TLDR
- Google’s new whitepaper says a quantum computer could break a Bitcoin transaction in about 9 minutes
- Only ~500,000 qubits needed to crack Bitcoin’s encryption — 20x fewer than previous estimates
- Around 6.9 million Bitcoin are already vulnerable, including 1.7 million from the Satoshi era
- Bernstein says the risk is “real but manageable” with a 3–5 year window to upgrade
- BIP-360 is a proposed soft-fork that could reduce quantum exposure for Bitcoin wallets
Google has published a new whitepaper warning that a quantum computer could crack a Bitcoin transaction in roughly nine minutes. The paper, released on March 30, comes from Google’s Quantum AI team and outlines how quickly the threat could become real.
The research found that fewer than 500,000 qubits would be needed to break the 256-bit elliptic curve cryptography that protects Bitcoin wallets and transactions. That is about 20 times fewer qubits than earlier estimates suggested.
Bitcoin transactions expose a public key for a brief window before they confirm. A sufficiently powerful quantum computer could use that public key to calculate the private key and steal funds during that window.
It takes around 10 minutes for a Bitcoin transaction to confirm. Google’s paper estimates a quantum attack launched in that window would have just under a 41% chance of success.
The paper identified around 6.9 million Bitcoin as already vulnerable. That includes roughly 1.7 million coins from the early Satoshi era, where public keys were exposed by default.
The 2021 Taproot upgrade, which was intended to improve Bitcoin’s privacy and efficiency, also exposes public keys by default. Google said this decision could increase the number of vulnerable wallets.
Ethereum and other cryptocurrencies that confirm transactions faster than Bitcoin are considered less exposed to this specific type of attack.
The Race to Upgrade
Wall Street firm Bernstein described the quantum risk as “real but manageable” in a research note. The firm said recent Bitcoin price swings already reflect growing market awareness of the threat.
🚨HUGE: QUANTUM RISK TO $BTC "NEITHER EXISTENTIAL, NOR NOVEL"
According to several Bernstein analysts speaking to DLNews, the quantum threat posed to Bitcoin is little more than a required technical upgrade for $BTC.
As DLNews wrote, it is "not a death sentence for Bitcoin".… pic.twitter.com/E97B27J2AX
— BSCN (@BSCNews) April 9, 2026
Bernstein estimates developers have roughly 3–5 years before quantum machines capable of real-world attacks become available. That window gives the Bitcoin community time to coordinate an upgrade.
One proposal on the table is BIP-360, a soft-fork that would introduce a new output type designed to keep public keys hidden until a transaction is spent. Binance Research noted BIP-360 does not fix all near-term exposure but removes what it called a “massive existential threat.”
The harder problem, according to Bernstein, is not writing quantum-safe code. It is getting millions of users to migrate their wallets and building social consensus across a decentralized network.
Industry Voices
Chris Tam, president of quantum technology company BTQ Technologies, told TheStreet that estimates for when quantum computing could break cryptography have only gotten shorter over time.
Tam said decentralized networks cannot update with the “flip of a switch.” Network-wide upgrades require months or years to implement properly.
BTQ Technologies is currently testing Bitcoin Quantum, a quantum-safe fork of Bitcoin built with quantum-resistant features.
Google said it has been working on post-quantum cryptography migration since 2016 and urged cryptocurrency communities to begin their own transitions without delay.
Bitcoin was trading at $68,073.72 at the time of reporting.
