51% Attack via Difficulty Increase with a Small Quantum Miner

Abstract

We present a strategy for a single quantum miner with relatively low hashing power, with the same ramifications as a 51% attack. Bitcoin nodes consider the chain with the highest cumulative proof-of-work to be the valid chain. A quantum miner can manipulate the block timestamps to multiply the difficulty by $c$. The fork-choice rule counts every block with increased difficulty with weight $c$. By using Grover's algorithm, it is only $O(\sqrt c)$ harder for the quantum miner to mine such blocks. By picking a high enough $c$, the single quantum miner can create a competing chain with fewer blocks, but more cumulative proof-of-work. The time required is $O(\frac{1}{r^2})$ epochs, where $r$ is the fraction of the block rewards that the quantum miner would have received if they mined honestly. Most proof-of-work cryptocurrencies, including Bitcoin, are vulnerable to our attack. However, it will likely be impossible to execute in forthcoming years, as it requires an extremely fast and fault-tolerant quantum computer.