Here's what 'cracking' bitcoin in 9 minutes by quantum computers actually means

Google's quantum paper made headlines with that number. Here's what it means, what's actually at risk, and why 6.9 million bitcoin are more exposed than the rest.

What to know:

• New research from Google's Quantum AI team suggests a future quantum computer could derive a bitcoin private key from a public key in about nine minutes, potentially allowing attackers to hijack transactions before they are confirmed.
• Roughly one-third of all bitcoin, including early coins and any held in addresses whose public keys have been exposed or reused, could be stolen at leisure by a sufficiently powerful quantum computer without the time pressure of a live transaction.
• While bitcoin's core mining process would continue to function, the ability to derive private keys from public keys would undermine the network's ownership guarantees, and unlike Ethereum, bitcoin has not yet begun migrating to post-quantum cryptography.

Google's Quantum AI team said earlier this week that a future quantum computer could derive a bitcoin private key from a public key in roughly nine minutes. The number ricocheted across social media and spooked markets.

But, what does it actually mean in practice?

Let's start with how bitcoin transactions work. When you send bitcoin, your wallet signs the transaction with a private key, a secret number that proves you own the coins.

That signature also reveals your public key, a shareable address, which gets broadcast to the network and sits in a waiting area called the mempool until a miner includes it in a block. On average, that confirmation takes about 10 minutes.

Your private key and public key are linked by a math problem called the elliptic curve discrete logarithm problem. Classical computers can't reverse that math in any useful timeframe, while a sufficiently powerful future quantum computer running an algorithm called Shor's could.

Here's where the nine minutes part comes in. Google's paper found that a quantum computer could be "primed" in advance by pre-computing the parts of the attack that don't depend on any specific public key.

Once your public key appears in the mempool, the machine only needs about nine minutes to finish the job and derive your private key. Bitcoin's average confirmation time is 10 minutes. That gives the attacker a roughly 41% chance of deriving your key and redirecting your funds before the original transaction confirms.

Think of it like a thief spending hours building a universal safe-cracking machine (pre-computation). The machine works for any safe, but each time a new safe appears, it only needs a few final adjustments — and that last step is what takes about nine minutes.

That's the mempool attack. It's alarming but requires a quantum computer that doesn't exist yet. Google's paper estimates such a machine would need fewer than 500,000 physical qubits. Today's largest quantum processors have around 1,000.

The bigger and more immediate concern is the 6.9 million bitcoin, roughly one-third of total supply, that already sit in wallets where the public key has been permanently exposed.

This includes early bitcoin addresses from the network's first years that used a format called pay-to-public-key, where the public key is visible on the blockchain by default. It also includes any wallet that has reused an address, since spending from an address reveals the public key for all remaining funds.

These coins don't need the nine-minute race. An attacker with a sufficiently powerful quantum computer could crack them at leisure, working through exposed keys one by one without any time pressure.

Bitcoin's 2021 Taproot upgrade made this worse, as CoinDesk reported earlier Tuesday. Taproot changed how addresses work so that public keys are visible on-chain by default, inadvertently expanding the pool of wallets that would be vulnerable to a future quantum attack.

The bitcoin network itself would keep running. Mining uses a different algorithm called SHA-256 that quantum computers can't meaningfully speed up with current approaches. Blocks would still be produced.

The ledger would still exist. But if private keys can be derived from public keys, the ownership guarantees that make bitcoin valuable break down. Anyone with exposed keys is at risk of theft, and institutional trust in the network's security model collapses.

The fix is post-quantum cryptography, which replaces the vulnerable math with algorithms that quantum computers can't crack. Ethereum has spent eight years building toward that migration. Bitcoin hasn't even started.

More For You

Most crypto privacy models weaken as blockchain data grows. Encryption-based models like Zcash strengthen. CoinDesk Research maps the five privacy approaches and examines the widening gap.

Why it matters:

As blockchain adoption scales, the metadata available to machine learning models scales with it. Obfuscation-based privacy approaches are structurally degrading as a result. This report provides a comprehensive comparison of all five major crypto privacy architectures and a framework for evaluating which models remain durable as AI capabilities improve.

More For You

The exploit did not involve a bug in Drift's code. It used "durable nonces," a legitimate Solana transaction feature, to pre-sign administrative transfers weeks before executing them, bypassing the protocol's multisig security in minutes.

What to know:

• An attacker drained at least $270 million from the Drift Protocol on Solana by abusing a legitimate feature called 'durable nonces,' rather than exploiting a code bug or stolen keys.
• By securing two misleading approvals from Drift's five-member Security Council multisig, the attacker pre-signed transactions that remained valid for more...

Schwab plans spot bitcoin, ether trading launch in first half of 2026

7 hours ago

Circle under fire after $285 million Drift hack over inaction to freeze stolen USDC

7 hours ago

What next as XRP rises to $1.33 but fails to break out

10 hours ago

CoinDesk 20 performance update: Bitcoin (BTC) trades flat while altcoins rise

13 hours ago

U.S. March jobs smash expectations, with 178,000 added

14 hours ago

Ethereum Foundation stakes another $93 million ether, reaching its 70,000 ETH target

15 hours ago

The 'time pain' trap: why bitcoin’s bear market might need a few more months of ‘boring’ to hit a true floor

Apr 2, 2026

CFTC sues Illinois, Arizona, Connecticut over states' sports prediction market efforts

Apr 2, 2026

Coinbase wins initial bank regulator nod for trust charter, boosting custody push

Apr 2, 2026

Naoris Protocol's quantum-resistant blockchain goes live as Bitcoin and Ethereum face 'Q-Day' threats

17 hours ago

Bitcoin trims big loss, stocks erase 2% decline, as Iran signals cooperation on key shipping route

Apr 2, 2026

How a Solana feature designed for convenience let attackers drain more than $270 million from Drift

Apr 2, 2026