2026年4月3日，Gidney及其合作者发布了同日的白皮书，提出一种针对ECC破解的新量子程序，宣称比此前方法至少高效10倍；他们估计大多数加密货币可在少于500,000个逻辑量子比特的机器上于数分钟内被破解，Jeff Thompson称这是实际时空成本“巨大显著”的降低。Google的高效Shor算法实现与Caltech方案共同意味着更小的量子机器可能完成比许多人预期更多的任务，但竞争对手现在得不到某些实现细节。Google是第一家用零知识证明描述其部分工作的方法，能证明程序正确性而不公开完整方法。

同月，Robert Huang借助大型语言模型设计了足够高效的qLDPC码，使一个逻辑量子比特仅需4个原子。物理学界仍在争论可行性：哈佛的Lukin表示估算总体上是合理的，但细节，尤其是纠错步骤，对外部研究者来说仍过于模糊，难以完全验证。Saffman指出关键缺口在于演示，要求更小规模实验——100到1,000个量子比特并完成约1,000,000轮纠错——因为尚无研究组能够在一次完整纠错持续每1毫秒并连续运行数天到数周。Caltech承认这是挑战，但认为主要障碍已从理论转向工程实施。

NIST于2024年发布了可用于部署的后量子密码标准，美国政府也给出到2035年完成全面切换的目标；Google提出到2029年替换RSA和ECC。按这一速度，Thompson认为后量子迁移不应再等待。若任何平台在规模上实现Shor算法，即将结束“噪声中间尺度量子（NISQ）”时代，进入容错（fault-tolerant）阶段。Huang建议先运行Shor算法以验证设备，再将其用于机器学习。大多数建设者——从Oratomic与同行到大学团队——仍把重点放在基础物理问题上，例如高温超导体与时空量子模型研究，而非密码学，尽管迁移压力在上升。

On April 3, 2026, Gidney and collaborators posted a white paper with a new quantum procedure for breaking ECC that is claimed to be at least 10 times more efficient than prior methods. They estimated that most cryptocurrencies could be broken in minutes on a machine with fewer than 500,000 logical qubits, and Jeff Thompson called this “a hugely significant” reduction in real space-time cost. Google’s efficient implementation of Shor’s algorithm and Caltech’s protocol together imply smaller quantum machines may do far more than expected, while competitors are now being denied some implementation details. Google was the first to describe part of its work using a zero-knowledge proof, which proves correctness without exposing the full method.

The same month, Robert Huang used a large language model to design a qLDPC code efficient enough that one logical qubit could be built from only four atoms. Physicists still debate feasibility: Lukin of Harvard said the estimates were broadly plausible, yet crucial details, especially error-correction steps, remain too fuzzy for outsiders to fully verify. Saffman cited the main gap as demonstration, requesting a smaller-scale run of 100 to 1,000 qubits with around 1,000,000 correction rounds, since no group has sustained full correction every 1 millisecond for days or even weeks. Caltech acknowledges the challenge but says the barrier is now largely engineering rather than theory.

NIST published deployment-ready post-quantum cryptographic standards in 2024, and the U.S. government set a full migration target for 2035; Google proposes replacing RSA and ECC by 2029. At this pace, Thompson said post-quantum migration should not wait. If any platform realizes Shor’s algorithm at scale, it would end the “Noisy Intermediate-Scale Quantum” (NISQ) era and move into a fault-tolerant regime. Huang suggests first running Shor as validation, then using the machine for machine learning. Most builders—from Oratomic and peers to university groups—still prioritize foundational physics questions such as high-temperature superconductors and quantum models of spacetime, not cryptography, even as migration pressure rises.