Bitcoin vs. Quantum money

Bitcoin and Quantum Money are two innovative approaches in the realm of electronic cash, aiming to combat counterfeiting with distinct methodologies. While Bitcoin operates on blockchain technology, Quantum Money leverages the laws of Quantum Mechanics, requiring a Quantum Computer which is not yet available. Explore the potential of Quantum Money and its implications for the future of digital currency.

• Bitcoin
• Quantum Money
• Counterfeiting
• Electronic Cash
• Blockchain

mel_les Follow

Uploaded on Mar 03, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Bitcoin vs. Quantum money Or Sattath (UC Berkeley)

2. Two approaches against counterfeiting Reach consensus: who has the money? Examples: Bitcoin, ripple, paypal, banks. Seems necessary in electronic cash. No copying of a physical medium. Fiat money, gold, quantum money. As we will see, the problems we will encounter are different from Bitcoin.

3. What is quantum money? It has similar properties to Bitcoin, achieved in a very different way. It is based on the laws of Quantum mechanics. Requires a Quantum Computer - not yet available.

4. Overview Quantum mechanics and quantum computation Wiesner s quantum money scheme The properties of (more recent) quantum money schemes. Is quantum money Bitcoin s Friend or Foe? Could Bitcoin be upgraded to QubitCoin?

5. Quantum Mechanics A theory which describes nature in the tiniest to medium scales. Extremely well confirmed: Richard Feynman compared its precision to predicting the width of North America to an accuracy of one human hair s breadth. Quantum mechanics has some non-intuitive properties.

6. Quantum Computing Computers that directly exploit the laws of quantum mechanics. Quantum computers are not yet fully implemented. Can solve several computational problems exponentially faster than classical computers. Cannot solve NP-Complete problems efficiently. Can break Bitcoin s digital signature scheme. See http://bitcoinmagazine.com/6021/bitcoin-is-not-quantum- safe-and-how-we-can-fix/ for a fix.

7. Qubit A bit is a classical, (i.e. non-quantum) abstraction of a system that can be in one of two states. The implementation is not really important: hard drive, memory, DVD, etc. A qubit is the quantum analogue of that.

8. To the blackboard

9. Fact: The no cloning theorem It is impossible, by the laws of quantum mechanics, to copy a qubit in an unknown state. Intuition: tightly related to the uncertainty principle. Cloning no uncertainty. Also vice versa.

10. Wiesners Quantum Money Scheme First Quantum Information protocol (circa 1970). The bank has an algorithm for issuing quantum money. The bank has (another) algorithm to test the validity of quantum money. It is infeasible to counterfeit quantum money (i.e. takes exponential time).

11. Wiesners money issuance Each note has two parts: a classical serial number, and a quantum state. The classical serial number appears on the note. For each serial number, the bank keeps a random (secret) classical sequence such as: +00-1-+ The bank prepares the quantum state associated with the secret sequence, and puts it on the bill. 21768 Classical part: serial number Quantum part

12. Wiesners money - validation The user sends the note to the bank for validation. The bank looks for the secret sequence associated with the serial number. The bank measures each of the qubits in their appropriate basis. If all the outcomes are as expected, the note is declared as valid, otherwise as invalid.

13. Properties of Wiesners Scheme Downsides: Communication with the bank is required for each validation. (Anonymity issues) The bank can issue more money - without the users awareness. Security is tricky. [Lutomirski 10, Sattath & Nagaj 14] Upsides: Especially useful as a token, such as a bus ticket, where it is not traded. Requires only a quantum calculator (not a full blown quantum computer): only single qubit operations / memory / measurements needed. Quantum memory is the only missing part.

14. Modern quantum money schemes In the modern schemes, everybody can verify the bills the bank is not needed. [Farhi et al. 10, Aaronson & Christiao 12] The bank cannot print more money without users awareness. (Farhi et al.) Aaronson & Christiano s security is based on the hardness of a classical problem relative to a quantum attacker (NICE!).

15. Is there a way to upgrade Bitcoin to QubitCoin? A user will add the following message to the blockchain: I declare that my bitcoin associated with this private key is invalid; I created a QubitCoin with an associated serial number X. The serial number is enough to validate the money. (but the serial number is not enough to copy the money)

16. Comparison between Bitcoin and QubitCoin Quantum Money Bitcoin Security cost ~1% of total value in mining fees / rewards is required. Security comes for free. No miners

17. Comparison between Bitcoin and QubitCoin Quantum Money Bitcoin Security cost Privacy / Anonymity Bitcoin is pseudonymous. Improvements using coin-join, ring signatures, and zero-knowledge proofs (zero-cash). Quantum money is traceless.

18. Comparison between Bitcoin and QubitCoin Quantum Money Bitcoin Security cost Privacy / Anonymity Issuer cannot forge legitimate money After (honest) issuance, the issuer has no way to forge money.

19. Comparison between Bitcoin and QubitCoin Quantum Money Bitcoin Security cost Privacy / Anonymity Issuer cannot forge legitimate money Issuer cannot forge during issuance During issuance, the issuer has no way to forge

20. Comparison between Bitcoin and QubitCoin (continued) Quantum Money Bitcoin Proof of payment Buyer can convince a third party that he has paid for a service. See BIP-70. Problem: Transactions are traceless. Partial solution: installments, and digitally signed receipts.

21. Comparison between Bitcoin and QubitCoin (continued) Quantum Money Bitcoin Proof of payment Digital transmission *Requires a quantum internet

22. Comparison between Bitcoin and QubitCoin (continued) M-of-N Multi-sig, distributed exchanges, assurance contracts, saving accounts, atomic cross chain transactions, smart property Quantum Money Bitcoin Proof of payment Digital transmission Bitcoin 2.0 (smart contracts, etc.) Same limitations as cash and gold.

23. Comparison between Bitcoin and QubitCoin (continued) Quantum Money Bitcoin Proof of payment Digital transmission Bitcoin 2.0 (smart contracts, etc.) Backup Complicated. ? or less is impossible (cloning). As many copies of the private keys can be saved. One copy is sufficient for restoration. 2-of-n

24. Conclusions Peer to peer networks have disadvantages. Not everything should be distributed. Quantum money may be used in a centralized way by central banks. ~$800M printing cost in the USA per year. ~3000 arrests per year. May be a strong competitor to Bitcoin, that is hard to de-centralize, in the long run. Two way pegging (Bitcoin and QubitCoin)

25. References S. Wiesner. "Conjugate coding." ACM Sigact News 15.1 (1983): 78-88. E. Farhi, et al. "Quantum money from knots." Proceedings of the 3rd Innovations in Theoretical Computer Science Conference. ACM, 2012. S. Aaronson, and P. Christiano. "Quantum money from hidden subspaces." Proceedings of the forty-fourth annual ACM symposium on Theory of computing. ACM, 2012. A. Lutomirski. "An online attack against Wiesner's quantum money."arXiv preprint arXiv:1010.0256 (2010).