Google’s 2029 quantum warning jolts crypto

Google has set 2029 as the target date to migrate its authentication systems to post-quantum cryptography, sharpening the timetable for a technology shift that security agencies and standards bodies had already said could take years. The move gives fresh weight to a deadline that parts of the Ethereum ecosystem have been preparing for since 2022, while Bitcoin still lacks a settled network-wide plan despite a growing body of technical proposals.

The search company said this week it was “setting a timeline” for post-quantum migration to 2029, citing advances in quantum hardware, error correction and resource estimates for factoring attacks. That matters because authentication services sit at the heart of digital trust, from account logins to software validation. Google’s position is more aggressive than the broader NIST transition arc, which envisages vulnerable public-key algorithms being deprecated after 2030 and removed from standards by 2035, with faster action for higher-risk systems. NIST has also urged administrators to begin shifting to the new standards rather than wait for a mature quantum machine to appear.

For crypto networks, the issue is not academic. Bitcoin and Ethereum both rely on public-key cryptography that would be at risk from a sufficiently powerful fault-tolerant quantum computer running Shor’s algorithm. The practical danger is not that an attacker rewrites old blocks, but that exposed public keys and existing signature systems could eventually allow theft, spoofing or forced migration under pressure. Academic work on blockchain security has been warning for some time that distributed ledgers using classical signature systems will face structural stress once cryptographically relevant quantum computers become feasible.

Ethereum, however, has moved further in publicly framing the transition as a protocol design problem rather than a distant theoretical threat. An Ethereum Foundation research note published in July 2022 examined NIST’s first quantum-safe standard selections and what they meant for Ethereum’s signatures, zero-knowledge systems and consensus design. Since then, the roadmap has become more explicit. The Ethereum Foundation’s post-quantum programme now describes a multi-layer migration covering execution, consensus and data availability, with work on signature precompiles, post-quantum attestations, aggregation and longer-term full consensus changes. Ethereum’s official roadmap material also states plainly that making the network quantum resistant should happen as soon as possible.

That preparation is beginning to show up in concrete engineering proposals. EIP-8141, published in January, describes a “Frame Transaction” that would let accounts define validation more abstractly instead of being tied solely to ECDSA. Its stated purpose is to provide a native off-ramp from today’s elliptic-curve authentication towards post-quantum secure systems. That does not mean Ethereum has solved the problem. Its own post-quantum team says timelines remain uncertain, that a cryptographically relevant quantum computer is not believed to be imminent, and that rushing immature cryptography into production may create new risks. Still, it is no longer operating without a map.

Bitcoin’s picture is more fragmented. It is not accurate to say nothing is happening: proposals are active, and discussion has accelerated this year. BIP-360, for example, outlines a Pay-to-Merkle-Root output type designed to remove Taproot’s quantum-vulnerable key-path spend and create space for post-quantum signatures in future. The Delving Bitcoin forum now carries multiple 2026 discussions on post-quantum wallets, signature agility and quantum-resistant spending paths. Yet Bitcoin’s governance model, which prizes conservatism and broad consensus, means discussion does not amount to an agreed migration programme. Even the BIPs repository notes that publication does not imply consensus or adoption.

That gap between proposal and policy is becoming harder to ignore as mainstream institutions take the threat more seriously. Reuters reported this month that China expects post-quantum cryptography standards within three years, while Bloomberg reported in January that quantum risk had begun to influence portfolio decisions around Bitcoin. Outside crypto, banks, operating-system vendors and enterprise security teams are already testing or deploying parts of the migration stack. Google’s decision adds another signal that the debate is moving from “whether” to “how fast”.