The quantum computing power needed to break the encryption that protects blockchains continues to decline, at least in theory, raising the question of whether the industry can migrate to quantum-resistant platforms before they become vulnerable at an affordable cost.
A new paper from Caltech and quantum startup Oratomic suggests that a system with around 26,000 qubits could break ECC-256, the encryption standard that protects the Bitcoin and Ethereum blockchains, in about 10 days. They found that RSA-2048, used by financial institutions to secure their Web2 platforms, is more challenging.
Researchers found the cryptography that protects bitcoin and ether (ETH) wallets could be broken using as few as 10,000 physical qubits, collapsing previous estimates that as of this week still numbered in the hundreds of thousands.
Qubits are the basic units of quantum computers, similar to the bits in traditional machines. They are not a measure of speed, like gigahertz or teraflops, but instead reflect the scale of the system, closer to the number of cores or transistors on a chip.
The paper, posted Monday on the arXiv preprint server, arrived alongside a Google Quantum AI whitepaper that set the threshold at less than 500,000 physical qubits.
The two are closely related: The Oratomic team uses Google’s quantum circuits designed to break 256-bit elliptic curve cryptography, the system that secures bitcoin and ether wallets, and shows that a neutral atom configuration (laser-controlled atoms that act as qubits) could run them with about 50 of the qubits Google estimated.
Together, the papers mark one of the most pronounced compressions yet in the quantum threat timeline. The estimated requirements for running Shor’s algorithm, the quantum method for breaking public-key encryption, have fallen five orders of magnitude in two decades, from about a billion physical qubits in 2012 to about 10,000 today.
These advances translate into clearer timelines for potential attacks.
Based on the paper’s assumptions, a system with around 26,000 qubits could break ECC-256, the encryption standard that protects the Bitcoin and Ethereum blockchain, in about 10 days, effectively allowing a quantum computer to obtain private keys and take control of funds.
RSA-2048, used by financial institutions to secure their web2 platforms, would require about 102,000 qubits and approximately three months in a highly parallelized setup. Elliptic curve cryptography is more exposed because it achieves comparable security with smaller keys, making the job of a quantum machine easier.
That roughly 10-day window makes the rapid “over-the-spend” attack described in the Google article, where a quantum computer cracks a key in minutes and executes a live bitcoin transaction, unlikely under these assumptions.
However, it does little to reduce long-term risk for funds already sitting in vulnerable addresses, including some 6.9 million BTC tied to early wallets and reused addresses.
That framing comes with caveats. All nine authors are shareholders of Oratomic, and six are employees of the company, positioning the paper as a scientific result and a roadmap for its hardware approach.
However, the direction is increasingly difficult to ignore. The question is no longer whether quantum systems can break cryptocurrencies, but whether the industry can migrate before the cost of doing so collapses further.
