Overview
- Google’s Quantum AI team published a whitepaper that says breaking Bitcoin’s elliptic‑curve signatures could take fewer than 500,000 physical qubits.
- The paper outlines two attack designs that each need roughly 1,200 to 1,450 high‑quality qubits.
- A modeled real‑time heist computes most work in advance and could finish in about nine minutes after a transaction posts, giving roughly a 41% chance to beat the typical 10‑minute confirmation.
- Taproot makes public keys show on‑chain by default, which expands the set of wallets a future quantum computer could target by deriving private keys from exposed public keys.
- Google estimates about 6.9 million bitcoin sit in wallets with exposed public keys, a scale that contrasts with a recent CoinShares view that far fewer coins are concentrated enough to sway markets if stolen.