The primary quantum threat to Bitcoin might not be its wallet keys, according to venture capitalist Andrew Gault, who has invested in the quantum hardware labs now posing a risk to Bitcoin. He believes the industry is focusing on the wrong issues, a sentiment echoed by Google’s security team in March.
Key Points:
— Experts in security caution that the imminent quantum threat to Bitcoin and the overall financial ecosystem is not the wallet keys, but rather the encrypted authentication data that is currently being transmitted between institutions and is discreetly collected today.
— Opponents are executing a ‘harvest now, decrypt later’ approach, amassing encrypted interbank communications, payment data, and digital signatures to decrypt once quantum computers achieve sufficient power. This risk has begun to be modeled by both Google and Citi on aggressive timelines.
— While Ethereum has initiated a structured post-quantum transition and Google aims for 2029 to complete its migration, Bitcoin, along with major crypto exchanges and custodians, has yet to publicly commit to similar protective measures for their wire-level signing systems.
Andrew Gault, CEO of networking firm ZeroTier and a founding partner of 7percent Ventures, expressed, «The most significant vulnerability of the financial system isn’t the data that’s stored; it’s the data being transmitted between institutions right now.»
Gault highlighted that every interbank communication, every payment authentication record, and every digital signature traversing the network is being gathered by advanced adversaries who do not yet need to decipher it. «CISOs and security teams have been trained to safeguard data at rest. However, what remains unspoken is that the adversary’s strategy has evolved. They are patient, have storage capabilities, and are compiling a library of today’s encrypted traffic to decrypt once quantum technology reaches a certain threshold,» he remarked.
The Google Quantum AI research that raised alarms in March indicated that a sufficiently advanced quantum computer could derive a Bitcoin private key from a public key in about nine minutes, and it was not part of Gault’s portfolio. The discussions following that paper have focused on the approximately 6.9 million BTC held in wallets with exposed public keys and Bitcoin’s lack of a post-quantum migration strategy.
However, Gault asserts that the more pressing danger lies in the data already being harvested from the open internet for potential future decryption, irrespective of the existence of operational quantum computers.
Google’s security engineers have also shifted in this direction. In a March update, the company set a 2029 target for its post-quantum cryptography migration, citing advancements in quantum hardware, error correction, and resource estimation for factoring.
The post, authored by Google’s vice president of security engineering Heather Adkins and senior cryptography engineer Sophie Schmieg, noted that the company has adjusted its internal threat model to concentrate on authentication services and digital signatures, similar to the wire-level signing infrastructure Gault has been emphasizing.
«The threat to encryption is pertinent today, particularly with store-now-decrypt-later attacks,» the post indicated.
The strategy behind this urgency is referred to in cryptographic circles as ‘harvest now, decrypt later.’ This suggests that adversaries do not require immediate access to encrypted traffic; they only need to store it inexpensively until a sufficiently powerful quantum computer is developed.
In February, Citi modeled a bank-system version of this scenario, estimating that a quantum-enabled assault on a single top-five U.S. bank’s access to the Fedwire Funds Service payment system could trigger a cascade effect ranging from $2 trillion to $3.3 trillion across the U.S. economy, equating to a 10% to 17% decline in real GDP.
The Global Risk Institute, referenced in Citi’s report, estimates the probability of a cryptographically relevant quantum computer emerging by 2034 to be between 19% and 34%.
For cryptocurrencies, the wire-level surface encompasses more than just wallet vulnerabilities. Cross-chain bridge proofs, exchange API authentication packets, signed transactions broadcast and stored in public mempools, as well as the signing traffic between cold storage and trading desks all share the same vulnerability spectrum as the bank-grade encryption Citi analyzed.
CoinShares contended in a February report that fears surrounding wallet keys are exaggerated, estimating that only around 10,200 BTC are concentrated enough to influence markets if stolen.
Gault’s concerns are different: «The particularly unsettling reality for financial institutions is that the authentication records being collected aren’t merely sensitive; they form the proof layer that establishes ownership, transaction authorization, and legal liability,» he remarked.
While Ethereum (ETH) has embarked on a coordinated post-quantum migration, Bitcoin has not followed suit. Additionally, major crypto exchanges and custodians, which house most of the signing traffic, have not made public commitments to such transitions either.