On the insecurity of quantum Bitcoin mining

Research output: Contribution to journalArticlepeer-review

2 Scopus citations


Grover’s algorithm confers on quantum computers a quadratic advantage over classical computers for searching in an arbitrary data set, a scenario that describes Bitcoin mining. It has previously been argued that the only side effect of quantum mining would be an increased difficulty. In this work, we argue that a crucial argument in the analysis of Bitcoin security breaks down when quantum mining is performed. Classically, a Bitcoin fork occurs rarely, i.e., when two miners find a block almost simultaneously, due to propagation time effects. The situation differs dramatically when quantum miners use Grover’s algorithm, which repeatedly applies a procedure called a Grover iteration. The chances of finding a block grow quadratically with the number of Grover iterations applied. Crucially, a miner does not have to choose how many iterations to apply in advance. Suppose Alice receives Bob’s new block. To maximize her revenue, she should stop and measure her state immediately in the hopes that her block (rather than Bob’s) will become part of the longest chain. The strong correlation between the miners’ actions and the fact that they all measure their states at the same time may lead to more forks—which is known to be a security risk for Bitcoin. We propose a mechanism that, we conjecture, will prevent this form of quantum mining, thereby circumventing the high rate of forks.

Original languageEnglish
Pages (from-to)291-302
Number of pages12
JournalInternational Journal of Information Security
Issue number3
StatePublished - 1 Jun 2020


  • Bitcoin
  • Cryptocurrencies
  • Grover’s algorithm
  • Post-quantum cryptography
  • Proof of work
  • Quantum computing
  • Quantum cryptography
  • Security


Dive into the research topics of 'On the insecurity of quantum Bitcoin mining'. Together they form a unique fingerprint.

Cite this