how fast will this quantum computer be able to factorize the public key into it's private key? it has to be faster than a miner can mine transactions transferring to a quantum resistant keypair.
That is something which is suspiciously missing from the paper linked to by OP as well. It's all well and good saying "We have a xxx qubit computer which can solve the ECDLP for 256 bit private keys", but if you have to run your xxx qubit computer for a ten years to find a single private key, then it isn't going to pose much of a risk to bitcoin.
well neither does IBM's 4000 qubit computer (and some kind of quantum resistant keypair cryptography does exist, although I have no idea how good it is, nor whether it's at all suitable for Bitcoin addresses/tx's)
There are quite a few in development:
https://en.wikipedia.org/wiki/Post-quantum_cryptographyThe last discussion regarding quantum computers on the mailing list I am aware of is from April last year:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-April/020209.htmlThis discussion focuses on NTRU, which is a lattice-based algorithm:
https://en.wikipedia.org/wiki/NTRUPicking one now, when the threat from quantum computers is very likely still decades away, seems very premature though. There is a good chance that whatever we picked today would be at best outdated and at worst insecure by the time it actually mattered.