Invest ideasNews
31 Mar 2026, 20:03
Zcash Vulnerability That Put Millions of Dollars of ZEC at Risk Has Been Fixed
A critical vulnerability in Zcash node software could have allowed attackers to drain millions of dollars of ZEC from a deprecated shielded pool.
31 Mar 2026, 19:02
Google calls for urgent post-quantum cryptography shift after revealing growing Bitcoin vulnerability
Google warns that quantum advancements are lowering barriers to breaking cryptocurrency encryption. Industry-wide transition to post-quantum cryptography is recommended before 2029. Continue Reading: Google calls for urgent post-quantum cryptography shift after revealing growing Bitcoin vulnerability The post Google calls for urgent post-quantum cryptography shift after revealing growing Bitcoin vulnerability appeared first on COINTURK NEWS .
31 Mar 2026, 18:02
Ethereum’s top 1,000 wallets could lose 20.5M ETH in 9 days without a quantum-resistant upgrade
The top 1,000 wealthiest wallets on the Ethereum ( ETH ) network could be systematically drained in 9 days by an attacker equipped with a sufficiently powerful quantum computer, according to new research. The research published on March 31 by the Google Quantum AI team found that the majority of Ethereum accounts have already initiated at least one transaction, thereby making their public keys visible and their funds quantum-vulnerable. Together, the top vulnerable Ethereum accounts hold approximately 20.5 million ETH, which is valued at about $4.27 billion at press time. Ethereum account vulnerability. Source: Google The Ethereum accounts that have never sent a transaction remain safe for now, since their public keys are still masked behind their wallet address. Is there a solution to quantum attacks on Ethereum? The research highlighted Account Abstraction (AA) as Ethereum’s most cited quantum defense through the 2023 ERC-4337 upgrade. The upgrade improves flexibility and reduces reliance on static keys, but it cannot hide a public key that is already on-chain. As such, the paper concluded that AA only treats the symptoms rather than the root cause. Last month, Vitalik Buterin, co-founder of the Ethereum network, proposed a roadmap to strengthen the network’s quantum resistance. Buterin’s proposal aims to address four vulnerabilities: consensus signatures, data availability, wallet signatures, and application-layer zero-knowledge proofs. However, the public keys of the top wealthiest accounts that have already transacted are exposed to quantum attacks and are not covered by these proposals. Meanwhile, the Ethereum community has been relying on a post-quantum team , led by Thomas Coratger, to ensure a smooth transition without any loss of funds. With the Ethereum network boasting the largest smart contract ecosystem, a secure post-quantum security roadmap is key to maintaining user trust before the end of this decade. The post Ethereum’s top 1,000 wallets could lose 20.5M ETH in 9 days without a quantum-resistant upgrade appeared first on Finbold .
31 Mar 2026, 13:02
Google Says Breaking Bitcoin May Need 80% Fewer Qubits Than Expected and Bitcoin’s Own Upgrade Made It Worse
Google’s quantum computing division just released a research paper that puts Bitcoin’s very own existence into question. The research from the Quantum AI team says that cracking Bitcoin’s elliptic curve cryptography could require less than 500,000 physical qubits. For context, this is roughly 80% less than earlier estimates which were in the millions. The same study also mentions that a sufficiently advanced quantum computer could intercept a live Bitcoin transaction in about nine minutes, which is faster than the network’s average confirmation time of around 10 minutes, succeeding about 41% of the time. At the same time, Google has already indicated that it will complete migration of its own authentication infra to post-quantum cryptography by 2029. This just shows that the company building the hardware recognizes the threat and the urgency needed to act. Source: Google Quantum AI There are roughly one-third of all BTC in circulation today, or 6.9 million BTC, worth around $456 billion that sit in wallets where the public keys are visible on-chain. Part of the reason for that is Bitcoin’s own Taproot upgrade, a protocol improvement that was supposed to enhance privacy but inadvertently defaulted to exposing public keys. Here’s what the research actually says, what Taproot changed, and where Bitcoin’s quantum preparedness actually stands right now. Google Lowered the Qubit Estimate by 80%: Here’s What That Means The quantum threat for Bitcoin has been a narrative for years now. However, this week, researchers from Google quantum AI division released a paper that narrowed the timeline even further. As reported in SpendNode and Crypto Briefing , the study found that breaking Bitcoin’s ECDSA cryptography may require only 500,000 physical qubits, which is far less than previous estimates that ranged into the millions. Approximately 1,200 to 1,450 high-quality logical qubits could be enough for an attack. The paper also mentions that a powerful enough quantum computer could intercept a live Bitcoin transaction within roughly nine minutes and redirect transactions faster than the network can confirm transactions around 41% of the time. It’s important to note that a huge caveat still exists. No quantum computer in 2026 is anywhere close to executing this. Projections for a cryptographically relevant quantum computer vary from being 10 to 15 years away with more conservative outlooks pointing 20 or even 40 years. That, however, is actually besides the point. The resource estimate just dropped by 80% and that means what was seen as a multi-generational threat becomes a problem that we could realistically see within this decade. The shift isn’t that the threat has arrived, it’s that the assumptions underpinning Bitcoin’s security runway just got a lot less comfortable. One Third of All Bitcoin Is Already Exposed and Taproot Made It Worse Data from SpendNode states that roughly 6.9 million BTC, around one-third of all Bitcoins in circulation, sit in wallets where public keys are visible on-chain. At the time of writing, this is around $456 billion worth of Bitcoin that is essentially exposed to a potential quantum attack. The vulnerability comes from how Bitcoin addresses work: when a transaction is sent, the sender’s public key is briefly revealed on-chain. In theory, a sufficiently powerful quantum computer could use that public key to reverse-engineer the corresponding private key and redirect funds before the network finalises anything. That mechanism is the core of what Google’s paper is describing. The number of wallets under threat is large and Bitcoin’s own Taproot upgrade that went live in November 2021, actually inadvertently widened this number. The upgrade was designed to improve privacy and efficiency which it delivered on. However, Taproot, by design, makes public keys visible for Taproot-type transactions. This means, every wallet that has ever sent BTC using a Taproot address has their public keys visible on-chain. That said, wallets that have only received transactions and never sent are safer since the public keys stay hidden behind a hash. There are no quantum computers that can act on this vulnerability at this stage. However, the concern is that the gap between “doesn’t exist” and “does exist” just got measurably narrower. Google Says 2029: Bitcoin Has No Plan On March 25, Google set a hard deadline of 2029 for its own authentication services to migrate to post-quantum cryptography. According to DL News, the company moved from demonstrating below-threshold error correction to setting a firm corporate migration deadline in just 16 months. That signal in itself is very hard to push aside. The organisation actually building the hardware is telling its own engineers to be ready in three years. Bitcoin’s position looks considerably different — no coordinated plan, no funding structure, no agreed timeline. The only formal step on record is BIP 360, a proposal for a quantum-resistant address format recently merged into Bitcoin’s improvement repository per Decrypt. It’s a starting point for a conversation, not a deployment. The deeper issue is structural. Bitcoin’s last major cryptographic upgrade, Taproot, took years of community debate before finally activating in November 2021 — and that was a far less contentious change than a full post-quantum migration would be. Bitcoin’s decentralised, consensus-driven governance has historically been one of its genuine strengths — it has kept bad ideas out just as effectively as it has slowed good ones down. That trade-off works well when threats are abstract and timelines are long. It works less well when the company building the relevant hardware has just put a date on it. Three years is not a lot of runway for a network that takes years just to agree on the shape of a proposal and as Benzinga noted , the timeline just set by google puts Bitcoin developers “on the hot seat”. What This Means for BTC Holders and What to Watch The 2029 deadline is for Google, not Bitcoin. That said, the fact that the company building the hardware has set a date for its own systems to migrate says a lot about the timeline for potential quantum capabilities that could threaten Bitcoin’s cryptography. For now, wallets that have only received and never sent a transaction using Taproot are on the safe side. On the other hand, the most exposed Bitcoin is concentrated in wallets that have actively transacted using Taproot addresses. When we come to the market side, this news has not moved price in any meaningful way just yet. Bitcoin is about to close Q1 at over -24%, making it the weakest first quarter since 2018. This decline, however, has had nothing to do with the quantum fear but is instead a result of the Iran conflict and the broader macro economic headwinds. The timing of this news however is certainly not favourable for Bitcoin. If this narrative starts to pick up steam, it could rattle an already fragile market and cause a further decline in price. Whether proposals like BIP 360 evolve into actual activation discussions, and whether Google’s quantum milestones, especially progress toward the ~1,200 logical qubit threshold identified in its research, begin to materialize are what needs to be monitored at this stage. The threat isn’t immediate, but the timeline is no longer abstract and that’s the shift the market hasn’t priced in yet. If you're reading this, you’re already ahead. Stay there with our newsletter .
31 Mar 2026, 10:17
U.S. Revives Uranium Finance Hack Case With Maryland Charges
Federal prosecutors in New York have charged a Maryland man in connection with the 2021 Uranium Finance hacks, a DeFi case that had gone quiet for years before investigators recovered part of the stolen crypto. The Southern District of New York said Jonathan Spalletta, 36, of Rockville, Maryland, surrendered on March 30, 2026 after an indictment was unsealed. He faces one count of computer fraud and one count of money laundering. Prosecutors said the case centers on two April 2021 attacks against Uranium Finance, a decentralized exchange that operated on BNB Chain. According to the indictment summary, the first exploit took place between April 6 and April 8, 2021 and drained about $1.4 million by abusing the protocol’s reward system. The DOJ said the larger second attack came on April 28, 2021, when a coding error let the attacker siphon about $53.3 million from 26 liquidity pools. The DOJ said the second exploit effectively destroyed the platform. Investigators allege Spalletta then moved and concealed the proceeds through swaps and mixing services, including Tornado Cash. The government also said he later spent part of the money on rare collectibles, including high value trading cards, coins, and other historical items. Those claims remain allegations unless proven in court. Seizure Brought Old DeFi Theft Back to Life The case appears to have regained momentum after a major seizure last year. In February 2025, U.S. authorities seized about $31 million tied to the Uranium Finance exploits. TRM Labs, which assisted the investigation, said law enforcement traced funds that had moved across multiple blockchains and through laundering routes over several years before the seizure took place. That recovery gave the Uranium Finance case new life and showed how old DeFi thefts can still lead to criminal charges. TRM said some of the stolen assets had remained dormant for years before moving again, which helped investigators map the laundering trail. The seizure did not cover the full amount taken, but it marked one of the more notable recoveries tied to an older DeFi exploit. The DOJ has also asked possible victims to contact investigators by email. If convicted, Spalletta faces a maximum sentence of 10 years on the computer fraud charge and 20 years on the money laundering charge, though any sentence would be decided by the court. For now, the case stands as one of the clearest signs that U.S. authorities are still pursuing large crypto thefts long after the original attack.
31 Mar 2026, 02:24
Indictment Against BNB Chain Hacker Spalletta
New York Prosecutor's Office filed an indictment against Jonathan Spalletta, who hacked BNB Chain-based Uranium Finance in 2021. $54M was stolen, funds were spent on collections. Spalletta surrende...
