Most of the online reaction to the Google Quantum AI paper published late Monday focused on Bitcoin. The attack lasted for 9 minutes, the probability of theft was 41%, and 6.9 million bits of BTC were potentially leaked.
The Ethereum section hasn’t received much attention. It’s worth more.
The white paper, co-authored by Ethereum Foundation researcher Justin Drake and Stanford University’s Dan Bourne, maps five ways quantum computers could attack Ethereum, each targeting a different part of the network.
At current prices, the total exposure is more than $100 billion, and the ripple effects could be even larger.
A wallet that can never be hidden
With Bitcoin, the public key (the encrypted ID associated with your funds) can remain hidden behind a hash (a type of digital fingerprint) until you use it. In Ethereum, the moment a user sends a transaction, their public key is permanently visible on the blockchain.
There is no way to rotate your account without completely abandoning it. Google estimates that the top 1,000 Ethereum wallets hold around 20.5 million. $ETHexposed.
A quantum computer that cracks one key every nine minutes could crack all 1,000 keys within nine days.
DeFi master key
Many of the smart contracts on Ethereum are self-executing programs that power lending, trading, and stablecoin issuance, giving special privileges to a small number of administrator accounts. These administrators can pause contracts, upgrade code, and transfer funds.
Google discovered at least 70 major contracts with management keys exposed on-chain, holding approximately 2.5 million contracts $ETH. But the bigger risk is what those keys control $ETH.
The administrator account also controls minting privileges for stablecoins such as USDT and USDC. This means that if a quantum attacker cracks it, they can print an unlimited number of tokens. The paper estimates that approximately $200 billion of stablecoins and tokenized assets on Ethereum depend on these weak administrative keys.
Forging even one could trigger a chain reaction in any lending market that accepts those tokens as collateral.
Layer 2 built on weak mathematics
Ethereum handles the majority of transactions through a Layer 2 network, separate systems such as Arbitrum and Optimism that process and report activity off the main chain.
These L2s rely on Ethereum’s built-in cryptographic tools, none of which are quantum-resistant. The newspaper estimates at least 15 million people. $ETH The entire main L2 and cross-chain bridge is at risk.
Only StarkNet, which uses a different type of mathematics based on hash functions rather than elliptic curves, is considered secure.
attack the staking system
Ethereum protects itself through proof of stake. Validator (network participant who locks up) $ETH Vote on which transactions (as collateral) are valid. These votes are authenticated using a digital signature scheme that the paper believes is vulnerable to quantum computers.
Approximately 37 million $ETH The bet is on. If an attacker compromises one-third of the validators, the network will be unable to complete transactions. Two-thirds allows an attacker to rewrite the history of the chain.
The paper points out that if staking is concentrated in a large pool (such as around 20% on Lido), targeting a single provider’s infrastructure can significantly shorten the attack timeline.
Exploits that only need to be executed once
This is an unprecedented vector. Ethereum uses a system called Data Availability Sampling to verify that transaction data posted from the L2 network actually exists. The system relied on a one-time setup ritual that generated a secret number, which was then to be discarded.
A quantum computer could potentially recover its secrets from publicly available data. Once recovered, it becomes a permanent tool, part of regular software, allowing data verification proofs to be forever forged without ever requiring quantum access again.
Google describes the exploit as “potentially tradable.” All L2s that rely on Ethereum’s BLOB data system will be affected.
Ethereum’s head start and its limitations
Drake, one of the paper’s co-authors, works within the Ethereum Foundation. The foundation last week launched a post-quantum research portal backed by eight years of work, with test networks shipping weekly and a multi-fork upgrade roadmap targeting quantum-proof cryptography by 2029.
Ethereum’s block time is 12 seconds, which makes real-time transaction theft much more difficult than Bitcoin, where blocks take 10 minutes.
However, the paper makes clear that upgrading Ethereum’s base layer will not automatically fix the thousands of smart contracts already deployed on Ethereum. Each protocol, bridge, and L2 must separately upgrade its own code and rotate its own keys. There is no single entity controlling that process.
