
Bitcoin and quantum computing
Bitcoin is a digital currency and payment system based on classical cryp...
read it

Strategies for quantum races
We initiate the study of quantum races, games where two or more quantum ...
read it

On Profitability of Trailing Mining
We compute the revenue ratio of the Trail Stubborn mining strategy in th...
read it

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash?
In Aug. 2017, Bitcoin was split into the original Bitcoin (BTC) and Bitc...
read it

Close Latency–Security Tradeoff for the Nakamoto Consensus
Bitcoin is a peertopeer electronic cash system invented by Nakamoto in...
read it

Quantum Advantage on Proof of Work
ProofofWork (PoW) is a fundamental underlying technology behind most m...
read it

Bitcoin Selfish Mining and Dyck Words
We give a straightforward proof for the formula giving the longterm app...
read it
On the insecurity of quantum Bitcoin mining
Grover's algorithm provides quantum computers a quadratic advantage over classical computers for searching in an arbitrary dataset. Bitcoin mining falls into this category of a search problem. It has been previously argued that the only sideeffect of quantum mining would be an increased difficulty, due to this quadratic speedup which can be applied to Bitcoin mining. In this work we argue that a crucial argument in the analysis of Bitcoin's security breaks down when quantum mining is performed. Classically, a Bitcoin fork occurs rarely, when two miners find a block almost at the same time: only if both miners are unaware of the other's block, due to propagation time effects. The situation differs dramatically when quantum miners use Grover's algorithm. Grover's algorithm repeatedly applies a procedure called a Grover iteration. More iterations provide a quadratically higher chance of finding a block. Crucially, a miner does not have to choose how many iterations to apply in advance. Suppose Alice receives Bob's new block. To maximize her revenue, she should stop applying Grover iterations and measure her state. Her hope is that her block (rather than Bob's) would become part of the longest chain. This strong correlation between the miners' actions, and the fact that they all measure their state at the same time, may lead to more forks. This is known as a security risk for Bitcoin. We propose a mechanism which, we conjecture, prohibits this form of quantum mining, and circumvents the high rate of forks.
READ FULL TEXT
Comments
There are no comments yet.