Andrew Gault, a venture capitalist who has spent a decade funding deep-tech and quantum hardware startups, says the bitcoin industry is looking in the wrong place for its biggest quantum threat. Rather than the approximately 6.9 million BTC sitting in addresses with exposed public keys—long the focus of post-quantum migration debates—the more urgent vulnerability lies in encrypted messages already moving between exchanges, bridges, and custodians across open networks today.
Market Context
The conversation around quantum risk in crypto intensified in March when Google Quantum AI published research demonstrating that a sufficiently powerful quantum computer could derive a bitcoin private key from an exposed public key in approximately nine minutes. That paper reignited longstanding concerns about the roughly 1 million BTC held in addresses with visible public keys, much of it attributed to Satoshi Nakamoto. Ethereum has launched a coordinated post-quantum migration effort, but Bitcoin itself has not undertaken a comparable initiative. Major crypto exchanges and custodians—where most signing traffic concentrates—have yet to publicly commit to any timeline for cryptographic upgrades.
Analysis
Gault, CEO of networking firm ZeroTier and founding partner of 7percent Ventures, whose portfolio includes British quantum-computing startup Universal Quantum, argues that the financial system's most dangerous vulnerability isn't stored data but encrypted traffic moving between institutions right now. "Every interbank message, every payment authentication record, and every digital signature traveling across a network today is being collected by sophisticated adversaries who don't need to read it yet," he told CoinDesk.
The strategy driving this urgency is known in cryptography circles as "harvest now, decrypt later." It assumes adversaries are already collecting encrypted traffic at scale, storing it cheaply until sufficiently powerful quantum computers arrive. Gault notes that while CISOs and security teams have been trained to protect data at rest, the adversary's strategy has fundamentally shifted toward patience and storage.
Google's own security engineers have reached similar conclusions. In a March post written by vice president of security engineering Heather Adkins and senior cryptography engineer Sophie Schmieg, Google set 2029 as its target for completing a post-quantum cryptography migration. The post explicitly stated that "the threat to encryption is relevant today with store-now-decrypt-later attacks" and reprioritized Google's internal threat model toward authentication services and digital signatures—the same wire-level signing infrastructure Gault has been highlighting.
For crypto markets specifically, the wire-level attack surface extends beyond individual wallet keys. Cross-chain bridge proofs, exchange API authentication packets, signed transactions archived in public mempools, and back-channel signing traffic between cold storage and trading desks all sit on the same vulnerability spectrum as the bank-grade encryption Citi was modeling. "The particularly uncomfortable reality for financial institutions is that the authentication records being harvested aren't just sensitive," Gault said. "It's the proof layer that determines who owns what, who authorized which transaction, and who bears legal liability."
Key Numbers
- $2 trillion to $3.3 trillion: Estimated cascade impact of a quantum-enabled attack on Fedwire Funds Service at a single top-five U.S. bank, per Citi modeling
- 10% to 17%: Potential decline in real GDP from such an attack scenario, according to the same Citi report
- 19% to 34%: Global Risk Institute's estimated probability of a cryptographically relevant quantum computer arriving by 2034
- ~6.9 million BTC: Bitcoin holdings in addresses with exposed public keys that have drawn most post-quantum attention
- ~10,200 BTC: Amount CoinShares estimates is concentrated enough to meaningfully move markets if stolen through quantum key derivation
- 2029: Google's target completion date for its own post-quantum cryptography migration
What to Watch
Whether Bitcoin's core developers and mining community coalesce around a coordinated post-quantum migration timeline—something Ethereum has already begun. Institutional custodians and major exchanges, which handle the bulk of signing traffic and authentication records vulnerable to harvest-now-decrypt-later attacks, face pressure to articulate their own cryptographic upgrade roadmaps. The Global Risk Institute's 19% to 34% probability estimate for cryptographically relevant quantum capability by 2034 suggests this isn't a distant theoretical risk—adversaries collecting encrypted financial traffic today may be operating on decade-scale decryption timelines.
Traders should monitor whether any major exchange or custodian announces post-quantum commitments, and watch for regulatory guidance from bodies like the SEC or CFTC on digital asset custody standards in the context of quantum readiness. The Citi modeling framing this as a systemic financial stability risk—rather than merely an individual wallet breach scenario—may accelerate attention from federal banking regulators.