Summary
Google Quantum AI, with the Ethereum Foundation and Stanford, has released a 57-page whitepaper showing the quantum resources to solve ECDLP-256 on secp256k1 are about 10x smaller than earlier estimates. The targets are the signature systems securing Bitcoin and Ethereum, with fewer than 500,000 physical qubits and a runtime measured in minutes on a superconducting platform. This moves the perceived distance-to-break closer for elliptic curve cryptocurrencies.
The team presents two optimized quantum circuits that cut spacetime volume by roughly an order of magnitude compared to prior single-instance results. In a notable security move, they withheld the circuits and instead published a zero-knowledge proof using SP1 zkVM and Groth16 SNARK, allowing verification of the resource claims without revealing exploit details. Google also coordinated with the U.S. government and urged other labs to adopt similar responsible disclosure practices.
For CISOs and crypto security leaders, the message is clear, quantum risk to secp256k1-based assets is accelerating, even if a fault-tolerant machine of this scale does not exist today. Treat signature agility as a near-term program, inventory where secp256k1 is used, reduce address reuse, and prioritize migration paths to NIST PQC and hybrid schemes that can be rolled out in blockchain ecosystems. Plan incident response for key exposure events and align disclosure policies, since verification-first releases like this may become the norm.
Read more
See the original article at: https://postquantum.com/security-pqc/google-quantum-bitcoin-ecdlp/