An analysis has found that quantum computers may need less computing power than previously expected to break encryption on the bitcoin blockchain.

On March 31 local time, blockchain media outlet CoinDesk reported that Google's Quantum Artificial Intelligence (AI) team said in a blog post and a new white paper that the scale needed to decrypt cryptographic systems used in bitcoin and ethereum could be fewer than 500,000 physical qubits, below the millions often cited in recent years.

Google has previously described 2029 as a "Q-day" for practical quantum systems and has said a transition is needed before then. The new research highlights the possibility that the computing power required for an attack could be lower. It has heightened concern about when the quantum threat could become real.

The researchers presented two attack methods and said each would require about 1,200 to 1,450 high-quality qubits. That is smaller than past estimates and suggests the gap between current technology and real-world attack feasibility could be narrower than the market expects.

The white paper put particular emphasis on a "real-time attack" targeting the moment a transaction occurs, rather than a method that probes old wallets. When sending bitcoin, the public key is temporarily exposed. A sufficiently fast quantum computer could use it to calculate the private key and steal the funds.

Google's model found an attacker could prepare some calculations in advance and then complete the attack within about 9 minutes once a transaction occurs. Given bitcoin transactions are typically confirmed over about 10 minutes, it calculated there is about a 41 percent chance the attack would be processed before the original transfer. It explained that ethereum and others have faster transaction finality, which could mean relatively less exposure to this specific scenario.

The paper also offered an estimate of the vulnerable scope. It said about 6.9 million BTC, roughly one-third of total supply, could already be held in wallets whose public keys have been exposed in some form. This includes about 1.7 million BTC from the network's early period and the impact of address reuse. That is far larger than the roughly 12,000 BTC that CoinShares previously cited as a scale that could significantly shake the market.

The researchers also examined Taproot, bitcoin's 2021 upgrade. Taproot improved privacy and efficiency, but it removed one layer of protection provided by the previous address format by making the public key visible on the blockchain by default, it said. It added that this could increase the number of wallets that may be vulnerable to future quantum attacks.

Google also said it is changing how it discloses sensitive security research. Instead of releasing the attack process step by step, it used zero-knowledge proofs to demonstrate the accuracy of the results without revealing specific methods. Google presented as its core message not that quantum computers can break crypto assets immediately, but that the timeline could be shorter than expected and the risk scope broader.