Quantum Computers and Bitcoin
by Dave D'Rave
Quantum computer technology appears to be following an exponential growth curve. Near-term devices which use 16-qubits are likely to be available in January 2018. The doubling time appears to be between two and four years (Moore's Law).
Practical Bitcoin mining systems which are based on quantum computers may arrive as soon as 2020, depending on the available algorithms. At first, these systems will supplement the existing mining technology. Within two to three years of the first quantum Bitcoin miners, conventional Bitcoin mining technology will be obsolete.
The Bitcoin algorithm itself is likely to continue to be viable until 256-qubit quantum computers become available, 20 to 30 years from now.
History
Single-qubit quantum computer experiments date back to the 1990s. These had rather high error rates, which were gradually improved. Current technology uses Quantum Error Correction (QEC), which has the characteristic that additional qubits are used for error correction, redundancy, etc. An actual device would contain between five and 17 raw qubits for every net qubit. This results in some confusion about how to count the qubits in a given device. In this article, "qubit" means a net qubit.
The first practical qubit, which includes error correction, was described in the 2010-2011 period.
IBM announced a 5-qubit chip in 2016 and made it available to the public as a web service under the name the "IBM Quantum Experience." The IBM quantum chip uses superconducting loops. At roughly the same time, researchers in Maryland developed a 5-qubit (net) system which uses trapped ion technology.
Current Situation
IBM, Google, and Rigetti have all indicated that they plan to announce a 16-qubit quantum chip in either late 2017 or early 2018. All three have indicated that they may provide public access to these systems using some kind of web-based control panel. Rigetti, in particular, seems committed to the business model of "cloud-based quantum computing."
Trends
If you draw a line through these three data points, it looks a lot like an exponential. Between 2011 and 2016 there were two doublings. Pre-announced results for the period from 2016-2018 would provide two more doublings.
Likely Future Developments
Because quantum computers are able to perform parallel operations, each qubit doubles the parallelism for certain problems. In practice, a 5-qubit machine is a toy, a 16-qubit machine is useful for training and research, and 32-qubit would be equivalent to a supercomputer.
Somewhere around 40-48 qubits, we will arrive at a situation in which a quantum computer is the most powerful machine in the world, at least for problems which do not require a large dataset or a lot of I/O. That day is less than ten years away.
Predictions
Assuming that the 16-qubit machines are available as a web-based service, I expect that at least a few groups of people will attempt to write and execute algorithms for Bitcoin mining using these devices. It is likely that most of them will succeed, and that none of the first-generation quantum miners will be able to provide a noticeable amount of hashing power.
When the 32-qubit machines become available (four to six years from now), there will be a lot of interest in using them for Bitcoin. It is likely that quantum miners will become available which are cost-competitive with conventional computer technology. At that point, we will see a gradual phase-over to the new type of mining equipment. I do not expect that Bitcoin itself or the Bitcoin community will be affected by quantum computer mining.
Quantum Computer Algorithms for Bitcoin
The Bitcoin mining algorithm uses SHA-256 as its internal proof of work. Obvious algorithms exist which would allow a 256-qubit quantum computer to solve a mining problem in less than a second. Other algorithms promise to reduce that time to less than a millisecond.
Since 256-qubit quantum computers are likely to arrive 20 to 30 years from now, this does not look like an immediate problem. Also, it is not clear that the Bitcoin community would have a big problem with adjusting the block update time.
The more interesting question is whether algorithms exist which would, for example, allow a 32-qubit quantum computer to perform four billion hashes per second, or maybe four billion hashes per microsecond. This would certainly reduce the value of GPU-based Bitcoin mining systems. Such algorithms are described as "hybrid," in that much of the work would be pre-computed using conventional computers, and the quantum processor would be given the job of crunching a well-defined set of superpositions.
While using a 16-qubit processor to mine Bitcoins is unlikely to make economic sense, it will be very interesting to see if anyone is able to use these devices for that purpose.
Quantum Computer Algorithms for Altcoins
Systems such as Litecoin were designed with the explicit goal of avoiding certain perceived problems with the standard Bitcoin algorithm. For this reason, the speed-up from a quantum computer will vary, depending on which altcoin is being mined.
Without actually producing algorithms for each of the altcoins, it is not possible to say exactly which altcoin will be the most susceptible to quantum computer mining. It is likely that one of the altcoins will turn out to be more suitable for quantum mining than the others.
Technology Issues
All three of the commercial quantum computers which are likely to be made available for web-based applications are using superconducting loop technology. At this time, there are at least two other methods of building a quantum computer: ion traps and phosphorus/silicon methods.
Because there are multiple technologies which appear to be viable, there is good reason to expect that no major showstoppers will be encountered.
Political and Business Issues
While Bitcoin mining per se is not very interesting to the intelligence community, anything having to do with actual, real-world application of quantum computers will definitely get their attention. This is not a good thing.
It would not be especially surprising if major limitations were placed on people who want to use public quantum computers. If the government gets involved, we can expect demands for ID, requirements asking you to tell them what your program is trying to do, and possibly a prohibition on persons from certain countries. This will not work, of course. The technology is well-known, and there are many countries who have well-funded quantum computer programs and little incentive to cooperate with Western intelligence agencies. China, for example.
At the same time, I think that quantum computer systems and quantum computer hardware in general are already on the ITAR "Do Not Export" list. The big question is whether advanced countries like Canada and Australia will go along with such export restrictions.
The bottom line is that an aggressive government program to slow down the development of Bitcoin mining by quantum computers will mostly result in the technology moving to places like Austria, Sweden, and China.
In parallel with this, we can expect that the "terms of service" for anyone who is using a web-based quantum computer will basically allow the machine's owner to read your files. This will mean that anyone who can set up a public quantum computer service which promises privacy will have some advantage. It also means that a lot of people will be motivated to get their own private hardware.