On 25 March 2026, Google did something rare for a major tech company: it consciously accelerated the apocalypse calendar. Not out of drama, but out of seriousness. The company officially announced that the migration to post-quantum encryption must take place by 2029, not 2030 or 2035 as traditional timelines suggested. The reason? Three peer-reviewed papers published in three months have drastically reduced estimates of the number of physical qubits needed to break modern cryptographic algorithms, with direct implications for Bitcoin and Ethereum.
The most disruptive paper comes from Google Quantum AI itself, co-signed by Justin Drake of the Ethereum Foundation and Dan Boneh of Stanford. It shows that the elliptic curve cryptography that protects every Bitcoin and Ethereum wallet could be broken by a quantum computer with less than 500,000 physical qubits, in minutes, not days. To give you context: previous estimates, from Litinski in 2023, spoke of 9 million qubits. This means a twenty-fold reduction from an exponential curve where time compresses dramatically.
The scale of the discovery should not be underestimated. When you sign a blockchain transaction, your public key remains exposed. Today, no computer, quantum or classical, can derive your private key from the public key. A quantum computer running Shor’s algorithm could do this. This would mean forged signatures, drained wallets, rewritten histories. This is not theory: it is the exact technical description of how elliptic cryptography would be deconstructed.
The crypto community has not remained passive. In February 2026, Bitcoin introduced BIP 360, the first official proposal for a quantum-resistant signature. The Bitcoin Quantum testnet was launched on 12 January 2026 with the explicit aim of testing how a quantum-resistant signature scheme would work on a real blockchain. Vitalik Buterin announced updates for Ethereum aimed at the same goal. The most conservative estimate suggests that the full quantum upgrade cycle for Bitcoin would take about seven years from proposals to worldwide deployment.
There is, however, a bifurcation in the timeline. Google speaks of 2029 as the deadline for a credible quantum attack on public Internet infrastructure. But the language of the paper also suggests that substantial expertise, experimental development effort and architectural design remain necessary to turn the theoretical circuit into a real machine. It is not a switch you turn on tomorrow. But it is a recognition at the institutional level, from Google, that the ‘when’ has changed from ‘never in my lifetime’ to ‘less than three years away’.
On the positive side, the fact that quantum computing requires hundreds of thousands of qubits means that an attack will not be the stunt of a random state actor, but the result of an infrastructure investment visible months down the road. Post-quantum algorithms are already standardised by NIST. Blockchains have time, but not as much time as they thought they had six months ago.
The real question is not whether Bitcoin and Ethereum will survive quantum computing. It is whether they will make the transition fast enough without fractures, unintentional forks, or thousands of old addresses left behind using now-weak cryptography. Google has pulled forward the timetable not to frighten, but because the scientists who made the calculation know that mathematics is not denied. And 2029 is just around the corner, not in science fiction movies.
