Google Quantum AI warns Ethereum faces five attack paths
Google Quantum AI published a whitepaper in March 2026 mapping five distinct attack paths that a future quantum computer could use against Ethereum's encryption. The paper is titled, according to published reports, "Safeguarding cryptocurrency by disclosing quantum vulnerabilities responsibly." Google co-authored it with Ethereum Foundation researcher Justin Drake and Stanford's Dan Boneh.
"There's at least a 10% chance that by 2032 a quantum computer recovers a secp256k1 ECDSA private key from an exposed public key", 25 March 2026. — Justin Drake, Researcher, Ethereum Foundation
What quantum computing means for walletsEthereum uses a cryptographic standard called elliptic-curve digital signature algorithm (ECDSA) to protect wallet private keys. The whitepaper models a scenario where an advanced quantum computer breaks this 256-bit encryption. In that scenario, an attacker recovers a private key from a publicly visible wallet address. At least 20.5 million ETH held in "at-rest" wallets faces this exposure risk. A further 15 million ETH across layer-2 networks — secondary chains built on top of Ethereum — also falls within the projected threat range.
Google sets 2029 migration deadlineGoogle and the Ethereum Foundation both identify 2029 as the critical deadline for migrating to post-quantum cryptography (PQC). PQC refers to encryption methods designed to resist attacks from quantum hardware. Google security experts Heather Adkins and Sophie Schmieg stated that current encryption protecting banks, governments, and personal data faces a break risk by that year. The Ethereum Foundation independently set the same 2029 target for its quantum-upgrade roadmap.
Timeline is theoretical, not immediateNo quantum computer today can break ECDSA encryption. The Ethereum Foundation estimates quantum computing will not become cryptographically relevant for another 8 to 12 years. The nine-minute key-recovery scenario described in the whitepaper's model applies to a future advanced-quantum configuration, not current hardware. The $100 billion figure circulating in media reports is an editorial calculation based on the exposed ETH supply valued at current market prices. Google did not state that figure directly in the whitepaper. "There's at least a 10% chance that by 2032 a quantum computer recovers a secp256k1 ECDSA private key from an exposed public key", 25 March 2026. — Justin Drake, Researcher, Ethereum Foundation
What quantum computing means for walletsEthereum uses a cryptographic standard called elliptic-curve digital signature algorithm (ECDSA) to protect wallet private keys. The whitepaper models a scenario where an advanced quantum computer breaks this 256-bit encryption. In that scenario, an attacker recovers a private key from a publicly visible wallet address. At least 20.5 million ETH held in "at-rest" wallets faces this exposure risk. A further 15 million ETH across layer-2 networks — secondary chains built on top of Ethereum — also falls within the projected threat range.
Google sets 2029 migration deadlineGoogle and the Ethereum Foundation both identify 2029 as the critical deadline for migrating to post-quantum cryptography (PQC). PQC refers to encryption methods designed to resist attacks from quantum hardware. Google security experts Heather Adkins and Sophie Schmieg stated that current encryption protecting banks, governments, and personal data faces a break risk by that year. The Ethereum Foundation independently set the same 2029 target for its quantum-upgrade roadmap.
Timeline is theoretical, not immediateNo quantum computer today can break ECDSA encryption. The Ethereum Foundation estimates quantum computing will not become cryptographically relevant for another 8 to 12 years. The nine-minute key-recovery scenario described in the whitepaper's model applies to a future advanced-quantum configuration, not current hardware. The $100 billion figure circulating in media reports is an editorial calculation based on the exposed ETH supply valued at current market prices. Google did not state that figure directly in the whitepaper. What quantum computing means for walletsEthereum uses a cryptographic standard called elliptic-curve digital signature algorithm (ECDSA) to protect wallet private keys. The whitepaper models a scenario where an advanced quantum computer breaks this 256-bit encryption. In that scenario, an attacker recovers a private key from a publicly visible wallet address. At least 20.5 million ETH held in "at-rest" wallets faces this exposure risk. A further 15 million ETH across layer-2 networks — secondary chains built on top of Ethereum — also falls within the projected threat range.
Google sets 2029 migration deadlineGoogle and the Ethereum Foundation both identify 2029 as the critical deadline for migrating to post-quantum cryptography (PQC). PQC refers to encryption methods designed to resist attacks from quantum hardware. Google security experts Heather Adkins and Sophie Schmieg stated that current encryption protecting banks, governments, and personal data faces a break risk by that year. The Ethereum Foundation independently set the same 2029 target for its quantum-upgrade roadmap.
Timeline is theoretical, not immediateNo quantum computer today can break ECDSA encryption. The Ethereum Foundation estimates quantum computing will not become cryptographically relevant for another 8 to 12 years. The nine-minute key-recovery scenario described in the whitepaper's model applies to a future advanced-quantum configuration, not current hardware. The $100 billion figure circulating in media reports is an editorial calculation based on the exposed ETH supply valued at current market prices. Google did not state that figure directly in the whitepaper. Ethereum uses a cryptographic standard called elliptic-curve digital signature algorithm (ECDSA) to protect wallet private keys. The whitepaper models a scenario where an advanced quantum computer breaks this 256-bit encryption. In that scenario, an attacker recovers a private key from a publicly visible wallet address. At least 20.5 million ETH held in "at-rest" wallets faces this exposure risk. A further 15 million ETH across layer-2 networks — secondary chains built on top of Ethereum — also falls within the projected threat range.
Google sets 2029 migration deadlineGoogle and the Ethereum Foundation both identify 2029 as the critical deadline for migrating to post-quantum cryptography (PQC). PQC refers to encryption methods designed to resist attacks from quantum hardware. Google security experts Heather Adkins and Sophie Schmieg stated that current encryption protecting banks, governments, and personal data faces a break risk by that year. The Ethereum Foundation independently set the same 2029 target for its quantum-upgrade roadmap.
Timeline is theoretical, not immediateNo quantum computer today can break ECDSA encryption. The Ethereum Foundation estimates quantum computing will not become cryptographically relevant for another 8 to 12 years. The nine-minute key-recovery scenario described in the whitepaper's model applies to a future advanced-quantum configuration, not current hardware. The $100 billion figure circulating in media reports is an editorial calculation based on the exposed ETH supply valued at current market prices. Google did not state that figure directly in the whitepaper. Google and the Ethereum Foundation both identify 2029 as the critical deadline for migrating to post-quantum cryptography (PQC). PQC refers to encryption methods designed to resist attacks from quantum hardware. Google security experts Heather Adkins and Sophie Schmieg stated that current encryption protecting banks, governments, and personal data faces a break risk by that year. The Ethereum Foundation independently set the same 2029 target for its quantum-upgrade roadmap.
Timeline is theoretical, not immediateNo quantum computer today can break ECDSA encryption. The Ethereum Foundation estimates quantum computing will not become cryptographically relevant for another 8 to 12 years. The nine-minute key-recovery scenario described in the whitepaper's model applies to a future advanced-quantum configuration, not current hardware. The $100 billion figure circulating in media reports is an editorial calculation based on the exposed ETH supply valued at current market prices. Google did not state that figure directly in the whitepaper. No quantum computer today can break ECDSA encryption. The Ethereum Foundation estimates quantum computing will not become cryptographically relevant for another 8 to 12 years. The nine-minute key-recovery scenario described in the whitepaper's model applies to a future advanced-quantum configuration, not current hardware. The $100 billion figure circulating in media reports is an editorial calculation based on the exposed ETH supply valued at current market prices. Google did not state that figure directly in the whitepaper. Cryptocurrencies are highly volatile and involve significant risk. You may lose part or all of your investment. All information on Coinpaprika is provided for informational purposes only and does not constitute financial or investment advice. Always conduct your own research (DYOR) and consult a qualified financial advisor before making investment decisions. Coinpaprika is not liable for any losses resulting from the use of this information.