- Google said quantum machines could crack top Ethereum wallets in under nine days.
- Admin keys linked to $200 billion in assets face rising quantum theft exposure now.
- Validators and layer-2 networks carry major exposure in Google’s quantum model now.
Google’s quantum computing team published a white paper that mapped several quantum risks across Ethereum. The paper said a sufficiently advanced quantum computer could crack the private keys of Ethereum’s 1,000 wealthiest wallets in under nine days. Those wallets hold more than 20 million ETH.
The paper also set out a timeline that researchers said no longer leaves room for complacency. The report tied wallet risk, smart contracts, validators, and layer-2 systems into one widening threat. Ethereum wallets now rely on a private key and a public address.
That system stops attackers from working backward from the public address to the private key. Google said quantum machines would break that barrier once they become powerful enough. Could Ethereum harden its defenses before that point arrives?
Wallet Exposure Comes First
Google said Ethereum faces five separate levels of exposure. The first and most direct threat sits with individual wallets. The top 1,000 wallets alone hold about 20.5 million ETH. The paper said a fast quantum computer could crack a single wallet’s private key in about nine minutes. That estimate turned a distant concern into a specific security window as it also framed the scale of risk for large holders.
Google used Bitcoin to show the speed of that threat. A Bitcoin block takes about ten minutes to confirm. Project Eleven said that the gap could let an attacker steal funds from a pending transaction in a mempool attack.
Smart Contracts Extend the Threat
The paper said smart contracts also face serious exposure. These programs run lending, trading, and stablecoin issuance across Ethereum. Many give special powers to administrator accounts.
Those admins can pause a contract, upgrade its code, or move funds. Google found at least 70 major contracts with admin keys exposed on-chain, which hold about 2.5 million ETH.
Yet the larger risk sits beyond ETH balances. Admin accounts also control minting authority for stablecoins such as USDT and USDC. Google estimated that about $200 billion in stablecoins and tokenized assets depend on those vulnerable keys.
A cracked admin key could let an attacker print unlimited tokens. In turn, that breach could spread through lending markets that accept those assets as collateral. One forged key could hit several markets at once.
Validators and Layer-2 Systems Face Pressure
Google said validators add another layer of exposure. Validators keep Ethereum running and hold 37 million ETH in staked funds. The systems supporting Ethereum’s layer-2 networks each carry exposure worth around 15 million ETH.
The paper then turned to Ethereum’s data availability system. Ethereum uses Data Availability Sampling to confirm that transaction data posted by layer-2 networks actually exists. That process depends on a one-time setup ceremony.
That ceremony generated a secret number that participants were supposed to destroy. Google said a quantum computer could recover that secret from public data. After that, an attacker could turn it into normal software.
The paper described that exploit as potentially tradable. It said the recovered secret could forge data verification proofs without further quantum access. Every layer-2 network that depends on Ethereum’s blob data system would face that risk.
Be the first to comment