Google warns five quantum attack paths could put $100 billion on Ethereum at risk

Tech Share Share this article Copy link X icon X (Twitter) LinkedIn Facebook Email Google warns five quantum attack paths could put $100 billion on Ethereum at risk A 57-page whitepaper identifies how future quantum computers could target Ethereum's wallets, smart contracts, staking system, Layer 2 networks and data verification layer, with combined exposure exceeding $100 billion. By Shaurya Malwa | Edited by Stephen Alpher Updated Mar 31, 2026, 12:11 p.m. Published Mar 31, 2026, 12:02 p.m. Make preferred on What to know : A new Google Quantum AI paper warns that quantum computers could exploit at least five vulnerabilities in Ethereum, putting more than $100 billion in assets at risk. Because Ethereum public keys become permanently visible once a user transacts, Google estimates the top 1,000 wallets and at least 70 major admin-controlled smart contracts, including those backing key stablecoins, are exposed to quantum attacks. The paper finds that Ethereum’s proof-of-stake system, major Layer 2 networks and a one-time data availability setup are all vulnerable, and while the Ethereum Foundation is pursuing quantum-resistant upgrades by 2029, existing contracts and infrastructure must each be upgraded and rekeyed independently. Most of the online reaction to Google Quantum AI's paper, released late Monday, focused on bitcoin. The nine-minute attack, a 41% theft probability and the 6.9 million in possibly exposed BTC. Ethereum's section got less attention. It deserves more. The whitepaper, co-authored with Ethereum Foundation researcher Justin Drake and Stanford's Dan Boneh, mapped five ways a quantum computer could attack Ethereum, each targeting a different part of the network. The combined exposure exceeds $100 billion at current prices, and the knock-on effects could be far larger. Wallets that can never hide On bitcoin, your public key (the cryptographic identity tied to your funds) can stay hidden behind a hash, a kind of digital fingerprint, until you spend. On Ethereum, the moment a user sends a transaction, their public key is permanently visible on the blockchain. There is no way to rotate it without abandoning the account entirely. Google estimates the top 1,000 Ethereum wallets by balance, holding roughly 20.5 million ETH, are exposed. A quantum computer cracking one key every nine minutes could work through all 1,000 in under nine days. The master keys to DeFi Many smart contracts on Ethereum, the self-executing programs that power lending, trading and stablecoin issuance, give special privileges to a handful of administrator accounts. These admins can pause the contract, upgrade its code, or move funds. Google found at least 70 major contracts with admin keys exposed on-chain, holding about 2.5 million ETH. But the bigger risk is what those keys control beyond ETH. Admin accounts also govern minting authority for stablecoins like USDT and USDC, meaning a quantum attacker who cracks one could print unlimited tokens. The paper estimates roughly $200 billion in stablecoins and tokenized assets on Ethereum depend on these vulnerable admin keys. Forging even one could trigger a chain reaction across every lending market that accepts those tokens as collateral. Layer 2s built on vulnerable math Ethereum processes the bulk of its transactions through Layer 2 networks, separate systems like Arbitrum and Optimism that handle activity off the main chain and report back. These L2s rely on Ethereum's built-in cryptographic tools, none of which are quantum-resistant. The paper estimates at least 15 million ETH across major L2s and cross-chain bridges is exposed. Only StarkNet, which uses a different type of math based on hash functions rather than elliptic curves, is considered safe. Attacking the staking system Ethereum secures itself through proof-of-stake, where validators (network participants who lock up ETH as collateral) vote on which transactions are valid. Those votes are authenticated using a digital signature scheme the paper considers vulnerable to quantum computers. Roughly 37 million ETH is staked. If an attacker compromises one-third of validators, the network can no longer finalize transactions. Two-thirds gives the attacker the ability to rewrite the chain's history. The paper notes that if staking is concentrated in large pools, such as Lido at roughly 20%, targeting a single provider's infrastructure could dramatically shorten the attack timeline. The exploit you only need to run once This is the vector with no precedent. Ethereum uses a system called Data Availability Sampling to verify that transaction data posted by L2 networks actually exists. That system depends on a one-time setup ceremony that generated a secret number, which was supposed to be destroyed afterward. A quantum computer could recover that secret from publicly available data. Once recovered, it becomes a permanent tool, a piece of normal software, that can forge data verification proofs forever without needing quantum access again. Google describes this exploit as "potentially tradable." Every L2 that depends on Ethereum's blob data system would be affected. Ethereum's head start and its limits Drake, one of the paper's co-authors, sits inside the Ethereum Foundation. The Foundation launched a post-quantum research portal last week backed by eight years of work, with test networks are shipping weekly and a multi-fork upgrade roadmap targets quantum-resistant cryptography by 2029. Ethereum's 12-second block times also make real-time transaction theft far harder than on bitcoin, where blocks take 10 minutes. But the paper is clear that upgrading Ethereum's base layer does not automatically fix the thousands of smart contracts already deployed on it. Each protocol, bridge and L2 would need to independently upgrade its own code and rotate its own keys. No single entity controls that process. More For You The Definitive Stablecoin Landscape Series: North America By CoinDesk Research Mar 26, 2026 Commissioned by Ripple As stablecoins evolve into core financial infrastructure, North America leads. This report maps the regulation, market shifts, and players driving adoption. Why it matters : Stablecoins are entering their third phase of evolution - the institutionalization era - becoming increasingly embedded into core financial infrastructure. As institutions prioritize transparency and compliance, regulated issuers like USDC, RLUSD, and PYUSD are steadily gaining share with RLUSD surpassing $1B in market cap within its first year. North America, leading in regulatory frameworks and institutional distribution, is at the center of it all. View Full Report More For You Zcash upside hinges on repricing financial privacy in an AI-driven world, Grayscale says By Will Canny , AI Boost | Edited by Sheldon Reback 21 hours ago The crypto asset manager argued rising surveillance and AI could elevate demand for private digital money, positioning Zcash as a mispriced bet on confidentiality. What to know : Grayscale said AI and onchain transparency could push privacy from niche to core financial feature. Zcash adoption metrics show real usage, even though its market share remains very small. The report framed ZEC as a high-risk asset with significant upside if privacy demand reprices. Read full story Latest Crypto News Prediction markets backlash builds possible stormcloud for 2027 12 minutes ago Forex startup OpenFX raises $94 million to expand stablecoin-powered cross-border payments 32 minutes ago Quantum risk resurfaces at the worst time for bitcoin, but 1 token is loving it 57 minutes ago A quantum computer may need just 10,000 qubits to empty your crypto wallets, researchers say 1 hour ago Bearish sentiment builds in crypto as volatility and hedging rise 1 hour ago David Bailey’s Nakamoto sells roughly 5% of its bitcoin holdings, offloading 284 BTC 2 hours ago Top Stories Breaking Bitcoin with quantum may be easier than thought, with Taproot partly to blame, Google says 7 hours ago Bitcoin demand falters as 'real' interest rates surge 5 hours ago Bitcoin holds $67,500 as Trump signals he may end Iran war with Hormuz still shut 6 hours ago Maryland man charged in $50 million Uranium Finance hack after U.S. seized $31 million in crypto 6 hours ago Democrats urge warnings to federal officials against insider bets on prediction markets 14 hours ago