#创作者冲榜 Google achieves a major breakthrough in quantum computing; the encryption world needs to "change the locks" in advance

Quantum computing's threat to cryptocurrencies has once again become a hot topic on external forums.
The so-called "quantum threat" refers to the possibility that sufficiently powerful quantum computers in the future could crack the cryptographic foundations that currently protect cryptocurrencies, potentially destroying their security models.
Last November, Vitalik discussed the core logic of the quantum threat at Devconnect: "While the quantum threat objectively exists, there is still some time before it becomes a real threat; secondly, cryptocurrencies can upgrade to introduce post-quantum algorithms, effectively 'changing the locks.' In other words, it's 'worth paying attention to, but not urgent.'"
However, this time, market sentiment has shown a clear shift.
1｜What has happened recently?
The recent stir in the quantum threat was triggered by two actions from Google's Quantum AI research team, led by top quantum circuit expert Craig Gidney and others.
First, on March 25, Google officially proposed that the timeline for transitioning to post-quantum cryptography (PQC) aims for 2029;
Second, on March 31, Google Quantum AI published a research report targeting the cryptocurrency industry, stating that based on the latest research, the resources needed for future quantum computers to crack elliptic curve cryptography protecting cryptocurrencies are much less than previously thought. According to the article and supporting report published by Google on March 31, their team compiled two new Shor algorithm quantum circuits for the 256-bit elliptic curve discrete logarithm problem (ECDLP-256): one requiring fewer than 1200 logical qubits and 90 million Toffoli gates, and another requiring fewer than 1450 logical qubits and 70 million Toffoli gates. Google further estimated that, under their superconducting quantum architecture assumptions, such circuits could theoretically be executed on a fault-tolerant quantum computer with "fewer than 500,000 physical qubits" within minutes. Compared to previous estimates, this roughly reduces the number of physical qubits needed to crack ECDLP-256 by about 20 times.
If in the past the market's imagination of the quantum threat was still at "requiring millions or tens of millions of physical qubits, feeling far from reality," then Google's paper's biggest impact is that it brings that seemingly distant threshold much closer to the real world.
More intriguingly, Google did not fully disclose the most sensitive underlying circuit details as traditional academic papers do. Instead, they stated that they have communicated with the U.S. government and proved their estimates via zero-knowledge proofs (ZK). Google said this approach avoids revealing the underlying quantum circuits to prevent misuse by third parties. This also indirectly indicates that Google itself may believe that this research is no longer just a technical showpiece on paper but involves real security threats and capabilities disclosure.
2｜What does this mean?
First, it’s important to clarify that Google is not saying "Bitcoin and Ethereum will be cracked tomorrow"; rather, they are warning about another equally important issue — the quantum resource threshold needed to crack current mainstream elliptic curve cryptography has been significantly lowered. The former means that real attacks are imminent; the latter suggests that the industry’s previous time estimates need revision.
Last year, when Vitalik warned about the quantum threat, most industry players viewed it as a long-term risk because, in mainstream understanding, truly threatening quantum computers were still very far away. But Google's research this time effectively pushes that distant warning line much closer. That’s why the market’s reaction this time is more intense than last year, with many industry leaders expressing shock on social media. Haseeb Qureshi, partner at Dragonfly Capital, posted on X: "This is incredible... and Google's decision not to disclose the full circuit details is very rare, indicating they believe this is a matter of great importance. All blockchains need to urgently plan for transition. The post-quantum era is no longer a drill."
Justin Drake, a former Ethereum Foundation researcher focused on quantum computing, also said: "Today is a milestone day for quantum computing and cryptography... Based on my discussions with the team, I believe Google Quantum AI’s findings are conservative."
3｜The post-quantum era is no longer just a drill
In the research report aimed at cryptocurrencies, Google directly addressed the industry: "The urgency to act is increasing now." Although post-quantum cryptography is not an entirely new field, and the industry has discussed various potential upgrade paths over the past few years, the theoretical "new locks" are not nonexistent. But the tricky part is that upgrading blockchain networks is never just about replacing algorithms; it also involves on-chain compatibility, wallet infrastructure, address systems, user migration costs, and the most challenging community coordination issues.
Especially for large networks like Bitcoin and Ethereum, with complex historical assets and numerous ecosystem participants, any upgrade involving the underlying cryptographic system cannot be completed quickly with just a paper or a few community discussions. It requires participation from protocol layers, clients, wallets, exchanges, custodians, and ordinary users, as well as a sufficiently long buffer period.
But the reality is now clear: the timeline for "changing the locks" must be moved forward. As for the specific schedule, Google has set its migration target for 2029, and Google Quantum AI also mentioned in the article that they are collaborating with institutions like Coinb, Stanford Blockchain Research Institute, and the Ethereum Foundation to responsibly advance according to the 2029 plan.
In summary, what Google has brought this time is not a final verdict that "the encryption world will be destroyed by quantum computing tomorrow," but rather a clear countdown to that potential threat. For every crypto project, this marks a new security watershed. Those who recognize the problem early, push for upgrades, and complete the "changing the locks" will have a better chance of maintaining their security boundaries in the next era.