ZeroTier CEO Says Quantum Attackers Are Already Collecting Crypto Data

• _ZeroTier CEO warns adversaries are already harvesting encrypted crypto authentication data for future quantum decryption.
  _
• _Google targets 2029 for post-quantum migration, citing store-now-decrypt-later attacks as an immediate and credible threat.
  _
• Ethereum has launched a post-quantum migration plan, but Bitcoin and major crypto exchanges have yet to commit to one.

ZeroTier CEO Andrew Gault says quantum attackers are already collecting encrypted crypto network data today, well before any quantum computer exists to decode it.

Gault, who has spent a decade funding quantum hardware startups, believes the industry is protecting the wrong target.

The focus on wallet keys, he argues, ignores a quieter and more dangerous strategy already underway.

Adversaries are harvesting live authentication data now, storing it cheaply, and waiting for quantum capability to catch up.

ZeroTier CEO Warns of “Harvest Now, Decrypt Later” Strategy

Gault currently leads networking firm ZeroTier and co-founded deep-tech investment firm 7percent Ventures.

His portfolio includes British quantum computing startup Universal Quantum. That background places him unusually close to both the threat and the infrastructure being targeted.

“The financial system’s most dangerous vulnerability isn’t stored data, it’s the data moving between institutions right now,” Gault told CoinDesk.

He went further, stating that security teams have been trained to protect data at rest but the adversary’s strategy has changed.

“They’re patient, they have storage, and they’re building a library of today’s encrypted traffic to decrypt the moment quantum capability crosses the threshold,” he added. That quiet accumulation, he warns, is already happening across crypto networks.

Google’s security team reached the same conclusion in March. The company set 2029 as its internal deadline for completing a post-quantum cryptography migration.

Authored by Google’s VP of security engineering and a senior cryptography engineer, the announcement confirmed that “the threat to encryption is relevant today with store-now-decrypt-later attacks.”

Google also reprioritized its internal threat model around authentication services and digital signatures, which aligns directly with what Gault has flagged.

The same Google Quantum AI research that rattled Bitcoin earlier this year found that a sufficiently powerful quantum computer could derive a private key from an exposed public key in about nine minutes. However, Gault says that finding still steers the industry toward the wrong conversation.

ZeroTier CEO Points to Authentication Layer as the Real Exposure

Citi put hard numbers to this risk in February. A quantum-enabled attack on a single top-five U.S. bank’s connection to the Fedwire Funds Service could trigger between $2 trillion and $3.3 trillion in economic damage.

That equals a potential 10% to 17% decline in real U.S. GDP. The Global Risk Institute places the probability of a cryptographically relevant quantum computer arriving by 2034 at between 19% and 34%.

For crypto markets, the exposed surface runs wider than wallets alone. Cross-chain bridge proofs, exchange API authentication packets, signed transactions sitting in public mempools, and back-channel signing traffic between cold storage and trading desks all sit on the same vulnerability spectrum.

CoinShares estimated in February that only around 10,200 BTC are concentrated enough to move markets if stolen through a wallet-key attack.

Gault’s concern targets something harder to quantify but far more consequential. “The particularly uncomfortable reality for financial institutions is that the authentication records being harvested aren’t just sensitive,” he said.

“It’s the proof layer that determines who owns what, who authorized which transaction, and who bears legal liability.”

Compromising that layer does not merely steal assets, it dismantles the entire record of ownership.

Ethereum has already launched a coordinated post-quantum migration. Bitcoin has not committed to one.

Most major crypto exchanges and custodians, where the bulk of live signing traffic originates, have also stayed silent on the matter. That silence, Gault suggests, is precisely what patient adversaries are counting on.