9 Minutes to Crack a Bitcoin Wallet: How Real Is the Quantum Threat?

On March 30, 2026, Google Quantum AI published a new whitepaper revealing that a theoretical quantum computer could derive a private key from a public key on the Bitcoin network in just a few minutes. This timeframe closely aligns with Bitcoin’s 10-minute mining cycle, raising the scenario of an “On-Spend Attack” where a transaction pending confirmation could be intercepted and replaced.

Additionally, Google experts recommended that blockchain projects complete their migration to Post-Quantum Cryptography (PQC) before 2029 to safeguard digital signatures and transactions against sufficiently powerful future quantum computers.

Understanding the Quantum Threat 

The research illustrates a scenario in which quantum computers could compromise the core security mechanisms of Bitcoin and Ethereum. Instead of a direct attack on the wallet, this method targets the public key—which becomes visible on the blockchain during a transaction—to derive the private key, the ultimate factor controlling the assets.

Current security relies on cryptographic problems considered nearly impossible for classical computers to solve, but which could be significantly accelerated by quantum systems. According to Google’s estimates, a theoretical quantum system could perform this calculation using approximately 1,200–1,450 logical qubits and 70–90 million Toffoli gates, with a total physical qubit count under 500,000 physical—substantially lower than previous projections. These estimates were validated using the Zero-Knowledge Proof (ZKP) method.

In architectures utilizing superconducting systems, execution time could be reduced to mere minutes. This is particularly critical because public keys are typically exposed only during the transaction process, creating a narrow window of vulnerability where assets could be exploited if the private key is derived rapidly enough.

However, the research emphasizes that quantum computers with sufficient power to execute this scenario do not yet exist, and current estimates reflect capabilities under theoretical conditions.

Inside Bitcoin’s 10-Minute Window 

A primary scenario highlighted in the report is the “On-Spend Attack,” targeting transactions pending in the network’s mempool. Once a public key is broadcast after a transaction is initiated, a theoretical quantum system could attempt to derive the private key before the next block is confirmed.

With the Bitcoin network’s average confirmation time of 10 minutes, a “waiting window” is created, allowing an attacker to compete directly with the original transaction. If the calculation is completed in time, they could broadcast a replacement transaction with a higher fee to ensure priority inclusion in the block.

Race Against the Block: Attack Speed vs. Network Variance. Source: Google

Consequently, the success of such an intervention is strictly tied to the duration of this window. Blockchains with shorter block times, such as Litecoin (approx. 2.5 minutes), Zcash (75 seconds), or Dogecoin (1 minute), significantly narrow the operational timeframe for an attacker.

However, these estimates assume a non-congested network. In practice, an attacker could intentionally spike fees or flood the mempool to increase the probability of their fraudulent transaction being prioritized for confirmation.

The Hardware Gap — and the Race to PQC 

While estimates show a significant reduction in attack execution time, a cryptanalytically relevant quantum computer (CRQC) does not yet exist. Only specific quantum architectures, such as superconducting systems, can potentially reach the speeds required for fast-attack scenarios, while other systems remain limited by processing constraints.

In a March 25, 2026 announcement, Heather Adkins, VP of Security Engineering at Google, and Sophie Schmieg, Senior Staff Cryptography Engineer, stated that the company aims to complete its transition to Post-Quantum Cryptography (PQC) by 2029. This move is designed to protect encryption and digital signatures from future quantum-enabled adversaries.

This transition is vital for authentication systems and digital signatures—the backbone of blockchain transactions. During this period, short-term mitigations include restricting address reuse and minimizing public key exposure.

Not All Risks Are Equal

Wallet Exposure 

The actual impact of the quantum threat varies across different wallet types, depending on whether the public key has been previously exposed on the blockchain.

Vulnerable Wallets: These include legacy P2PK (Pay-to-Public-Key) addresses or wallets practicing address reuse, where the public key is already publicly available.Lower-Risk Wallets: Modern formats such as P2PKH (Pay-to-Public-Key-Hash) or Taproot offer better protection, as the public key is hashed and only revealed at the moment of spending.

System-Level Risks 

For Bitcoin, the risk is concentrated in “dormant” addresses with exposed public keys that are no longer active. An estimated 1.7–2.3 million BTC fall into this category. If exploited, this massive volume of assets could re-enter the market, creating significant pressure on the circulating supply.

On Ethereum, the impact is broader due to the ecosystem’s reliance on smart contracts and administrative keys. Approximately 20.5 million ETH in large wallets have exposed public keys, while admin keys for stablecoins, bridges, and oracles could represent critical points of failure if compromised.

Under Ethereum’s Proof-of-Stake (PoS) mechanism, controlling more than one-third of the staked ETH could disrupt finalization, while a two-thirds threshold allows for control of the consensus mechanism. If validator private keys are compromised, these thresholds become targets, elevating the risk from individual wallets to the entire network infrastructure.

Conclusion 

The Bitcoin network is not currently under direct attack, as sufficiently powerful quantum hardware remains a future development. However, new estimates show that the gap between attack capability and transaction processing time is closing, gradually eroding the system’s safety margins.

Similar risks extend to Ethereum and other blockchain platforms, where the attack surface is larger due to complex smart contract infrastructures. In this landscape, transitioning to Post-Quantum Cryptography (PQC) has become an essential step in securing digital signatures and blockchain integrity for the long term.