Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 40+ AI models, with 0% extra fees
Quantum computing and blockchain: the threat moved closer this year
The quantum risk to crypto has always been filed under "later." A Google Quantum AI paper from March 30 narrowed what "later" means.
→ What the paper found
Breaking secp256k1, the curve that locks Bitcoin and Ethereum wallets, takes under 1,200 logical qubits. On real hardware, that works out to under 500,000 physical qubits. About 20x less than the old estimate of ~9 million.
The paper came from Google, the Ethereum Foundation, and Stanford. They proved the number without releasing the actual attack.
Still, this is a calculation, not a real machine. The best computers today run a few thousand qubits at most. The gap is huge. What shrank is the target, not the hardware.
→ Where the timeline actually sits
The vendor roadmaps look closer than they are. IonQ targets 1,600 logical qubits by 2028. IBM around 2,000 by 2033.
But qubit count isn't the same threshold as running a 90M-gate circuit at low enough error. Justin Drake, one of the co-authors, puts it at roughly
10% odds a quantum computer recovers a secp256k1 key by 2032.
Early 2030s with wide error bars is the honest read. Not a five-year countdown.
→ What's actually exposed
Anything with its public key already on-chain (P2PK outputs, reused addresses) is what a Shor's attack needs. That runs to several million BTC, a large share of it Satoshi-era and unmovable.
The nearer concern is harvest-now-decrypt-later. Exposed data gets archived today and decrypted once the hardware arrives, so the collection doesn't wait for the CRQC to exist.
→ Who's already moving
• Circle published a post-quantum roadmap, with PQ signatures planned at Arc mainnet
• Nervos CKB built for cryptographic agility, swapping signature schemes without a hard fork
• NIST has standardized the algorithms most migrations will lean on (Dilithium, Kyber, SPHINCS+)
The read
The "9 minutes to crack Bitcoin" headlines got ahead of the evidence. But the estimates only move one direction, and the coins most at risk are the ones no one can migrate.
How a chain handles this comes down to whether key migration is live work or a someday problem.