Headline: Quantum threat to crypto may be coming through the wires, not your wallet keys
The crypto industry’s debate about quantum computers has largely fixated on one fear: a future quantum machine that can reverse a public Bitcoin address into a private key. But a venture capitalist and quantum-hardware investor says that’s the wrong half of the problem — and the more urgent danger is already traveling across networks today.
“The financial system’s most dangerous vulnerability isn’t stored data, it’s the data moving between institutions right now,” Andrew Gault, CEO of networking firm ZeroTier and a founding partner of deep‑tech investor 7percent Ventures, told CoinDesk. Gault’s firm backs companies including British quantum-computing startup Universal Quantum.
Harvest-now, decrypt-later: the stealthy attack
Gault warns sophisticated adversaries are quietly collecting network traffic — interbank messages, payment authentication records and digital signatures — not because they need to read it today, but because they can store it cheaply and decrypt it later once quantum hardware matures. That strategy, known in cryptography circles as “harvest now, decrypt later,” shifts the threat from static wallet keys to the authentication and proof layers that define ownership and liability.
Google’s March quantum research, which showed a sufficiently powerful quantum computer could extract a Bitcoin private key from an exposed public key in roughly nine minutes, amplified concerns about public keys. That work and subsequent conversations focused on the roughly 6.9 million BTC in addresses with exposed public keys and the absence of a coordinated post‑quantum migration plan for Bitcoin.
But Gault and other security teams say wire‑level signing infrastructure — the authentication packets and signatures moving between exchanges, bridges, custodians and banks — represents a broader, higher‑value attack surface. These signed records don’t just authenticate transactions; they are the legal and operational proof of who authorized what.
Major tech and finance actors are already treating the problem as immediate. Google’s security team has set 2029 as its target to complete a post‑quantum cryptography migration, citing progress in quantum hardware and error correction. In a March post, Google security executives Heather Adkins and Sophie Schmieg explicitly reprioritized their threat model toward authentication services and digital signatures, warning that “the threat to encryption is relevant today with store‑now‑decrypt‑later attacks.”
The systemic stakes are high
Quantitative studies underscore the potential systemic fallout. Citi modeled a scenario in which a quantum‑enabled attack on a top-five U.S. bank’s access to the Federal Reserve’s Fedwire Funds Service could trigger a $2 trillion to $3.3 trillion cascade across the U.S. economy — a shock equivalent to a 10%–17% drop in real GDP. The Global Risk Institute, cited in Citi’s analysis, places the probability of a cryptographically relevant quantum computer arriving by 2034 between 19% and 34%.
For crypto specifically, the vulnerable “wire” surface is wide: cross‑chain bridge proofs, exchange API authentication packets, signed transactions broadcast to and archived in public mempools, and the back‑channel signing traffic between cold storage and trading desks all sit on the same spectrum of risk as bank‑grade messaging.
Some in the industry argue the wallet‑key threat is overrated. A February CoinShares report estimated only about 10,200 BTC are concentrated enough in vulnerable addresses to move markets if stolen. Gault’s concern, however, is that harvested authentication records carry legal and operational consequences well beyond the direct theft of coins: they can rewrite the ledger of who authorized transactions and who remains liable.
Patchwork response across crypto
There is movement: Ethereum has launched a coordinated post‑quantum migration. Bitcoin, by contrast, has not mounted an equivalent effort, and major exchanges and custodians — where most signing traffic originates — have not publicly committed to a unified migration strategy.
As the industry digests both academic breakthroughs and corporate threat assessments, security experts say attention must shift from individual private keys to the live streams of authentication and signing data that underpin modern finance and crypto exchanges. Without coordinated migration plans and stronger wire‑level protections, the most consequential quantum risk may already be quietly accruing in archives across the internet.
Read more AI-generated news on: undefined/news
