The crypto industry has spent months debating how fast a quantum computer could crack a Bitcoin wallet. Andrew Gault, CEO of networking firm ZeroTier and founding partner of London- and San Francisco-based deep-tech fund 7percent Ventures — whose portfolio includes British quantum-computing startup Universal Quantum — told CoinDesk on May 30, 2026 at 5:27 a.m. ET that the industry is solving the wrong problem.

"The financial system's most dangerous vulnerability isn't stored data, it's the data moving between institutions right now," Gault said.

Harvest now, decrypt later

The attack scenario Gault describes does not require a working quantum computer today. It requires only storage — and patience.

Sophisticated adversaries are already collecting encrypted wire traffic: exchange API authentication packets, cross-chain bridge proofs, signed transactions broadcast and archived in public mempools, and the back-channel signing data between cold storage and trading desks. None of it needs to be decrypted today. It only needs to be warehoused until a sufficiently powerful quantum machine arrives.

"Every interbank message, every payment authentication record, and every digital signature traveling across a network today is being collected by sophisticated adversaries who don't need to read it yet," Gault told CoinDesk. "They're patient, they have storage, and they're building a library of today's encrypted traffic to decrypt the moment quantum capability crosses the threshold."

This strategy — known in cryptography circles as "harvest now, decrypt later" — has been circulating in security research for years. What changed in 2026 is that both the corporate and financial-system threat models are starting to price it in.

In March 2026, Google vice president of security engineering Heather Adkins and senior cryptography engineer Sophie Schmieg published a post setting 2029 as the company's internal deadline for completing a post-quantum cryptography migration. The post explicitly named authentication services and digital signatures — the same wire-level signing infrastructure Gault flagged — as the reprioritized focus. "The threat to encryption is relevant today with store-now-decrypt-later attacks," the post stated.

That is not a future-tense threat. That is present tense.

The wallet-key risk is real — but secondary

The March 2026 Google Quantum AI paper that rattled Bitcoin markets showed a sufficiently powerful quantum computer could derive a Bitcoin private key from an exposed public key in approximately nine minutes. The current count of BTC sitting in addresses with exposed public keys sits at roughly 6.9 million.

That paper set off a debate over whether Bitcoin's timeline was years or decades. CoinShares argued in a February 2026 report that the wallet-key fear is overstated, estimating only about 10,200 BTC are concentrated enough in vulnerable addresses to move markets if stolen.

Gault does not dispute the wallet-key risk. He calls it the secondary one.

"The particularly uncomfortable reality for financial institutions is that the authentication records being harvested aren't just sensitive," he said. "It's the proof layer that determines who owns what, who authorized which transaction, and who bears legal liability."

The harvest-now scenario attacks that proof layer without ever needing to touch a cold wallet. The private key that signs a transaction matters. But so does the signed API call that authenticated the operator, the bridge proof that moved funds cross-chain, and the record that establishes legal ownership and fiduciary responsibility. All of it is in transit. All of it is being stored.

The systemic cost is already modeled

Citi quantified the bank-system version of this exposure in February 2026. A quantum-enabled attack on a single top-five U.S. bank's access to the Fedwire Funds Service payment system could trigger a cascade between $2 trillion and $3.3 trillion across the U.S. economy — equivalent to a 10% to 17% decline in real GDP. The modeling assumed the same wire-level attack surface Gault describes.

The Global Risk Institute, cited in the same Citi analysis, put the probability of a cryptographically relevant quantum computer arriving by 2034 at between 19% and 34%. That is not a long-shot tail risk. At 19%, it sits roughly where climate-adjusted flood probability sits in a FEMA 100-year zone — uncomfortable enough to require mitigation planning, not dismissal.

For context: the harvest-now archive being built today would still be live and useful the moment that threshold is crossed in eight years.

The migration gap

Ethereum has a coordinated post-quantum migration underway. Bitcoin does not.

Major crypto exchanges and custodians — the institutions where most signing traffic actually lives — have not publicly committed to a post-quantum migration plan either.

The distinction matters structurally. Ethereum's roadmap provides a coordination point: developers, validators, and application layers can sequence against it. Bitcoin's decentralized governance makes that kind of coordinated migration significantly harder to execute, even when the technical path exists.

Google's 2029 target represents roughly three years of runway for the world's most resource-rich tech infrastructure team. A blockchain protocol with no governance mechanism for mandatory cryptography upgrades has no equivalent clock running.

Gault's implicit argument — backed now by Google's security engineering leadership and Citi's GDP-impact modeling — is that the industry is treating the quantum problem as a future event to be addressed when the hardware arrives. The harvest-now strategy means adversaries have already started. The window to act is not the moment a quantum computer breaks a wallet. It is now, while the wire traffic being archived today still cannot be read.

Bitcoin has no plan for that window.