Lately, with some free time, I briefly studied the impact of quantum computers on the blockchain ecosystem, involving a lot of cryptography background knowledge. I won't go into too many details, but here are a few viewpoints:

1) The general consensus in academia has been that cracking 256-bit elliptic curve encryption algorithms would require millions of physical qubits, with around 6,000 logical qubits. However, Google’s new paper, released this time, didn't introduce any groundbreaking new hardware; it simply recompiled Shor's algorithm for execution on quantum circuits, reducing the required logical qubits to 1,200.
What does this mean? It implies that computational costs have been directly reduced by nearly 20 times. This is the fundamental reason why the quantum threat has been a hot topic lately. What we previously thought was impossible is now starting to have a “countdown”;
2) Google estimates this countdown to 2029, meaning that before this date, encryption methods such as HTTPS, SSL bank certificates, SSH remote login, as well as the underlying ECDSA signature systems of public blockchains like Bitcoin and Ethereum, must undergo a “quantum-resistant” overhaul. Otherwise, there could be catastrophic consequences.
Regarding this point, 2029 is just three years away. I think this timeline is overly optimistic; after all, translating pure theory into practical, executable reality still has a long way to go. But at least it indicates that the window for upgrading cryptographic algorithms to resist quantum attacks has begun to open. It’s not an immediate threat, but we must not take it lightly;
3) If you still don’t have a clear concept of the quantum threat, let me elaborate on a few attack surfaces:
1. Currently, about 25%-35% of addresses on the Bitcoin blockchain have their public keys exposed, including early addresses using P2PK format from the Satoshi era, as well as all reused or transacted addresses. These are within the attack scope; addresses that haven't transacted yet could be targeted once quantum computers mature. Within the 10-minute window for transaction processing in the mempool, they could be cracked and hijacked by quantum attacks, potentially paralyzing the entire network;
2. Ethereum faces an even more direct crisis. When an ETH account (EOA) first sends a transaction, its public key is exposed on-chain through the signature. Plus, with EIP-4844’s data availability sampling mechanism and the network’s reliance on POS signature verification, Ethereum’s blockchain is not just about whether private keys can be cracked. If the signature algorithm isn’t upgraded, the entire network could become useless;
3. The key point is that blockchain transaction histories are traceable and permanently stored on-chain. Although current quantum computers are not yet capable of such attacks, transactions that have exposed public keys in the past and present will be recorded and become potential targets once quantum machines are ready;
4) Of course, since quantum attacks still depend on technological breakthroughs and time, in theory, a “big overhaul” to implement quantum resistance within the next few years could also serve as a form of self-rescue.
Ethereum has already been optimizing for quantum resistance through engineering efforts, including advancing account abstraction to allow EOA addresses to switch signature schemes at the application layer, and moving validator signatures toward post-quantum cryptography (PQC) algorithms—designed specifically to resist quantum attacks—thus strengthening their foundational security. Ethereum’s most impressive feature is its ability to upgrade dynamically “on the fly,” so once the direction is clear, achieving quantum resistance is only a matter of time.
Bitcoin has chosen to introduce BIP-360, which will incorporate post-quantum signature algorithms like FALCON or CRYSTALS-Dilithium. Technically, it’s not complicated, but the challenge lies in consensus. Remember, the Bitcoin community has argued for years over a block size fork. Expecting them to quickly agree on a hard fork for quantum resistance is optimistic. But once the threat becomes more certain, even the most laid-back development communities will have to face it head-on.
That’s all.
Lastly, an interesting point: Google used zero-knowledge proofs (ZK) to disclose this potential quantum threat, intentionally allowing it to “land softly.” After all, if it gets out of control, it wouldn’t just affect blockchain—global internet civilization could be at risk of destruction. Moreover, researchers from Google Quantum AI are involved with the Ethereum Foundation, so perhaps resistance to quantum attacks could become a mainstream narrative in blockchain development. After all, cryptography is in our DNA—this new mission is very crypto!