Google's Quantum Computing Breakthrough: The Crypto World Needs to "Change Locks" Sooner Than Expected

Original | Odaily (@OdailyChina)

Author｜Azuma (@azuma_eth)

The threat of quantum computing to cryptocurrencies has once again become a focal point of discussion on international platforms.

The so-called "quantum threat" refers to the possibility that sufficiently powerful quantum computers in the future could break the cryptographic foundations that currently secure cryptocurrencies, potentially destroying their security models.

In November last year, when Vitalik discussed the quantum threat at the Devconnect conference, Odaily published an article titled "Is the Quantum Threat Resurfacing, Shaking the Foundation of Cryptocurrencies?". The core argument of that article was that while the quantum threat objectively exists, first, there is still some time before a real threat materializes; and second, cryptocurrencies can be upgraded to incorporate post-quantum algorithms, thereby completing a "lock change".

In other words, it was a matter of "worthy of attention, but not urgent." However, this time, market sentiment has noticeably shifted.

What Happened Recently?

The reason the quantum threat has stirred the market again this time is due to two consecutive actions by Google's quantum research team (Google Quantum AI), led by experts including the world's top quantum circuit master, Craig Gidney.

First, on March 25th, Google officially proposed that its post-quantum cryptography (PQC) migration timeline would target 2029. Second, on March 31st, Google Quantum AI specifically released a research report aimed at the cryptocurrency industry, stating bluntly that according to the latest research, future quantum computers would require far fewer resources to crack the elliptic curve cryptography protecting cryptocurrencies than previously believed.

According to the article and accompanying research report released by Google on March 31st, its team compiled two new Shor's algorithm quantum circuits for the 256-bit Elliptic Curve Discrete Logarithm Problem (ECDLP-256): one requiring fewer than 1,200 logical qubits and 90 million Toffoli gates, and another requiring fewer than 1,450 logical qubits and 70 million Toffoli gates.

Google further estimated that, under its assumed superconducting quantum computing architecture, such circuits could theoretically be executed in minutes on a fault-tolerant quantum computer with "fewer than 500,000 physical qubits." Compared to previous estimates, this roughly implies that the number of physical qubits required to crack ECDLP-256 has been reduced by approximately 20 times.

If the market's imagination of the quantum threat previously remained at "requiring millions or tens of millions of physical qubits, feeling far from reality," then the biggest impact of Google's paper is that it has significantly pulled that seemingly unreachable threshold much closer to the real world.

What's even more intriguing is that Google did not fully disclose the most sensitive underlying circuit details as traditional academic papers would. Instead, it stated that it had communicated with the U.S. government and had proven its estimation results using zero-knowledge proofs (ZK). Google stated that this approach avoids disclosing the underlying quantum circuits to prevent misuse by third parties. This also indirectly suggests that Google itself may believe that this research is no longer just a theoretical technical showcase but rather a disclosure of capabilities with genuine security implications.

What Does This Mean?

First, it's important to clarify that Google is not saying "Bitcoin and Ethereum will be breached tomorrow." Instead, it's highlighting another equally concerning matter — the resource threshold for quantum computers to crack current mainstream elliptic curve cryptography has been significantly lowered.

The former implies that a real attack is imminent; the latter means the industry's past judgment on the timeline needs revision. Last year, when Vitalik warned about the quantum threat, the industry largely understood it as a long-term risk because the mainstream belief was that quantum computers truly capable of threatening cryptographic systems were still very distant. However, Google's latest research has effectively moved that seemingly distant warning line forward by a significant step.

This is also why the market's reaction this time is noticeably stronger than last year, with multiple prominent figures expressing shock at Google's progress on social media.

Dragonfly Capital partner Haseeb Qureshi posted on X: "This is incredible… and it's very unusual for Google to not disclose the full circuit, which indicates they think this is a big deal. All blockchains need to start planning their transition ASAP. The post-quantum era is no longer a drill."

Justin Drake, a former Ethereum Foundation researcher focused on quantum computing, also stated: "Today is a milestone day for quantum computing and cryptography… Based on my conversations with the team, I believe Google Quantum AI's research results are conservative."

The Post-Quantum Era Is No Longer Just a Drill

In its research report aimed at the cryptocurrency industry, Google directly addressed the sector, stating: "The urgency to act now is increasing."

Although post-quantum cryptography is not a completely blank field. Over the past few years, the cryptocurrency industry has already discussed various potential upgrade paths; theoretical "new locks" do exist. The trouble, however, lies in the fact that upgrading in the blockchain world is never as simple as swapping algorithms. It also involves on-chain compatibility, wallet infrastructure, address systems, user migration costs, and the most challenging issue of community coordination. Especially for networks like Bitcoin and Ethereum, which have massive scale, complex historical assets, and numerous ecosystem participants, any upgrade involving the underlying cryptographic system cannot be completed quickly with just a paper or a few community discussions. It requires the participation of the protocol layer, clients, wallets, exchanges, custodians, and even ordinary users, and it needs a sufficiently long transition period.

But the objective reality is now clear. Regardless, the timeline for the "lock change" needs to be moved forward. As for a specific timetable, Google has set its own migration target for 2029. Furthermore, Google Quantum AI mentioned in the article that it is collaborating with institutions like Coinbase, the Stanford Blockchain Research Institute, and the Ethereum Foundation to responsibly advance according to the 2029 timeline plan.

In summary, what Google has brought this time is not a final verdict that "the crypto world will be destroyed by quantum computing tomorrow," but rather the setting of a clear countdown for this bomb.

For every crypto project, this signifies a new security watershed. Those who can acknowledge the problem earlier, advance upgrades, and complete the "lock change" will have a better chance of preserving their security boundaries in the next era.