The quantum computing power needed to break the encryption that secures blockchains continues to decline, at least in theory, raising the question of whether the industry can affordably migrate to quantum-resistant platforms before they become vulnerable.
A new paper from Caltech and quantum startup Oratomic suggests that a system with around 26,000 qubits could break ECC-256, the encryption standard that secures the Bitcoin and Ethereum blockchains, in around 10 days. RSA-2048, used by financial institutions to secure their Web2 platforms, is more difficult, they found.
Researchers discovered cryptography protecting Bitcoin and ether (ETH) wallets could be broken using just 10,000 physical qubits, which would collapse previous estimates which, until this week, still ran into the hundreds of thousands.
Qubits are the basic units of quantum computers, similar to the bits of traditional machines. They don’t measure speed, like gigahertz or teraflops, but instead reflect the scale of the system, closer to the number of cores or transistors in a chip.
The paper, published Monday on preprint server arXiv, landed alongside a Google Quantum AI white paper setting the threshold at fewer than 500,000 physical qubits.
The two are closely related: The Oratomic team uses Google’s quantum circuits designed to break 256-bit elliptic curve cryptography, the system securing Bitcoin and Ether wallets, and shows that a neutral-atom setup — laser-controlled atoms acting like qubits — could run them with about a 50th of the qubits Google estimates.
Together, these articles mark one of the most brutal squeezes ever recorded in the quantum threat timeline. Estimated requirements for running Shor’s algorithm, the quantum method for breaking public-key encryption, have now fallen by five orders of magnitude in two decades, from around 1 billion physical qubits in 2012 to around 10,000 today.
These gains translate into clearer timelines for potential attacks.
The paper hypothesizes that a system with about 26,000 qubits could break ECC-256, the encryption standard that secures the Bitcoin and Ethereum blockchain, in about 10 days, allowing a quantum computer to derive private keys and take control of funds.
RSA-2048, used by financial institutions to secure their web2 platforms, would require more than 102,000 qubits and around three months in a highly parallelized configuration. Elliptic curve cryptography is more exposed because it offers comparable security with smaller keys, making it easier for a quantum machine to work.
This roughly 10-day window makes the rapid “spend” attack described in the Google paper, where a quantum computer decrypts a key in minutes and first executes a live Bitcoin transaction, unlikely under these assumptions.
However, this does little to reduce long-term risk for funds already housed in vulnerable addresses, including around 6.9 million BTC tied to early wallets and reused addresses.
This framing has caveats. All nine authors are Oratomic shareholders, six of whom are employed by the company, positioning the paper as both a scientific result and a roadmap for its hardware approach.
However, it is increasingly difficult to ignore this direction. The question is no longer whether quantum systems can break cryptography, but whether the industry can migrate before the cost of that migration collapses further.
