Google suggests that breaking Bitcoin with quantum technology might be less challenging than previously assumed, partially attributing this to Taproot.

The research indicates that attackers might eventually be able to steal bitcoin during transactions, challenging the belief that this threat is decades away.

Key points:

• Researchers at Google indicate that overcoming the cryptography of Bitcoin and Ethereum may necessitate fewer than 500,000 physical qubits and approximately 1,200–1,450 high-quality qubits for effective attacks, significantly lower than previous estimates in the millions.
• The document cautions that real-time quantum assaults could intercept ongoing Bitcoin transactions in about nine minutes, possibly surpassing confirmation approximately 41% of the time and endangering around 6.9 million bitcoins that have already been exposed.
• The Taproot upgrade for Bitcoin, which defaults to making public keys visible, may increase the number of susceptible wallets, leading Google to advocate for earlier post-quantum transitions, though it emphasizes that quantum attacks are not imminent.

According to Google’s Quantum AI team, the potential to compromise Bitcoin’s blockchain with quantum computers may be less challenging than previously considered, with Bitcoin’s Taproot technology, which facilitates more efficient and private transactions, potentially contributing to this shift, as stated in a blog post and newly released whitepaper.

The team asserted that the computing resources needed to breach Bitcoin’s security could be substantially lower than earlier thought, raising concerns about how soon quantum threats might materialize.

In a recent whitepaper, researchers discovered that breaking the encryption utilized by Bitcoin and Ethereum could require less than 500,000 physical quantum bits, or qubits, a figure considerably below the “millions” often mentioned in recent discussions.

Google has previously identified 2029 as a possible milestone for functional quantum systems, indicating that migration must occur prior to that date, making the paper’s revelation regarding reduced computing power for attacks particularly noteworthy.

Quantum computers employ qubits rather than conventional bits and can solve specific problems much more swiftly than contemporary machines. One such challenge is breaking the encryption that secures cryptocurrency wallets.

Google outlined two potential attack strategies, each necessitating around 1,200 to 1,450 high-quality qubits. This is a small fraction of earlier projections and implies that the divide between existing technology and an actionable attack may be narrower than investors perceive.

The research further describes how such an attack could be executed in practice.

Instead of focusing on outdated wallets, a quantum attacker might aim for real-time transactions. When a bitcoin transfer is initiated, a data component known as a public key is momentarily revealed. A sufficiently rapid quantum computer could leverage that data to determine the private key and reroute the funds.

Under Google’s framework, a quantum system could prepare part of the computation ahead of time, then finalize the attack in approximately nine minutes once a transaction is initiated. Bitcoin transactions generally require around 10 minutes for confirmation, providing an attacker with about a 41% likelihood of outpacing the original transfer.

Alternative cryptocurrencies such as Ethereum may face reduced exposure to this particular risk due to their faster transaction confirmation times, which allow less opportunity for an attack.

The whitepaper also estimates that approximately 6.9 million bitcoins, roughly one-third of the total supply, are already held in wallets where the public key has been exposed in some manner. This includes about 1.7 million bitcoins from the network’s early days, as well as funds affected by address reuse.

This figure is significantly higher than recent assessments from CoinShares, which suggested that only about 10,200 bitcoins are concentrated sufficiently to notably influence markets if stolen.

The Taproot issue

The findings also provide new insights regarding Taproot, Bitcoin’s upgrade from 2021. While Taproot enhanced privacy and efficiency, it also made public keys visible by default on the blockchain, eliminating a layer of protection utilized in older address formats.

Researchers from Google assert that this design choice may increase the number of wallets susceptible to future quantum attacks.

Google is also revising how it shares sensitive security research. Instead of detailing the step-by-step procedures for breaching crypto systems, the team employed a method known as a zero-knowledge proof to validate its findings without revealing the method itself. This allows others to authenticate the results while minimizing the risk of misuse of the research.

The key takeaway for investors is not that quantum computers are on the verge of compromising cryptocurrency, but rather that the timeline may be shorter and the risks more extensive than previously assumed.