Google Says 1,200 Qubits Could Crack Your Bitcoin Keys in 9 Minutes. Here Is What Your Dynasty Trust Must Do Now.

Home › Research › Google Quantum Bitcoin Keys & Dynasty Trust Estate Planning

On Saturday morning, most Bitcoin holders were watching price charts. They should have been reading a physics paper.

Google's Quantum AI team published research that fundamentally resets the timeline on quantum threats to Bitcoin's cryptographic security. The headline number — 1,200 logical qubits to derive a private key from its corresponding public key in approximately 9 minutes — is not a theoretical curiosity. It is a 10× reduction in the qubit requirements that the cryptographic community had been using as its safety margin. Prior estimates suggested that breaking Bitcoin's elliptic curve digital signature algorithm (ECDSA) would require 13 million qubits. Google just demonstrated, mathematically, that 1,200 to 1,450 logical qubits are sufficient.

For a trader with a 6-month time horizon, this is interesting news. For a dynasty trust designed to hold Bitcoin across three or four generations — across a time horizon that spans the entirety of the quantum computing era — this is a structural risk that demands immediate action in your trust documents, your UTXO management practices, your custodian selection, and your estate planning governance framework.

This is not a "Bitcoin is dead" article. Bitcoin's protocol is designed to evolve. BIP-360 (Pay to Quantum Resistant Hash) is already in development. The Bitcoin developer community has been working on post-quantum cryptography for years. The question is not whether Bitcoin will survive quantum computing — it will. The question is whether your trust structure is built to navigate the transition. Whether your trustee has the legal authority to migrate keys. Whether your custodian is preparing for quantum-resistant address types. Whether your UTXOs are sitting in addresses with exposed public keys, waiting to become low-hanging fruit for the first sufficiently powerful quantum computer.

Bitcoin at ~$68,500 with the Fear & Greed Index at extreme lows is the market pricing in fear without pricing in preparation. This article is the preparation.

What Google Actually Published: 1,200 Logical Qubits, 9 Minutes, and the ECDSA Vulnerability

Let us be precise about what Google's Quantum AI division demonstrated, because the nuance matters.

The Core Finding

Bitcoin uses the Elliptic Curve Digital Signature Algorithm (ECDSA) with the secp256k1 curve to generate key pairs and authorize transactions. When you send Bitcoin, your wallet broadcasts a digital signature that proves you control the private key associated with the sending address — and in the process, your public key is revealed on the blockchain. The security assumption is that deriving the private key from the public key is computationally infeasible with classical computers. With secp256k1, the best classical attack requires approximately 2¹²⁸ operations — a number so large that all the world's computing power operating for the age of the universe would not be sufficient.

Quantum computers change this calculus. Shor's algorithm, published in 1994, demonstrated that a sufficiently powerful quantum computer can solve the elliptic curve discrete logarithm problem (ECDLP) — the mathematical basis of ECDSA — in polynomial time. The question has always been: how many qubits are "sufficient"?

Previous estimates, including a widely cited 2021 paper, suggested approximately 13 million physical qubits would be needed, operating for 8 hours, to break a 256-bit ECDSA key. Google's new research introduces algorithmic optimizations that reduce the logical qubit requirement to between 1,200 and 1,450 — with a crack time of approximately 9 minutes once the computation begins.

Logical vs. Physical Qubits: The Critical Distinction

This distinction is essential and widely misunderstood. Logical qubits are the "ideal" qubits used in quantum algorithms — error-free, perfectly controlled. Physical qubits are the actual hardware units in a quantum processor — noisy, error-prone, and requiring extensive error correction. The ratio between physical and logical qubits depends on the error correction scheme and the physical qubit error rate.

With current quantum error correction technology:

• Conservative estimate: ~1,000 physical qubits per logical qubit → 1,200 logical qubits would require ~1.2 million physical qubits
• Optimistic estimate (based on Google's Willow error correction advances): ~3–5 physical qubits per logical qubit → 1,200 logical qubits would require ~4,000–6,000 physical qubits
• Near-term realistic estimate: ~100 physical qubits per logical qubit → 1,200 logical qubits would require ~120,000 physical qubits

Google's Sycamore processor had 72 physical qubits in 2023. Their Willow chip, announced in late 2024, demonstrated exponential improvement in error correction with 105 physical qubits. IBM's Condor processor reached 1,121 physical qubits. The roadmap targets published by Google, IBM, and Quantinuum all show processors exceeding 10,000 physical qubits by 2028–2030 and 100,000+ physical qubits by 2033.

What This Does NOT Mean

Google's research does not mean Bitcoin can be cracked today. The world's most advanced quantum computers have approximately 1,000–1,200 physical qubits — not logical qubits. The error correction overhead means we are still years away from 1,200 logical qubits. But the timeline just compressed dramatically. What was previously "maybe in 30 years" is now plausibly "within 10–15 years" — and the pace of improvement in quantum error correction is accelerating, not plateauing.

For a family office managing a portfolio with a 12-month outlook, 10–15 years is a comfortable buffer. For a dynasty trust with a 100-year time horizon, 10–15 years is next week.

Why This Matters More for Estate Plans Than for Traders

The crypto media covering Google's research has focused on the trading implications: should you sell? Is Bitcoin going to zero? These are the wrong questions. They reflect a trader's time horizon — weeks, months, maybe a year. The real vulnerability is not in the trading stack. It is in the estate planning layer.

The Time Horizon Problem

A trader who buys Bitcoin today and sells it in 2027 faces near-zero quantum risk. No quantum computer will break ECDSA by 2027. But a family that creates a dynasty trust in 2026 and funds it with Bitcoin is making a different bet entirely. That trust may exist for 100, 200, or 1,000 years in perpetual trust jurisdictions like South Dakota, Nevada, or Wyoming. It will span the entire quantum computing era — the period during which quantum computers progress from laboratory curiosities to commercially available systems capable of breaking current cryptographic standards.

The trust's Bitcoin must survive this entire transition. And survival requires more than holding keys in a vault. It requires:

• Address migration capability. The Bitcoin must be movable from current ECDSA-secured addresses to future quantum-resistant addresses. This requires a trustee with both the legal authority and the technical capability to execute the migration.
• Custodian adaptability. The custodian holding the trust's Bitcoin must be actively preparing for quantum-resistant address types and must be able to execute a migration when BIP-360 or a successor proposal is activated.
• UTXO hygiene. Bitcoin sitting in addresses where the public key has been exposed (any address that has been used to send a transaction) is more vulnerable than Bitcoin in fresh, never-spent-from addresses. Trust-held Bitcoin should be managed with the explicit goal of minimizing public key exposure.
• Governance flexibility. The trust document must be drafted with enough flexibility to accommodate cryptographic transitions that the grantor cannot fully anticipate at the time of creation. Rigid trust documents that specify custody methods in technical detail will become obstacles when the technology evolves.

The Irrevocable Trust Rigidity Problem

Here is the structural issue that makes quantum risk uniquely dangerous for estate plans: irrevocable trusts are, by definition, difficult to change. A grantor who creates an irrevocable dynasty trust in 2026 and does not include quantum adaptation authority in the trust document may leave the trustee legally unable to migrate the Bitcoin to quantum-resistant addresses when the time comes. The trustee would need to petition a court for modification — a process that takes months, costs tens of thousands in legal fees, and may be denied if the court determines that the quantum threat is "speculative."

By the time the threat is no longer speculative — by the time a quantum computer actually exists that can derive private keys from public keys — it will be too late to petition a court. The migration must be pre-authorized in the trust document itself, years or decades before it is needed.

This is the core argument of this article: the quantum risk to Bitcoin is primarily an estate planning risk, not a trading risk, because only estate structures operate on time horizons long enough to intersect with the quantum computing timeline, and only estate structures have the governance rigidity that can prevent timely response.

BIP-360: Bitcoin's Quantum Resistance Roadmap

We covered BIP-360 in detail in our March 14 analysis. Here is the updated picture in light of Google's research.

What BIP-360 Does

BIP-360 (Pay to Quantum Resistant Hash, or P2QRH) proposes a new Bitcoin address type that replaces ECDSA signatures with post-quantum cryptographic signatures. The leading candidates are:

• CRYSTALS-Dilithium — a lattice-based signature scheme, selected by NIST as the primary standard for post-quantum digital signatures (FIPS 204). Fast verification, reasonable signature sizes (~2.4 KB for the most compact parameter set).
• SPHINCS+ — a hash-based signature scheme, selected by NIST as a conservative alternative (FIPS 205). Larger signatures (~8–40 KB) but relies only on hash function security, which is considered more conservative than lattice assumptions.
• FALCON — another lattice-based scheme with smaller signatures (~690 bytes) but more complex implementation. Selected by NIST for standardization (FIPS 206).

BIP-360 would allow Bitcoin holders to create new quantum-resistant addresses and transfer their BTC from existing ECDSA addresses to the new address type via a standard Bitcoin transaction. The existing ECDSA address types would continue to function — the transition is voluntary, not forced — but Bitcoin in ECDSA addresses would remain vulnerable to quantum attack.

Updated Timeline Assessment Post-Google

Before Google's research, the BIP-360 development timeline was proceeding at the deliberate pace typical of Bitcoin protocol changes — years of review, testing, and consensus-building before activation. Google's finding accelerates the urgency without changing the development process. Bitcoin's consensus mechanism requires supermajority agreement among node operators, miners, and developers before any protocol change can be activated. This process cannot be rushed without compromising the security properties that make Bitcoin trustworthy.

Realistic BIP-360 timeline:

• 2026–2027: Active specification development, peer review, and reference implementation.
• 2027–2028: Testnet activation, client implementation by major node software (Bitcoin Core, btcd, libbitcoin).
• 2028–2029: Mainnet activation via soft fork — likely using a mechanism similar to Taproot's Speedy Trial.
• 2029+: Voluntary migration period — users and custodians move funds to quantum-resistant addresses.

This means the earliest realistic date for quantum-resistant addresses on Bitcoin mainnet is approximately 2028–2029. Google's research suggests that cryptographically relevant quantum computers could arrive by the mid-to-late 2030s under optimistic hardware projections. The window between BIP-360 activation and quantum capability is narrower than the community previously assumed — but it appears sufficient, if migration begins promptly after activation.

For dynasty trusts, the critical question is not the BIP-360 timeline. It is whether the trust's governance structure will allow the trustee to migrate when BIP-360 becomes available — and whether the custodian will support the migration technically.

The Exposed-Public-Key Problem: Why Some Bitcoin Is More Vulnerable Than Others

Not all Bitcoin addresses are equally exposed to quantum attack. The vulnerability depends on whether the public key has been revealed on the blockchain. This distinction is critical for trust-held Bitcoin.

How Bitcoin Addresses Work

A Bitcoin address is derived from a public key through one or more hash functions. The most common address types work as follows:

• P2PKH (Legacy, starts with 1): Address = RIPEMD-160(SHA-256(public key)). The public key is hidden behind two layers of hashing until the owner spends from the address.
• P2SH (Script Hash, starts with 3): Similar hash protection. Public key not revealed until spending.
• P2WPKH (SegWit, starts with bc1q): Public key hash-protected until spending.
• P2TR (Taproot, starts with bc1p): Uses a tweaked public key committed to in the address, but the specific construction makes it quantum-equivalent to P2WPKH for our purposes — the internal key is not directly exposed until a script-path spend.
• P2PK (Pay to Public Key — early Bitcoin): The public key is the address. No hash protection. The public key is always visible on the blockchain. Permanently vulnerable.

When the Public Key Gets Exposed

For P2PKH, P2SH, P2WPKH, and P2TR addresses, the public key remains hidden until the address is used to send a transaction. When you spend from an address, your transaction includes the public key (needed to verify the signature). At that point, the public key is permanently recorded on the blockchain and becomes available to any attacker — including a future quantum computer.

This creates two categories of Bitcoin:

The Trust-Specific Exposure Problem

Trust-held Bitcoin often has higher public key exposure than individually held Bitcoin, for structural reasons:

• Trust accounting transactions. Trustees may periodically move Bitcoin between addresses for accounting purposes, rebalancing, or fee management — each transaction exposing the sending address's public key.
• Distributions. When a trust makes a distribution to a beneficiary, it sends Bitcoin from a trust address — exposing that address's public key. Trusts that make regular distributions have more exposed addresses than those that accumulate.
• Custodian address reuse. Some institutional custodians reuse addresses for operational convenience. If the custodian has sent from the trust's address even once, the public key is exposed for all remaining funds at that address.
• Legacy migrations. Trusts that were established with early Bitcoin holdings may have gone through multiple custodian transitions, each involving transactions that exposed public keys.

The immediate action for every trustee holding Bitcoin: audit every address holding trust-owned BTC, determine which addresses have exposed public keys, and move all Bitcoin from exposed addresses to fresh, never-spent-from addresses. This is a pure risk reduction measure that costs nothing except transaction fees and can be completed in a single day.

Trust Document Quantum Adaptation Clauses

Trust documents drafted before 2026 almost certainly do not include provisions for cryptographic migration. Even trusts drafted with "digital asset" language typically define custody in terms of current technology — specifying key management procedures, cold storage requirements, and custodian selection criteria that assume the current ECDSA cryptographic standard will persist indefinitely.

Google's research makes clear that this assumption is no longer safe. Trust documents must be updated — or, for new trusts, drafted — with explicit quantum adaptation authority.

1. Quantum Migration Authority Clause

The most important addition to any Bitcoin trust document is a clause granting the trustee explicit authority to migrate the trust's Bitcoin holdings to quantum-resistant address types when such address types become available on the Bitcoin network.

The clause should specify:

• The trustee has the power to migrate Bitcoin from any address type to any successor address type that is activated on the Bitcoin network through a consensus soft fork or hard fork.
• This power includes the authority to change cryptographic signature schemes — from ECDSA to post-quantum alternatives — without requiring beneficiary consent, co-trustee approval (unless specifically required by other trust provisions), or court authorization.
• The trustee is directed to treat quantum migration as a fiduciary obligation — not merely a discretionary power — when credible evidence suggests that quantum computing poses a material threat to the security of Bitcoin's current cryptographic scheme.
• Migration costs (transaction fees, custodian charges, technical consulting) are payable from trust principal as a necessary expense of trust administration.

2. Custodian Quantum Readiness Requirement

The trust document should require that any custodian selected by the trustee must demonstrate quantum readiness as part of the custodian evaluation process. Specifically:

• The custodian must have a documented plan for supporting quantum-resistant Bitcoin address types when they are activated on the network.
• The custodian must be capable of executing a migration from current address types to quantum-resistant address types within a reasonable timeframe (e.g., 90 days of network activation).
• The custodian must not hold trust Bitcoin in addresses where the public key has been exposed unless operationally unavoidable, and must implement UTXO management practices that minimize public key exposure.

3. Trustee Technical Authority Clause

Beyond quantum migration specifically, the trust document should grant broad technical authority to adapt to protocol evolution. Bitcoin has changed significantly since its inception — SegWit, Taproot, and future upgrades will continue to introduce new capabilities. The trustee should have authority to:

• Change address types (e.g., from P2WPKH to P2TR to P2QRH) based on security and operational considerations.
• Adopt new key management schemes — including transitioning from single-sig to multisig, from multisig to threshold signatures, or from current schemes to post-quantum schemes.
• Modify custody architecture in response to protocol changes, including changes to fee structures, block size parameters, or privacy features.
• Engage technical consultants — at trust expense — to evaluate protocol changes and recommend custody adaptations.

4. Technology Evolution Acknowledgment

Include a recital or preamble paragraph acknowledging that Bitcoin is a living protocol that will evolve over the trust's lifetime, and that the grantor's intent is for the trust to hold Bitcoin through these evolutions — not to be limited to the specific technical parameters that existed at the time of trust creation. This language provides interpretive guidance to future courts and trustees who may question whether a technical migration was authorized by the grantor's intent.

5. UTXO Management Standard

The trust document should include — either in the body or in a referenced trust administration memorandum — a UTXO management standard that requires the trustee to:

• Never reuse addresses for receiving Bitcoin.
• Consolidate UTXOs in a manner that minimizes public key exposure.
• Move Bitcoin from exposed addresses to fresh addresses on a regular schedule or whenever exposure is detected.
• Maintain a record of all addresses used by the trust, their exposure status, and any migrations performed.

UTXO Hygiene Playbook for Trust-Held Bitcoin

UTXO hygiene is the single most impactful technical action a trustee can take today — before BIP-360, before custodian evaluation, before any trust document amendment. It costs only transaction fees and can be completed immediately.

What Is UTXO Hygiene?

Every Bitcoin balance is composed of Unspent Transaction Outputs (UTXOs) — discrete "chunks" of Bitcoin sitting at specific addresses. Each UTXO is controlled by a private key, and its corresponding public key may or may not have been revealed on the blockchain depending on whether the address has been used to send a transaction.

UTXO hygiene means managing these outputs to minimize security exposure. For quantum readiness, the specific practices are:

Rule 1: Never Reuse Addresses

Every time the trust receives Bitcoin, it should receive to a fresh address — one that has never appeared on the blockchain before. Most modern wallet software generates new addresses automatically. The trustee should verify that the custodian's address generation follows this practice and should never manually specify a previously-used address for receiving.

Rule 2: Move Bitcoin from Exposed Addresses Immediately

Any UTXO sitting at an address that has been used to send a transaction has an exposed public key. The trustee should identify all such UTXOs and move them to fresh, never-used addresses. This is a one-time cleanup operation that eliminates the most immediate quantum exposure.

Rule 3: Use P2TR (Taproot) Addresses for All New Receiving

Taproot addresses (P2TR, starting with bc1p) offer the best combination of privacy and security features available on Bitcoin today. While they are not quantum-resistant, they offer equivalent hash protection to other modern address types and will likely be the starting point for migration to quantum-resistant addresses when BIP-360 is activated.

Rule 4: Minimize Transaction Count

Every transaction from a trust address exposes a public key. The trustee should minimize the number of transactions sent from trust addresses — consolidating distributions, batching fee payments, and avoiding unnecessary moves. Each transaction that can be avoided is one less public key exposed.

Rule 5: Document the UTXO Map

The trustee should maintain a comprehensive UTXO map documenting:

• Every address holding trust Bitcoin
• The amount at each address
• Whether the address's public key has been exposed
• The date of the last transaction from that address
• The address type (P2PKH, P2SH, P2WPKH, P2TR)

This map serves three purposes: it enables the trustee to prioritize migration when quantum-resistant addresses become available, it provides documentation for trust accounting, and it gives successor trustees the information they need to manage quantum risk going forward.

Practical Implementation

For a trust holding $5M in Bitcoin (~73 BTC at current prices), UTXO hygiene might involve:

1. Export the trust's complete UTXO set from the custodian or wallet.
2. Flag all UTXOs at addresses with exposed public keys.
3. Generate fresh P2TR addresses for each flagged UTXO.
4. Construct transactions moving each flagged UTXO to its corresponding fresh address.
5. Execute the transactions during a low-fee period (weekends, typically 1–5 sat/vB).
6. Verify that all UTXOs now sit at addresses with unexposed public keys.
7. Update the UTXO map and file it in the trust administration records.

Total cost for this operation: typically $50–$500 in transaction fees depending on the number of UTXOs and current fee rates. The quantum risk reduction is disproportionate to the cost.

Custodian Evaluation: Quantum Readiness Across Providers

The custodian holding your trust's Bitcoin is the entity that will execute — or fail to execute — the quantum migration when the time comes. Custodian selection has always been a critical decision in Bitcoin estate planning. Google's research adds a new dimension to the evaluation: quantum readiness.

What Quantum Readiness Means for a Custodian

A quantum-ready custodian must demonstrate four capabilities:

1. Address type support. The custodian must be prepared to support new address types when they are activated on the Bitcoin network. This requires active participation in the Bitcoin development community and engineering resources dedicated to protocol upgrades.
2. Migration execution capability. The custodian must be able to move client Bitcoin from current address types to quantum-resistant address types within a reasonable timeframe after activation. For large institutional clients, this involves thousands of UTXOs, complex transaction batching, and coordination with the client's trust administration.
3. UTXO management practices. The custodian should already be implementing UTXO hygiene practices — fresh addresses for receiving, minimizing public key exposure, and maintaining address exposure records.
4. Research investment. The custodian should be actively investing in post-quantum cryptography research, participating in BIP-360 development or review, and maintaining internal expertise on quantum computing developments.

The Wyoming PFTC Advantage in Quantum Preparedness

For quantum preparedness specifically, the Wyoming PFTC offers a structural advantage that institutional custodians cannot match: the family controls the keys. This means the family can migrate to quantum-resistant addresses the day BIP-360 is activated — without waiting for a custodian's engineering team to implement support, without negotiating migration timelines, without being subject to a custodian's internal change management process.

The trade-off is expertise. A PFTC requires the family to either develop in-house technical capability or engage qualified technical consultants for the migration. The migration itself is not technically complex — it is a standard Bitcoin transaction — but executing it correctly for a multi-million-dollar trust holding requires precision and verification.

For families with the resources and technical sophistication to manage a PFTC, the quantum readiness argument tilts further toward self-custody. For families that prefer institutional custody, Coinbase National Trust — with its federal charter, engineering resources, and active participation in Bitcoin protocol development — is the most defensible choice.

Timeline Reality: How Fast Is the Gap Closing?

The intellectual honesty required here is to acknowledge both sides of the timeline debate — and then plan for the faster scenario, because trust structures cannot be modified quickly when the slower scenario turns out to be wrong.

Where We Are Today (April 2026)

• Most advanced quantum processors: ~1,000–1,200 physical qubits (IBM Condor: 1,121; Google Willow: 105 with breakthrough error correction)
• Required for ECDSA break (Google's new estimate): 1,200 logical qubits → ~4,000–1,200,000 physical qubits depending on error correction efficiency
• Gap: Between 3× and 1,000× current hardware, depending on error correction improvements

Published Hardware Roadmaps

The Error Correction Wildcard

The variable that could compress the timeline most dramatically is error correction efficiency. Google's Willow chip demonstrated exponential improvement in error correction — meaning each additional layer of error correction qubits produced exponentially better logical qubit quality, rather than the linear improvement expected. If this scaling holds, the physical-to-logical qubit ratio could drop from 1,000:1 to 10:1 or even 3:1 within the next decade.

At a 10:1 ratio, 1,200 logical qubits requires 12,000 physical qubits — a number that IBM's roadmap targets by approximately 2029. At a 3:1 ratio, 1,200 logical qubits requires 3,600 physical qubits — achievable as early as 2028 on IBM's roadmap.

These are optimistic projections. The conservative scenario — maintaining today's ~1,000:1 physical-to-logical ratio — pushes the threat out to the late 2030s or 2040s. But estate planning does not optimize for the median case. It optimizes for the tail risk.

The Planning Principle

For estate planning purposes, the correct approach is to assume that cryptographically relevant quantum computers will exist by the early-to-mid 2030s and to ensure that the trust structure can respond. If quantum computers arrive later — the 2040s or beyond — the preparation costs nothing (a trust amendment, UTXO hygiene, and custodian evaluation are valuable regardless of quantum timeline). If they arrive sooner — the late 2020s, which is unlikely but not impossible — the prepared family is protected and the unprepared family is exposed.

This is asymmetric risk management: the cost of preparation is minimal, the cost of being unprepared is potentially catastrophic, and the probability of need is rising faster than expected.

7-Step Quantum Preparedness Checklist for Bitcoin-Wealthy Families

This is the action plan. Every family holding $1M+ in Bitcoin inside a trust structure should complete these seven steps within the next 90 days.

Step 1: Audit Your Public Key Exposure

Action: Request a complete UTXO report from your custodian or export it from your wallet. Identify every address holding trust Bitcoin. Determine which addresses have had their public keys exposed (any address that has ever been used to send a transaction).

Output: A classified list of all trust UTXOs: "hash-protected" (safe for now) or "public-key-exposed" (migrate immediately).

Timeline: 1–2 days.

Step 2: Migrate Exposed UTXOs to Fresh Addresses

Action: Move all Bitcoin from public-key-exposed addresses to fresh, never-used P2TR (Taproot) addresses. Execute during low-fee periods to minimize cost.

Output: Zero trust Bitcoin sitting at addresses with exposed public keys.

Timeline: 1 day (can be batched with Step 1).

Step 3: Amend Your Trust Document

Action: Work with your estate planning attorney to add quantum adaptation clauses: migration authority, custodian QR readiness requirement, trustee technical authority, technology evolution acknowledgment, and UTXO management standard (see Section 5 above).

Output: Trust amendment or nonjudicial settlement agreement executed and filed.

Timeline: 30–60 days (depends on attorney availability and co-trustee/beneficiary consent requirements).

Step 4: Evaluate Your Custodian's Quantum Readiness

Action: Ask your custodian five specific questions: (1) Are you monitoring BIP-360 development? (2) What is your expected timeline for supporting quantum-resistant address types after network activation? (3) Do you implement UTXO hygiene practices (fresh addresses, no address reuse)? (4) Have you allocated engineering resources to post-quantum cryptography? (5) Can you provide a written quantum preparedness statement for our trust records?

Output: Written custodian response, filed in trust administration records.

Timeline: 2–4 weeks (response time from custodian).

Step 5: Establish a Quantum Monitoring Protocol

Action: Designate a trustee or advisor responsible for monitoring quantum computing developments relevant to Bitcoin. Set quarterly review dates. Sources to monitor: Google Quantum AI publications, IBM Quantum roadmap updates, NIST post-quantum cryptography standards, Bitcoin Core development mailing list, and BIP-360 progress.

Output: Monitoring protocol documented in trust administration procedures. Quarterly review calendar established.

Timeline: 1 day to establish; ongoing quarterly commitment.

Step 6: Prepare a Migration Execution Plan

Action: Draft a migration execution plan for when BIP-360 or a successor quantum-resistant address type is activated. The plan should specify: who authorizes the migration, who executes it (trustee, custodian, or both), what the migration sequence is (which UTXOs first, in what order), how migration is verified, and how the trust's records are updated post-migration.

Output: Written migration execution plan, reviewed by both estate counsel and technical advisor.

Timeline: 30 days (can be done concurrently with Step 3).

Step 7: Review Estate Tax Implications of Migration

Action: Confirm with your tax advisor that moving Bitcoin from one address type to another (same owner, same trust) does not trigger a taxable event. Under current IRS guidance, moving Bitcoin between addresses controlled by the same taxpayer is not a disposition — but the trust's specific circumstances (irrevocable trust vs. grantor trust, distribution trust vs. accumulation trust) may create nuances. The 2026 estate tax exemption of $15M per individual ($30M per couple) provides substantial planning room, but the exemption's future is subject to legislative action.

Output: Tax advisor confirmation letter, filed in trust administration records.

Timeline: 2–3 weeks.

Why Families Who Act Now Have Structural Advantage

The quantum threat to Bitcoin is not a present-tense emergency. No one is cracking Bitcoin keys today. The Fear & Greed Index is at extreme lows partly because headlines like "Google can crack Bitcoin" get reduced to soundbites that terrify retail holders who do not understand the nuance. The nuance is: the threat is real, the timeline is compressing, and the preparation is both straightforward and cheap — but only if you start now.

The First-Mover Window

Trust document amendments are easiest when the threat is theoretical. A trust amendment adding quantum migration authority today is a routine administrative action — it costs $5,000–$15,000 in legal fees and can be completed in 30–60 days. The same amendment five years from now — when quantum computers are demonstrably closer to cryptographic relevance — will be complicated by beneficiary disputes ("are you saying our Bitcoin isn't safe?"), co-trustee disagreements, and potentially judicial involvement.

The window for painless preparation is open now. It will not stay open indefinitely.

Custodian Leverage

Families that demand quantum readiness from their custodians today — while the demand is unusual and forward-looking — will be prioritized when quantum readiness becomes the industry standard. Coinbase, Fidelity, and BitGo will build quantum migration tools. The families that are already asking the right questions, already conducting due diligence, and already documenting custodian commitments will be first in line for those tools. The families that wait until quantum migration is urgent will be competing for custodian attention alongside every other late-arriving institution.

UTXO Hygiene Compounding

Every day that trust Bitcoin sits in an exposed-public-key address is a day of unnecessary risk accumulation. Moving to fresh addresses today eliminates that risk permanently. The cost is trivial. The risk reduction compounds over the trust's lifetime, because future transactions from clean addresses can be managed with proper hygiene from the start.

Generational Signal

For dynasty trusts that will span multiple generations, quantum preparedness sends a signal to successor trustees and beneficiaries: this family takes stewardship seriously. The trust document that includes quantum adaptation clauses demonstrates that the grantor anticipated technological evolution and built flexibility into the structure. Successor trustees in 2040 or 2060 will inherit a trust that was designed to adapt — rather than a trust that was designed for 2026 and became obsolete by 2035.

Frequently Asked Questions

Can quantum computers crack Bitcoin private keys today?

No. The most advanced quantum computers have approximately 1,000–1,200 physical qubits — far short of the 1,200 logical qubits (which require thousands to millions of physical qubits with current error correction) needed to execute Shor's algorithm against ECDSA. Google's research demonstrates that the theoretical threshold is much lower than previously estimated, but the engineering gap between physical and logical qubits remains significant. Most credible estimates place cryptographically relevant quantum computers 8–15 years away.

Why are dynasty trusts more vulnerable than regular Bitcoin holdings?

Dynasty trusts hold Bitcoin across multiple generations — often 100+ years. They must survive through the entire quantum computing era. Additionally, irrevocable trust structures have governance rigidity that can prevent trustees from responding to cryptographic threats unless the trust document explicitly authorizes the response. A trader can move their Bitcoin to a quantum-resistant address the moment BIP-360 activates. A trustee may need court approval unless the trust document grants the authority in advance.

What is BIP-360?

BIP-360 (Pay to Quantum Resistant Hash) is a Bitcoin Improvement Proposal that introduces quantum-resistant address types using post-quantum cryptographic signatures — specifically CRYSTALS-Dilithium, SPHINCS+, or FALCON. It would allow Bitcoin holders to migrate their funds from ECDSA-secured addresses to quantum-resistant addresses via standard Bitcoin transactions. It is currently in development and has not been activated on the network. See our full BIP-360 analysis.

Which Bitcoin addresses are most vulnerable to quantum attack?

Addresses where the public key has been revealed on the blockchain — primarily any address that has been used to send a transaction. Pay-to-Public-Key (P2PK) addresses from Bitcoin's early years are permanently exposed. Addresses that have only received and never sent are protected by a hash layer that quantum computers cannot efficiently break. See the comparison table in Section 4 above.

Does moving Bitcoin between addresses trigger a taxable event?

Under current IRS guidance, moving Bitcoin between addresses controlled by the same taxpayer (or the same trust) is not a disposition and does not trigger a taxable event. However, the specific circumstances of your trust — grantor vs. non-grantor, accumulation vs. distribution — may create nuances. Confirm with your tax advisor before executing any migration.

Should I sell my Bitcoin because of quantum computing?

No. Bitcoin's protocol is designed to evolve. The Bitcoin developer community has been working on quantum resistance for years, and BIP-360 is already in active development. The quantum threat is real but manageable — if your custody and estate planning structures are prepared for the transition. Selling Bitcoin because of a future threat that has a known solution in development would be like selling real estate because of a hurricane forecast with a decade lead time. You don't sell the house. You reinforce it.

What if BIP-360 does not get activated before quantum computers can crack ECDSA?

This is the scenario that Bitcoin's developer community is racing to prevent. In the unlikely event that quantum computers achieve ECDSA-breaking capability before quantum-resistant addresses are available, Bitcoin in hash-protected addresses (those where the public key has not been exposed) would remain safe — because an attacker would need to break the hash function as well, which quantum computers cannot do efficiently. This is why UTXO hygiene — keeping Bitcoin in addresses with unexposed public keys — is so critical. It is the fallback defense even if BIP-360 is delayed.

How does Google's research compare to previous quantum threat estimates?

The shift is dramatic. Prior to Google's paper, the widely cited estimate was ~13 million logical qubits operating for 8 hours. Google's optimized approach reduces this to ~1,200 logical qubits operating for ~9 minutes — a 10,000× reduction in qubit requirements and a 50× reduction in computation time. The improvement comes from algorithmic optimization (novel circuit decomposition for Shor's algorithm), not from hardware advances. This means the threat timeline has compressed regardless of the pace of hardware development.

What is the current estate tax exemption, and does quantum risk affect estate planning strategy?

As of 2026, the federal estate tax exemption is approximately $15 million per individual ($30 million per couple). Future legislative action could adjust this figure — the exemption level is subject to ongoing political negotiation and should not be relied upon as permanent. Quantum risk does not change the tax strategy fundamentals of estate planning, but it adds a technical dimension: the trust structure must be flexible enough to accommodate cryptographic migration without triggering taxable events or requiring judicial intervention.

The Bottom Line

Google's research does not mean your Bitcoin is at risk today. It means the timeline for quantum-capable computers breaking ECDSA has compressed from "someday, maybe" to "plausibly within a decade." For traders, a decade is a long time. For dynasty trusts holding Bitcoin for 100+ years, a decade is the next quarterly review.

The families that will come through the quantum transition with their wealth intact are the ones who are preparing now — amending trust documents, auditing UTXO exposure, evaluating custodian quantum readiness, and building the governance flexibility that allows their trustees to act when the moment comes.

The preparation costs almost nothing: a trust amendment ($5,000–$15,000), UTXO migration (a few hundred dollars in fees), and a quarterly monitoring commitment (an hour per quarter). The potential cost of inaction — for a dynasty trust holding $10M, $50M, or $100M in Bitcoin — is total loss of the trust's primary asset.

Bitcoin will survive quantum computing. The protocol will evolve. BIP-360 or its successor will be activated. The question is whether your trust is structured to evolve with it — or whether your successor trustee will be petitioning a court for emergency modification authority while the cryptographic clock runs out.

The answer to that question is in your hands today. Not tomorrow. Not when quantum computers actually arrive. Today.