Google did not reveal the quantum scheme it used to break the cryptography that protects Bitcoin.
Another parallel report showed that, with AI agents, the efficiency of Google’s paper was doubled.
Researcher André Schrottenloher reconstructed and published the quantum circuits that Google Quantum AI kept in reserve in its paper last March in which he claimed a reduction in the quantum resources needed to attack the cryptography that protects Bitcoin’s digital signatures. According to Schrottenloher’s study, shared this June 1 on the specialized website arXiv, its results were slightly more efficient than those reported by Google.
Schrottenloher’s report works on the scheme called secp256k1 (the specific elliptic curve that Bitcoin uses for its digital signatures) and, as the researcher stated, obtained a reduction of between 6.5% and 10% in Toffoli doors compared to the Google studyusing only 1.5% of qubits additional (quantum processing units, equivalent to traditional bits).
Toffoli gates are the most computationally expensive operations of the quantum algorithm. Shor (potentially capable of deriving a Bitcoin private key from a public key) and also determine how long the attack would take to execute. A reduction in the count of Toffoli doors It implies, in theory, a faster attack or executable with fewer resources.
However, Schrottenloher’s report does not update physical hardware estimates from Google Quantum AI study nor the proposed attack time of less than 9 minutes. The impact on Bitcoin of the reduction in Toffoli gates depends on physical architectures that Schrottenloher’s study does not specify. Furthermore, this researcher’s work did not undergo peer review at the time of its publication.
What did the Google Quantum AI paper say and what did it hide?
The Google Quantum AI study published on March 30 estimated that a quantum computer could crack a Bitcoin public key in less than 9 minutes with less than 500,000 physical qubits (basic quantum processing units) and that this represented a reduction of almost 20 times compared to the most efficient previous estimatesas reported by CriptoNoticias.
However, Google did not reveal the quantum structures that would make such an attack possible. Instead, he published a zero-knowledge proof (ZK), a cryptographic method that made it possible at that time to verify that the circuits exist and produce the declared results without displaying them.
Likewise, the security firm Trail of Bits found vulnerabilities in this ZK-based verifier that allowed the generation of cryptographically falsified tests that were indistinguishable from legitimate ones; Google patched the code and confirmed that its scientific conclusions were not affected.
The evidence to the Google study
Sreeram Kannan, founder of EigenCloud, explained in a report also published on June 1 that an undergraduate student with no training in quantum computing used AI agents to improve the circuits published by Google by approximately double the efficiency compared to the best result prior to the Google Quantum AI paper.
Days later, according to Kannan, an 18-year-old researcher reached 80% of Google’s unpublished result using his own AI agent system and spending $10,000 on computing. That percentage indicates how close it came to replicating the efficiency of the most advanced circuit known to attack Bitcoin cryptography, without access to Google’s original circuits and without specialized training in quantum computing.
The research community, according to Kannan’s report, went further: it improved Google’s circuit by 8.4%, measured by the combination of qubits needed and operations required to execute the attack.
Alex Thorn, head of research at Galaxy, evaluated the scope of that development: «This does not advance any ability to break Bitcoin beyond the Google paper, “But it shows the power of distributing research with swarms of agents.”.
Thorn also highlighted that “Google retained the circuits in its paper on March 31 specifically to avoid giving adversaries a functional attack, but a publicly verifiable goal turns out to be most of what a multitude needs to build circuits that approach the same border.
Charles Guillemet, chief technology officer at Ledger, synthesized that “what has changed is the honesty of every public post-quantum migration schedule. Trust is not broken when an attack is executed. “It erodes when the base appears thinner than the public record suggests, and the public record is now demonstrably thinner than reality: by classification at one end, by AI-powered re-derivation at the other.”
Neither Guillemet nor Thorn place Schrottenloher’s study as an immediate breaking point for Bitcoin, since there is currently no quantum computer capable of running these circuits at scale. However, while the community debates the potential risk, continued developments in this area could accelerate the arrival of ‘Q-day’.