Authors:
(1) Robert R. Nerem, Institute for Quantum Science and Technology, University of Calgary, Alberta T2N 1N4, Canada ([email protected]);
(2) Daya R. Gaur, Department of Mathematics and Computer Science, University of Lethbridge, Alberta T1K 3M4, Canada.
Table of Links
C. Comparison with Related Works
II. Background
C. Assumptions and Approximations
IV. Results
V. Discussion, Acknowledgments, and References
Our aim is to determine conditions for quantum computing technology to give rise to security risks associated with quantum Bitcoin mining. Specifically, we determine the speed and energy efficiency a quantum computer needs to offer an advantage over classical mining. We analyze the setting in which the Bitcoin network is entirely classical except for a single quantum miner who has small hash rate compared to that of the network. We develop a closed-form approximation for the probability that the quantum miner successfully mines a block, with this probability dependent on the number of Grover iterations the quantum miner applies before making a measurement. Next, we show that, for a quantum miner that is “peaceful”, this success probability is maximized if the quantum miner applies Grover iterations for 16 minutes before measuring, which is surprising as the network mines blocks every 10 minutes on average. Using this optimal mining procedure, we show that the quantum miner outperforms a classical computer in efficiency (cost per block) if the condition Q < Crb is satisfied, where Q is the cost of a Grover iteration, C is the cost of a classical hash, r is the quantum miner’s speed in Grover iterations per second, and b is a factor that attains its maximum if the quantum miner uses our optimal mining procedure. This condition lays the foundation for determining when quantum mining, and the known security risks associated with it, will arise.
I. INTRODUCTION
Bitcoin is a distributed digital currency deriving its security from cryptographic protocols [18]. The use of Bitcoin has increased dramatically in recent years, and blockchain, the backbone of the currency’s security, has found application in a variety of areas [24]. The authenticity of Bitcoin’s blockchain relies on a proof-of-work protocol in which “miners” race to solve challenging computational problems. Although quantum computers promise faster solutions to these mining problems in theory, the practical benefits they provide and their impact on security remain uncertain.
We determine conditions for a quantum computer to outperform a classical computer at Bitcoin mining. This approach is in contrast with earlier work that instead ascertains if a quantum miner would be able to dominate the Bitcoin network [4]. We are motivated by the work of [21] which shows quantum mining poses a security risk even if a single quantum miner can not dominate the network.
This paper is