Cloudflare: Before 2029, migrate to post-quantum encryption in both directions; Bitcoin vulnerability risk increases

Cloudflare, one of the world’s largest CDNs and among the leading internet edge networks, announced that it will complete a comprehensive migration to post-quantum cryptography by 2029. Currently, two-thirds of human internet traffic has adopted post-quantum cryptography, with the goal of reaching 100% within three years. Chaincode Labs estimates that it could take up to seven years for Bitcoin to complete a full post-quantum migration. Meanwhile, institutions believe that a quantum computer with cryptographically meaningful capabilities may emerge within three years.

Cloudflare’s 2029 deadline: a fundamental shift in the industry’s collective judgment

Cloudflare’s decision to accelerate the quantum migration stems from its reassessment of the timeline for hardware breakthroughs. The company believes that the pace of progress in quantum technology may pose a substantial threat within three years to the elliptic curve cryptography (ECC) and RSA encryption that are widely used today. Therefore, it has set an early migration cutoff date of 2029.

Google has already deployed post-quantum security protections in the Chrome browser, Android 17, and the Google Cloud platform, and has required internal engineering teams to follow suit. The synchronized actions by Cloudflare and Google signal the industry’s collective reassessment of the quantum threat timeline—shifting from “sometime in the future” to “before 2029.”

Accelerating the quantum breakthrough: three key research advances within three months

Cloudflare and Google’s 2029 deadline is not overly cautious; it directly responds to recent breakthrough progress in a series of quantum studies.

Key quantum research breakthroughs in Q1 2026

March 30, Google Quantum AI white paper: Theoretically, fewer than 1,200 logical qubits are sufficient to solve the 256-bit elliptic curve discrete logarithm problem on which Bitcoin relies. When computed with superconducting hardware, the required number of physical qubits is fewer than 500,000—about 20 times lower than the roughly 9 million estimate in 2023

March 30, Oratomic research: Oratomic, a quantum startup founded by faculty from the California Institute of Technology and Harvard University, proposed that Shor’s algorithm requires only 10,000 reconfigurable neutral atom qubits to run at cryptographically relevant scales—an important breakthrough improvement for cracking 256-bit elliptic curve encryption

April 5, IQM quantum computer and Fraunhofer FOKUS Institute: For the first time, Shor’s algorithm was compiled gate-by-gate to an RSA-2048 scale, producing a gate-assembly program with an accurate qubit budget, moving from theoretical modeling to practical engineering implementation

Bitcoin’s quantum vulnerability: a potential risk of $68 billion

The quantum threat facing Bitcoin can be quantified. Currently, the public keys of roughly 1.7 million Bitcoins have been permanently exposed on-chain, including old wallet addresses of early holders such as Satoshi Nakamoto. Chaincode Labs estimates that, in the presence of quantum computers with cryptographically meaningful capabilities, 20% to 50% of Bitcoin’s total supply faces a greater security risk. Based on today’s market value, the amount at stake could reach $68 billion.

Ethereum researcher Justin Drake—also one of the co-authors of the Google quantum white paper—estimates that by 2032, there is at least a 10% chance that quantum computers could brute-force Bitcoin private keys from the exposed public keys.

The severity of the time race is evident from historical precedents: the Taproot upgrade took four years from proposal to activation; SegWit took two years. Chaincode Labs estimates that a complete post-quantum migration could take seven years, while the quantum threat timelines given by Cloudflare, Google, and IBM leave only three years.

Frequently asked questions

Why does Cloudflare need to complete the post-quantum cryptography migration before 2029?

Cloudflare’s assessment is that breakthroughs in areas such as error correction and factorization for quantum hardware are accelerating. Existing elliptic curve and RSA encryption technologies may face substantial threats within three years. Given the complexity of migration engineering, it set a 2029 cutoff in advance to ensure a comprehensive upgrade of the infrastructure is completed before the quantum threat becomes a reality.

What specific quantum attack risks does Bitcoin face today?

Bitcoin’s core vulnerability lies in its use of the 256-bit elliptic curve digital signature algorithm (ECDSA). The public keys of roughly 1.7 million Bitcoins have already been permanently exposed on-chain. Once a cryptographically meaningful quantum computer exists, the private keys for these addresses could theoretically be computed in reverse. Chaincode Labs estimates that the affected Bitcoins could reach 20% to 50% of the total supply, worth up to $68 billion.

Why is a post-quantum upgrade for Bitcoin difficult to complete in the short term?

A Bitcoin software upgrade requires widespread consensus among global miners, developers, and node operators. Historically, Taproot took four years and SegWit took two years. Chaincode Labs estimates that a complete post-quantum migration could take seven years, while the quantum threat timelines set by Cloudflare, Google, and IBM leave only three years. This creates a harsh time race, making one of Bitcoin’s most significant current long-term technical challenges.