On October 27, 2025, the tech world was once again awakened by a 'quantum bomb' dropped by Google. They claimed to have made a milestone breakthrough in the field of quantum computing. In no time, the old question 'Is my Bitcoin still safe?' was brought up again, trending across various communities.
1. What exactly is Google's 'breakthrough'? — A qualitative change from 'more' to 'less refined'
First, we need to understand what Google's 'breakthrough' really is. If you think this is just another pure arms race of stacking up the number of quantum bits, then you're thinking too simply.
In recent years, people's impression of quantum computers seems to have been stuck on 'who has more qubits'. However, more quantity does not equal better quality. Early quantum bits (which we call 'physical qubits') were very fragile, like a group of noisy, error-prone elementary school students, full of various 'noise' and errors during computation. This caused quantum computers to 'go off course' during calculations, making it impossible to execute complex tasks.
Google's latest research results have taken a key step in solving this core pain point. They successfully demonstrated a miraculous technology called 'quantum error correction' through their 105-qubit chip named 'Willow'. Simply put, it combines multiple unreliable 'physical qubits' into a highly stable and reliable 'logical qubit' through complex encoding and error correction mechanisms.
The milestone significance of this breakthrough is that Google has experimentally proven for the first time that by increasing the number of physical qubits, they can exponentially reduce the error rate of logical qubits and successfully cross the so-called 'break-even point'—the probability of error in the combined logical qubits is actually lower than that of individual physical qubits!
This sounds a bit convoluted; to put it simply: it's like hiring a group of careless workers (physical qubits) to build a house, where each of them might misplace a brick or two. But now you have an excellent management method (quantum error correction) that allows the workers to supervise each other and correct mistakes at any time, resulting in the entire construction team (logical qubits) building walls that are much straighter than any individual worker alone.
Thus, Google's breakthrough marks a solid step towards constructing truly useful, fault-tolerant quantum computers from the 'noisy intermediate-scale quantum (NISQ)' era. However, this is just the first reliable 'brick', and there is still a long way to go before building a 'skyscraper' that can threaten the ironclad walls of the encryption world.
2. 'Quantum Spear' vs 'Encryption Shield': How far are we from cracking Bitcoin?
Alright, since the 'brick' has been made, the question we are most concerned about arises: How long will it take for the 'quantum killer' built with this technology to break through Bitcoin's encryption defenses?
The security of Bitcoin primarily relies on two 'locks': one is the Elliptic Curve Digital Signature Algorithm (ECDSA), which protects your private keys, ensuring that only you can use your Bitcoin; the other is the SHA-256 hash function, used in the mining process and for generating addresses.
Theoretically, powerful quantum computers are indeed the nemesis of these two locks.
For ECDSA, quantum computers can use a 'universal key' called the 'Shor algorithm'. Once they have enough high-quality logical qubits, they can derive your private key from your public key (which is exposed during transactions), sweeping away all the assets in your account. This is the most deadly threat to Bitcoin.
For SHA-256, quantum computers can run the 'Grover algorithm', which significantly reduces the difficulty of finding hash collisions. Theoretically, it can speed up mining, but it cannot directly crack private keys. Even if the Grover algorithm reduces the security of SHA-256 from 256 bits to 128 bits, the number 2 to the power of 128 remains an astronomical figure for any computer (including foreseeable quantum computers), making it extremely difficult to crack. In fact, authoritative organizations such as the National Institute of Standards and Technology (NIST) still believe that SHA-256 has strong resistance to quantum attacks.
So, when will that 'quantum killer' capable of running the Shor algorithm actually appear?
Industry experts' predictions are like a symposium of futurists with varying opinions. Some are more radical, believing that it could appear within 5 to 15 years, possibly as early as 2027-2030. However, more experts and researchers are cautious, believing that achieving this goal will take at least ten to twenty years, or even longer. Some assessment models indicate that by 2035, the probability of Bitcoin's algorithm being cracked by quantum computers may still be below 10%.
The reason it is so far off is fundamentally due to the staggering technological gap. Running the Shor algorithm to crack Bitcoin's ECDSA, scientists estimate it would require millions of high-quality, stably connected logical qubits. Comparing this to the few 'bricks' that Google has just made today, you can feel the insurmountable Mariana Trench that lies in between.
3. How do industry leaders view this?—Rather than worrying, it's better to prepare in advance.
Veterans in the cryptography community and the Bitcoin community have not fallen into panic. Their consensus is: the threat is real, but we have a sufficient time window to respond. Turing Award winner and one of the inventors of the RSA algorithm, Adi Shamir, has stated that in the foreseeable future, this does not constitute a 'survival fear'.
Rather than being anxious, it's better to take action. Cryptographers around the world are already working diligently to create a brand new 'quantum shield'—Post-Quantum Cryptography (PQC). PQC refers to a series of new encryption algorithms designed based on mathematical problems that even quantum computers find difficult to solve, aiming to replace existing vulnerable algorithms like RSA and ECDSA.
The National Institute of Standards and Technology (NIST), as a global benchmark in cryptography, has been leading for many years in strictly selecting and standardizing PQC candidate algorithms, planning to gradually phase out the old encryption systems between 2030 and 2035.
For Bitcoin, countermeasures are already under discussion. In the future, the Bitcoin network is likely to implement a 'soft fork' upgrade, introducing new address formats and signature schemes that resist quantum attacks. An interesting fact is that Bitcoin addresses that have never been spent (i.e., the public key has never been exposed on the chain) are theoretically more secure, as the Shor algorithm requires the public key to start the cracking process. This also provides valuable buffer for asset migration.
In the foreseeable future, our digital gold remains safe. We can continue to HODL with peace of mind, but we must also keep our eyes wide open and pay attention to this epic showdown of 'spear and shield' that concerns the future.
The support and attention of everyone is the greatest motivation for us to continue producing better works! Thank you all~
