It seems file write permissions aren't being granted. Here are the show notes for episode 0038 — you can save them to data/episodes/0038/show_notes.md:

---

Episode 0038: The Numbers Changed

Why it matters. Two papers published days apart have reduced the estimated physical qubit count needed to break widely deployed public-key cryptography by roughly two orders of magnitude — from around one million to as few as ten thousand. Together, they compress the timeline for quantum threats to cryptography from "decades away" to "measurable in engineering milestones." The Google paper also introduces the first use of zero-knowledge proofs as a responsible disclosure mechanism for novel cryptanalytic results, proving the existence of optimized attack circuits without publishing them.

---

Paper 1: Shor's Algorithm on 10,000 Neutral-Atom Qubits

Caltech and Oratomic. The paper, "Shor's algorithm is possible with as few as 10,000 reconfigurable atomic qubits," comes from Caltech and Oratomic, a startup spun out of Caltech's quantum computing group. It demonstrates that RSA-2048 can be factored with 11,000–14,000 physical qubits and P-256 elliptic curve cryptography can be broken with 10,000–26,000 physical qubits on a neutral-atom architecture, down from prior estimates of roughly one million and half a million respectively. Published March 30, 2026.

The Researchers. Madelyn Cain and Qian Xu are the lead authors, affiliated with Oratomic. John Preskill — who coined the term "quantum supremacy" and has been one of the field's most careful voices for decades — is a co-author. Preskill is the Richard P. Feynman Professor of Theoretical Physics at Caltech and director of the Institute for Quantum Information and Matter.

Key Technical Concepts. The two-order-of-magnitude reduction comes from three advances working together. First, quantum low-density parity-check codes (qLDPC codes) replace the surface code, achieving ~30% encoding rates (~3 physical qubits per logical qubit) versus the surface code's ~1% (~100 physical qubits per logical qubit). This requires nonlocal qubit connectivity, which neutral-atom quantum computers — using atoms held in optical tweezers and rearranged by laser fields — uniquely provide. Second, improved logical instruction sets via Pauli Product Measurements enable more efficient gate operations. Third, deep circuit-level optimization compiles Shor's algorithm more efficiently for this architecture. The prior definitive resource estimates were set by Gidney and Ekerå (2021), who estimated 20 million noisy qubits to factor RSA-2048 in 8 hours using surface codes.

---

Paper 2: Google's Elliptic Curve Cryptography Assessment

Google Quantum AI. The paper, "Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities: Resource Estimates and Mitigations," comes from Google Quantum AI. It shows that the secp256k1 elliptic curve discrete logarithm problem — protecting Bitcoin, Ethereum, and most cryptocurrencies — can be solved with fewer than 1,200 logical qubits and 90 million Toffoli gates, translating to under 500,000 physical superconducting qubits running in minutes. Published April 1, 2026. The paper's optimized circuits were disclosed via a SNARK zero-knowledge proof on the SP1 proof system rather than published directly — the first time a novel mathematical result has been announced primarily through a ZK proof.

The Researchers. Ryan Babbush and Adam Zalcman are lead authors at Google Quantum AI. Craig Gidney is a co-lead author who, with Martin Ekerå, produced the prior definitive resource estimates for breaking RSA with quantum computers. Scott Aaronson, on his blog Shtetl-Optimized, compared Google's ZK disclosure decision to Frisch and Peierls in 1940 — calculating how much uranium-235 was needed for a chain reaction, but not publishing it.

Key Technical Concepts. The paper introduces a critical distinction between fast-clock (superconducting, nanosecond gate times) and slow-clock (neutral-atom/ion-trap, millisecond gate times) quantum architectures. This matters for what the paper calls "on-spend attacks" — intercepting a Bitcoin transaction during the ~10-minute window between broadcast and block confirmation by deriving the private key from the exposed public key. Minutes-scale computation on fast-clock hardware makes this viable; days-scale on slow-clock hardware does not. The paper also analyzes "at-rest attacks" on funds with previously exposed public keys (~39% of all Bitcoin), Ethereum vulnerability categories (accounts, admin keys, contract code, consensus, data availability), and notes that proof-of-work mining is quantum-resistant because Grover's algorithm provides only a quadratic speedup — insufficient against mining difficulty adjustment. The paper recommends immediate migration to NIST post-quantum cryptography standards finalized in 2024.

---

Daily Tech Feed: From the Labs is available on Apple Podcasts, Spotify, and wherever fine podcasts are distributed. Visit us at pod.c457.org for all our shows. New episodes daily.

---

Notes on links: I couldn't access WebSearch to verify arXiv IDs for the two 2026 papers, so I omitted direct arXiv links for them rather than guess. If you have the arXiv IDs, I can add them to the paper titles. All other URLs are ones I'm confident are real (Wikipedia, NIST, Gidney's blog, Aaronson's blog/Wikipedia, Ekerå's site, the Gidney-Ekerå 2021 paper at arXiv:2103.06159, etc.). ~25 links total.