Chris Bell Chris Bell 'All I ask for is the chance to prove that money can't make me happy.'
- Spike Milligan
Chris Bell

Token | Videos | Sitemap

Cryptocurrency >>   Buy Bitcoin (BTC)

Buy Bitcoin (BTC) in multiple ways (including USD) below:

You will stay on this website. Do not refresh your browser, or you will have to visit to see your exchange progress.


Bitcoin is a cryptocurrency, a form of electronic cash. It is a decentralized digital currency without a central bank or single administrator that can be sent from user to user on the peer-to-peer bitcoin network without the need for intermediaries.

Bitcoin (BTC) Logo

Transactions are verified by network nodes through cryptography and recorded in a public distributed ledger called a blockchain. Bitcoin was invented by an unknown person or group of people using the name Satoshi Nakamoto and released as open-source software in 2009.[10] Bitcoins are created as a reward for a process known as mining. They can be exchanged for other currencies, products, and services. Research produced by the University of Cambridge estimates that in 2017, there were 2.9 to 5.8 million unique users using a cryptocurrency wallet, most of them using bitcoin.

Bitcoin has been criticized for its use in illegal transactions, its high electricity consumption, price volatility, thefts from exchanges, and the possibility that bitcoin is an economic bubble.[13] Bitcoin has also been used as an investment, although several regulatory agencies have issued investor alerts about bitcoin.



The domain name "" was registered on 18 August 2008. In November 2008, a link to a paper authored by Satoshi Nakamoto titled Bitcoin: A Peer-to-Peer Electronic Cash System was posted to a cryptography mailing list. Nakamoto implemented the bitcoin software as open source code and released it in January 2009. The identity of Nakamoto remains unknown. In January 2009, the bitcoin network was created when Nakamoto mined the first block of the chain, known as the genesis block. Embedded in the coinbase of this block was the following text:

The Times 03/Jan/2009 Chancellor on brink of second bailout for banks.

This note has been interpreted as both a timestamp and a comment on the instability caused by fractional-reserve banking. The receiver of the first bitcoin transaction was cypherpunk Hal Finney, who created the first reusable proof-of-work system (RPOW) in 2004.[21] Finney downloaded the bitcoin software on its release date, and received 10 bitcoins from Nakamoto.[22][23] Other early cypherpunk supporters were creators of bitcoin predecessors: Wei Dai, creator of b-money, and Nick Szabo, creator of bit gold. Nakamoto is estimated to have mined 1 million bitcoins before disappearing in 2010, when he handed the network alert key and control of the code repository over to Gavin Andresen. Andresen later became lead developer at the Bitcoin Foundation.[26][27] Andresen then sought to decentralize control. This left opportunity for controversy to develop over the future development path of bitcoin.


After early "proof-of-concept" transactions, the first major users of bitcoin were black markets, such as Silk Road. During its 30 months of existence, starting in February 2011, Silk Road exclusively accepted bitcoins as payment, transacting 9.9 million in bitcoins, worth about $214 million. In 2011, price started at $0.30 per bitcoin, growing to $5.27 for the year. Price rose to $31.50 on 8 June. Within a month the price fell to $11.00. The next month if fell to $7.80, and in another month to $4.77. Litecoin was an early bitcoin spin-off or altcoin, starting in October 2011. Many altcoins have been created since. In 2012 bitcoin prices started at $5.27 growing to $13.30 for the year. By 9 January the price had risen to $7.38, but then crashed by 49% to $3.80 over the next 16 days. The price then rose to $16.41 on 17 August, but fell by 57% to $7.10 over the next three days. The Bitcoin Foundation was founded in September 2012 to promote Bitcoin's development and uptake.


In 2013 prices started at $13.30 rising to $770 by 1 January 2014. In March 2013 the blockchain temporarily split into two independent chains with different rules. The two blockchains operated simultaneously for six hours, each with its own version of the transaction history. Normal operation was restored when the majority of the network downgraded to version 0.7 of the bitcoin software. The Mt. Gox exchange briefly halted bitcoin deposits and the price dropped by 23% to $37 before recovering to previous level of approximately $48 in the following hours. The US Financial Crimes Enforcement Network (FinCEN) established regulatory guidelines for "decentralized virtual currencies" such as bitcoin, classifying American bitcoin miners who sell their generated bitcoins as Money Service Businesses (MSBs), that are subject to registration or other legal obligations. In April, exchanges BitInstant and Mt. Gox experienced processing delays due to insufficient capacity resulting in the bitcoin price dropping from $266 to $76 before returning to $160 within six hours. The bitcoin price rose to $259 on 10 April, but then crashed by 83% to $45 over the next 3 days.

On 15 May 2013, the US authorities seized accounts associated with Mt. Gox after discovering that it had not registered as a money transmitter with FinCEN in the US. On 23 June 2013, the US Drug Enforcement Administration listed 11.02 bitcoins as a seized asset in a United States Department of Justice seizure notice pursuant to 21 U.S.C. § 881. This marked the first time a government agency seized bitcoin. The FBI seized about 26,000 bitcoins in October 2013 from darknet website Silk Road during the arrest of Ross William Ulbricht. Bitcoin's price rose to $755 on 19 November and crashed by 50% to $378 the same day. On 30 November 2013 the price reached $1,163 before starting a long-term crash, declining by 87% to $152 in January 2015.

On 5 December 2013, the People's Bank of China prohibited Chinese financial institutions from using bitcoins. After the announcement, the value of bitcoins dropped, and Baidu no longer accepted bitcoins for certain services. Buying real-world goods with any virtual currency had been illegal in China since at least 2009. In 2014 prices started at $770 and fell to $314 for the year. In February 2014 the Mt. Gox exchange, the largest bitcoin exchange at the time, said that 850,000 bitcoins had been stolen from its customers, amounting to almost $500 million. Bitcoin's price fell by almost half, from $867 to $439 (a 49% drop). Prices remained low until late 2016. In 2015 prices started at $314 and rose to $434 for the year. In 2016 prices rose to $998 on 1 January 2017.


In 2017 prices started at $998 and rose to $13,412.44 on 1 January 2018. On 17 December bitcoin's price reached an all-time high of $19,666 and then fell 70% to $5,920 on 6 February 2018. China banned trading in bitcoin, with the first steps taken in September 2017, and a complete ban starting 1 February 2018. Bitcoin prices then fell from $9,052 to $6,914 on 5 February 2018. The percentage of bitcoin trading in renminbi fell from over 90% in September 2017 to less than 1% in June. Throughout the rest of the first half of 2018, bitcoin's price fluctuated between $11,480 and $5,848. On 1 July 2018 bitcoin's price was $6,469. Bitcoin prices were negatively affected by several hacks or thefts from cryptocurrency exchanges, including thefts from Coincheck in January 2018, Coinrail and Bithumb in June, and Bancor in July. For the first six months of 2018, $761 million worth of cryptocurrencies was reported stolen from exchanges.[59] Bitcoin's price was affected even though other cryptocurrencies were stolen at Coinrail and Bancor, as investors worried about the security of cryptocurrency exchanges.



The bitcoin blockchain is a public ledger that records bitcoin transactions. It is implemented as a chain of blocks, each block containing a hash of the previous block up to the genesis block[a] of the chain. The maintenance of the blockchain is performed by a network of communicating nodes running bitcoin software. Transactions of the form payer X sends Y bitcoins to payee Z are broadcast to this network using readily available software applications. Network nodes can validate transactions, add them to their copy of the ledger, and then broadcast these ledger additions to other nodes. To achieve independent verification of the chain of ownership each network node stores its own copy of the blockchain. About every 10 minutes, a new group of accepted transactions, called a block, is created, added to the blockchain, and quickly published to all nodes, without requiring a central oversight. This allows bitcoin software to determine when a particular bitcoin was spent, which is needed to prevent double-spending. A conventional ledger records the transfers of actual bills or promissory notes that exist apart from it, but the blockchain is the only place that bitcoins can be said to exist in the form of unspent outputs of transactions.


Transactions are defined using a Forth-like scripting language. Transactions consist of one or more inputs and one or more outputs. When a user sends bitcoins, the user designates each address and the amount of bitcoin being sent to that address in an output. To prevent double spending, each input must refer to a previous unspent output in the blockchain. The use of multiple inputs corresponds to the use of multiple coins in a cash transaction. Since transactions can have multiple outputs, users can send bitcoins to multiple recipients in one transaction. As in a cash transaction, the sum of inputs (coins used to pay) can exceed the intended sum of payments. In such a case, an additional output is used, returning the change back to the payer.[66] Any input satoshis not accounted for in the transaction outputs become the transaction fee.


The unit of account of the bitcoin system is a bitcoin. Ticker symbols used to represent bitcoin are BTC[b] and XBT.[c] Its Unicode character is ₿. Small amounts of bitcoin used as alternative units are millibitcoin (mBTC), and satoshi (sat). Named in homage to bitcoin's creator, a satoshi is the smallest amount within bitcoin representing 0.00000001 bitcoins, one hundred millionth of a bitcoin. A millibitcoin equals 0.001 bitcoins, one thousandth of a bitcoin or 100,000 satoshis.

Transaction fees

Though transaction fees are optional, miners can choose which transactions to process and prioritize those that pay higher fees. Miners may choose transactions based on the fee paid relative to their storage size, not the absolute amount of money paid as a fee. These fees are generally measured in satoshis per byte (sat/b). The size of transactions is dependent on the number of inputs used to create the transaction, and the number of outputs.


In the blockchain, bitcoins are registered to bitcoin addresses. Creating a bitcoin address is nothing more than picking a random valid private key and computing the corresponding bitcoin address. This computation can be done in a split second. But the reverse (computing the private key of a given bitcoin address) is mathematically unfeasible and so users can tell others and make public a bitcoin address without compromising its corresponding private key. Moreover, the number of valid private keys is so vast that it is extremely unlikely someone will compute a key-pair that is already in use and has funds. The vast number of valid private keys makes it unfeasible that brute force could be used for that. To be able to spend the bitcoins, the owner must know the corresponding private key and digitally sign the transaction. The network verifies the signature using the public key.

If the private key is lost, the bitcoin network will not recognize any other evidence of ownership; the coins are then unusable, and effectively lost. For example, in 2013 one user claimed to have lost 7,500 bitcoins, worth $7.5 million at the time, when he accidentally discarded a hard drive containing his private key. A backup of his key(s) would have prevented this. About 20% of all bitcoins are believed to be lost. The lost coins would have a market value of about $20 billion at July 2018 prices. Approximately 1 million bitcoins have been stolen, which would have a value of about $7 billion at July 2018 prices.


Mining is a record-keeping service done through the use of computer processing power.[e] Miners keep the blockchain consistent, complete, and unalterable by repeatedly grouping newly broadcast transactions into a block, which is then broadcast to the network and verified by recipient nodes. Each block contains a SHA-256 cryptographic hash of the previous block, thus linking it to the previous block and giving the blockchain its name.

To be accepted by the rest of the network, a new block must contain a so-called proof-of-work (PoW). The system used is based on Adam Back's 1997 anti-spam scheme, Hashcash. The PoW requires miners to find a number called a nonce, such that when the block content is hashed along with the nonce, the result is numerically smaller than the network's difficulty target. This proof is easy for any node in the network to verify, but extremely time-consuming to generate, as for a secure cryptographic hash, miners must try many different nonce values (usually the sequence of tested values is the ascending natural numbers: 0, 1, 2, 3, ...) before meeting the difficulty target.

Every 2,016 blocks (approximately 14 days at roughly 10 min per block), the difficulty target is adjusted based on the network's recent performance, with the aim of keeping the average time between new blocks at ten minutes. In this way the system automatically adapts to the total amount of mining power on the network. Between 1 March 2014 and 1 March 2015, the average number of nonces miners had to try before creating a new block increased from 16.4 quintillion to 200.5 quintillion.

The proof-of-work system, alongside the chaining of blocks, makes modifications of the blockchain extremely hard, as an attacker must modify all subsequent blocks in order for the modifications of one block to be accepted. As new blocks are mined all the time, the difficulty of modifying a block increases as time passes and the number of subsequent blocks (also called confirmations of the given block) increases.

Pooled mining

Computing power is often bundled together or "pooled" to reduce variance in miner income. Individual mining rigs often have to wait for long periods to confirm a block of transactions and receive payment. In a pool, all participating miners get paid every time a participating server solves a block. This payment depends on the amount of work an individual miner contributed to help find that block.


The successful miner finding the new block is rewarded with newly created bitcoins and transaction fees. As of 9 July 2016, the reward amounted to 12.5 newly created bitcoins per block added to the blockchain. To claim the reward, a special transaction called a coinbase is included with the processed payments. All bitcoins in existence have been created in such coinbase transactions. The bitcoin protocol specifies that the reward for adding a block will be halved every 210,000 blocks (approximately every four years). Eventually, the reward will decrease to zero, and the limit of 21 million bitcoins[f] will be reached c. 2140; the record keeping will then be rewarded by transaction fees solely. In other words, bitcoin's inventor Nakamoto set a monetary policy based on artificial scarcity at bitcoin's inception that there would only ever be 21 million bitcoins in total. Their numbers are being released roughly every ten minutes and the rate at which they are generated would drop by half every four years until all were in circulation.


A wallet stores the information necessary to transact bitcoins. While wallets are often described as a place to hold or store bitcoins, due to the nature of the system, bitcoins are inseparable from the blockchain transaction ledger. A better way to describe a wallet is something that "stores the digital credentials for your bitcoin holdings" and allows one to access (and spend) them. Bitcoin uses public-key cryptography, in which two cryptographic keys, one public and one private, are generated. At its most basic, a wallet is a collection of these keys. There are three modes which wallets can operate in. They have an inverse relationship with regards to trustlessness and computational requirements.

  • Full clients verify transactions directly by downloading a full copy of the blockchain (over 150 GB As of January 2018). They are the most secure and reliable way of using the network, as trust in external parties is not required. Full clients check the validity of mined blocks, preventing them from transacting on a chain that breaks or alters network rules. Because of its size and complexity, downloading and verifying the entire blockchain is not suitable for all computing devices.

  • Lightweight clients consult full clients to send and receive transactions without requiring a local copy of the entire blockchain (see simplified payment verification – SPV). This makes lightweight clients much faster to set up and allows them to be used on low-power, low-bandwidth devices such as smartphones. When using a lightweight wallet, however, the user must trust the server to a certain degree, as it can report faulty values back to the user. Lightweight clients follow the longest blockchain and do not ensure it is valid, requiring trust in miners.

Third-party internet services called online wallets offer similar functionality but may be easier to use. In this case, credentials to access funds are stored with the online wallet provider rather than on the user's hardware. As a result, the user must have complete trust in the wallet provider. A malicious provider or a breach in server security may cause entrusted bitcoins to be stolen. An example of such a security breach occurred with Mt. Gox in 2011. This has led to the often-repeated meme "Not your keys, not your bitcoin".

Physical wallets store offline the credentials necessary to spend bitcoins. One notable example was a novelty coin with these credentials printed on the reverse side. Paper wallets are simply paper printouts. Another type of wallet called a hardware wallet keeps credentials offline while facilitating transactions.


The first wallet program – simply named "Bitcoin" – was released in 2009 by Satoshi Nakamoto as open-source code. In version 0.5 the client moved from the wxWidgets user interface toolkit to Qt, and the whole bundle was referred to as "Bitcoin-Qt". After the release of version 0.9, the software bundle was renamed "Bitcoin Core" to distinguish itself from the underlying network. It is sometimes referred to as the "Satoshi client".


Bitcoin Core is, perhaps, the best known implementation or client. Alternative clients (forks of Bitcoin Core) exist, such as Bitcoin XT, Bitcoin Unlimited, and Parity Bitcoin. On 1 August 2017, a hard fork of bitcoin was created, known as Bitcoin Cash. Bitcoin Cash has a larger block size limit and had an identical blockchain at the time of fork. On 24 October 2017 another hard fork, Bitcoin Gold, was created. Bitcoin Gold changes the proof-of-work algorithm used in mining, as the developers felt that mining had become too specialized.

Decentralization and centralization


Bitcoin does not have a central authority and the bitcoin network is decentralized:

  • There is no central server, bitcoin ledger is distributed.

  • The ledger is public, anybody can store it on their computer.

  • There is no single administrator, the ledger is maintained by a network of equally privileged miners.

  • Anybody can become a miner.

  • The additions to the ledger are maintained through competition – until a new block is added to the ledger, it is not known which miner will create the block.

  • The issuance of bitcoins is decentralized – bitcoins are issued as a reward for the creation of a new block.

  • Anybody can create a new bitcoin address (a bitcoin counterpart of a bank account) without needing any approval.

  • Anybody can send a transaction to the network without needing any approval, the network merely confirms that the transaction is legitimate.

Trend towards centralization

Although bitcoin can be sent directly from peer-to-peer, in practice intermediaries are widely used. Researchers have pointed out at a "trend towards centralization" by the means of miners joining large mining pools to minimize the variance of their income. Because transactions on the network are confirmed by miners, decentralization of the network requires that no single miner or mining pool obtains 51% of the hashing power, which would allow them to double-spend coins, prevent certain transactions from being verified and prevent other miners from earning income. As of 2013 just six mining pools controlled 75% of overall bitcoin hashing power. In 2014 mining pool obtained 51% hashing power which raised significant controversies about the safety of the network. The pool has voluntarily capped their hashing power at 39.99% and requested other pools to act responsibly for the benefit of the whole network. According to researchers, other parts of the ecosystem are also "controlled by a small set of entities", notably online wallets and simplified payment verification (SPV) clients.


Bitcoin is pseudonymous, meaning that funds are not tied to real-world entities but rather bitcoin addresses. Owners of bitcoin addresses are not explicitly identified, but all transactions on the blockchain are public. In addition, transactions can be linked to individuals and companies through "idioms of use" (e.g., transactions that spend coins from multiple inputs indicate that the inputs may have a common owner) and corroborating public transaction data with known information on owners of certain addresses. Additionally, bitcoin exchanges, where bitcoins are traded for traditional currencies, may be required by law to collect personal information.

To heighten financial privacy, a new bitcoin address can be generated for each transaction. For example, hierarchical deterministic wallets generate pseudorandom "rolling addresses" for every transaction from a single seed, while only requiring a single passphrase to be remembered to recover all corresponding private keys. Researchers at Stanford University and Concordia University have also shown that bitcoin exchanges and other entities can prove assets, liabilities, and solvency without revealing their addresses using zero-knowledge proofs. "Bulletproofs," a version of Confidential Transactions proposed by Greg Maxwell, have been tested by Professor Dan Boneh of Stanford. Other solutions such Merkelized Abstract Syntax Trees (MAST), pay-to-script-hash (P2SH) with MERKLE-BRANCH-VERIFY, and "Tail Call Execution Semantics", have also been proposed to support private smart contracts.


Wallets and similar software technically handle all bitcoins as equivalent, establishing the basic level of fungibility. Researchers have pointed out that the history of each bitcoin is registered and publicly available in the blockchain ledger, and that some users may refuse to accept bitcoins coming from controversial transactions, which would harm bitcoin's fungibility.


The blocks in the blockchain were originally limited to 32 megabyte in size. The block size limit of one megabyte was introduced by Satoshi Nakamoto in 2010. Eventually the block size limit of one megabyte created problems for transaction processing, such as increasing transaction fees and delayed processing of transactions.

On 24 August 2017 (at block 481,824), Segregated Witness (SegWit) went live. Transactions contain some data which is only used to verify the transaction, and does not otherwise effect the movement of coins. SegWit introduces a new transaction format that moves this data into a new field in a backwards-compatible way. The segregated data, the so-called witness, is not sent to non-SegWit nodes and therefore does not form part of the blockchain as seen by legacy nodes. This lowers the size of the average transaction in such nodes' view, thereby increasing the block size without incurring the hard fork implied by other proposals for block size increases. Thus, per computer scientist Jochen Hoenicke, the actual block capacity depends on the ratio of SegWit transactions in the block, and on the ratio of signature data. Based on his estimate, if the ratio of SegWit transactions is 50%, the block capacity may be 1.25 megabytes. According to Hoenicke, if native SegWit addresses from Bitcoin Core version 0.16.0 are used, and SegWit adoption reaches 90 to 95%, a block size of up to 1.8 megabytes is possible.

What is Bitcoin?

To cut through some of the confusion surrounding bitcoin, we need to separate it into two components. On the one hand, you have bitcoin-the-token, a snippet of code that represents ownership of a digital concept – sort of like a virtual IOU. On the other hand, you have bitcoin-the-protocol, a distributed network that maintains a ledger of balances of bitcoin-the-token. Both are referred to as "bitcoin."

The system enables payments to be sent between users without passing through a central authority, such as a bank or payment gateway. It is created and held electronically. Bitcoins aren't printed, like dollars or euros – they're produced by computers all around the world, using free software.

It was the first example of what we today call cryptocurrencies, a growing asset class that shares some characteristics of traditional currencies, with verification based on cryptography.

What is Bitcoin (BTC)?

Who created it?

A pseudonymous software developer going by the name of Satoshi Nakamoto proposed bitcoin in 2008, as an electronic payment system based on mathematical proof. The idea was to produce a means of exchange, independent of any central authority, that could be transferred electronically in a secure, verifiable and immutable way. To this day, no-one knows who Satoshi Nakamoto really is.

In what ways is it different from traditional currencies?

Bitcoin can be used to pay for things electronically, if both parties are willing. In that sense, it's like conventional dollars, euros, or yen, which are also traded digitally. But it differs from fiat digital currencies in several important ways:

1 – Decentralization

Bitcoin's most important characteristic is that it is decentralized. No single institution controls the bitcoin network. It is maintained by a group of volunteer coders, and run by an open network of dedicated computers spread around the world. This attracts individuals and groups that are uncomfortable with the control that banks or government institutions have over their money.

Bitcoin solves the "double spending problem" of electronic currencies (in which digital assets can easily be copied and re-used) through an ingenious combination of cryptography and economic incentives. In electronic fiat currencies, this function is fulfilled by banks, which gives them control over the traditional system. With bitcoin, the integrity of the transactions is maintained by a distributed and open network, owned by no-one.

2 - Limited supply

Fiat currencies (dollars, euros, yen, etc.) have an unlimited supply – central banks can issue as many as they want, and can attempt to manipulate a currency's value relative to others. Holders of the currency (and especially citizens with little alternative) bear the cost.

With bitcoin, on the other hand, the supply is tightly controlled by the underlying algorithm. A small number of new bitcoins trickle out every hour, and will continue to do so at a diminishing rate until a maximum of 21 million has been reached. This makes bitcoin more attractive as an asset – in theory, if demand grows and the supply remains the same, the value will increase.

How Bitcoin (BTC) Works

3 - Pseudonymity

While senders of traditional electronic payments are usually identified (for verification purposes, and to comply with anti-money laundering and other legislation), users of bitcoin in theory operate in semi-anonymity. Since there is no central "validator," users do not need to identify themselves when sending bitcoin to another user. When a transaction request is submitted, the protocol checks all previous transactions to confirm that the sender has the necessary bitcoin as well as the authority to send them. The system does not need to know his or her identity.

In practice, each user is identified by the address of his or her wallet. Transactions can, with some effort, be tracked this way. Also, law enforcement has developed methods to identify users if necessary.

Furthermore, most exchanges are required by law to perform identity checks on their customers before they are allowed to buy or sell bitcoin, facilitating another way that bitcoin usage can be tracked. Since the network is transparent, the progress of a particular transaction is visible to all.

This makes bitcoin not an ideal currency for criminals, terrorists or money-launderers.

4 - Immutability

Bitcoin transactions cannot be reversed, unlike electronic fiat transactions.

This is because there is no central "adjudicator" that can say "ok, return the money." If a transaction is recorded on the network, and if more than an hour has passed, it is impossible to modify.

While this may disquiet some, it does mean that any transaction on the bitcoin network cannot be tampered with.

5 - Divisibility

The smallest unit of a bitcoin is called a satoshi. It is one hundred millionth of a bitcoin (0.00000001) – at today's prices, about one hundredth of a cent. This could conceivably enable microtransactions that traditional electronic money cannot.
By: Noelle Acheson

Quantum Computers Pose Imminent Threat to Bitcoin Security

The massive calculating power of quantum computers will be able to break Bitcoin security within 10 years, say security experts.

Bitcoin is taking the world by storm. The decentralized digital currency is a secure payment platform that anybody can use. It is free from government interference and operated by an open, peer-to-peer network.

This independence is one reason Bitcoin has become so popular, causing its value to rise steeply. At the beginning of 2017, a single bitcoin was worth around $1,000. By November 2017, this had risen to around $7,000. Indeed, the total value of the cryptocurrency market is some $150 billion.

A crucial feature of Bitcoin is its security. Bitcoins have two important security features that prevent them from being stolen or copied. Both are based on cryptographic protocols that are hard to crack. In other words, they exploit mathematical functions, like factorization, that are easy in one direction but hard in the other—at least for an ordinary classical computer.

Hash Rates for Bitcoin compared to Quantum Network

But there is a problem on the horizon. Quantum computers can solve these problems easily. And the first quantum computers are currently under development. That raises an urgent question: how secure is Bitcoin to the kinds of quantum attack that will be possible in the next few years?

Today, we get an answer thanks to the work of Divesh Aggarwal at the National University of Singapore and a few pals. These guys have studied the threat to Bitcoin posed by quantum computers and say that the danger is real and imminent.

First some background. Bitcoin transactions are stored in a distributed ledger that collates all the deals carried out in a specific time period, usually about 10 minutes. This collection, called a block, also contains a cryptographic hash of the previous block, which contains a cryptographic hash of the one before that, and so on in a chain. Hence the term blockchain. (A hash is a mathematical function that turns a set of data of any length into a set of specific length.)

The new block must also contain a number called a nonce that has a special property. When this nonce is hashed, or combined mathematically, with the content of the block, the result must be less than some specific target value.

Given the nonce and the block content, this is easy to show, which allows anybody to verify the block. But generating the nonce is time consuming, since the only way to do it is by brute force—to try numbers one after the other until a nonce is found. This process of finding a nonce, called mining, is rewarded with Bitcoins. Mining is so computationally intensive that the task is usually divided among many computers that share the reward.

The block is then placed on the distributed ledger and, once validated, incorporated into the blockchain. The miners then start work on the next block. Occasionally, two mining groups find different nonces and declare two different blocks. The Bitcoin protocol states that in this case, the block that has been worked on more will be incorporated into the chain and the other discarded.

This process has an Achilles’ heel. If a group of miners controls more than 50 percent of the computational power on the network, it can always mine blocks faster than whoever has the other 49 percent. In that case, it effectively controls the ledger. If it is malicious, it can spend bitcoins twice, by deleting transactions so they are never incorporated into the blockchain. The other 49 percent of miners are none the wiser because they have no oversight of the mining process.

That creates an opportunity for a malicious owner of a quantum computer put to work as a Bitcoin miner. If this computational power breaks the 50 percent threshold, it can do what it likes. So Aggarwal and co specifically examine the likelihood of a quantum computer becoming that powerful on the network. They look at the projected clock speeds of quantum computers in the next 10 years and compare that to the likely power of conventional hardware.

Their conclusion will be a relief to Bitcoin miners the world over. Aggarwal and co say that most mining is done by application-specific integrated circuits (ASICs) made by companies such as Nvidia. This hardware is likely to maintain a speed advantage over quantum computers over the next 10 years or so.

“We find that the proof-of-work used by Bitcoin is relatively resistant to substantial speedup by quantum computers in the next 10 years, mainly because specialized ASIC miners are extremely fast compared to the estimated clock speed of near-term quantum computers,” they say.

But there is a different threat that is much more worrying. Bitcoin has another cryptographic security feature to ensure that only the owner of a Bitcoin can spend it. This is based on the same mathematics used for public-key encryption schemes.

The idea is that the owner generates two numbers—a private key that is secret and a public key that is published. The public key can be easily generated from the private key, but not vice versa. A signature can be used to verify that the owner holds the private key, without revealing the private key, using a technique known as an elliptic curve signature scheme. In this way, the receiver can verify that the owner possesses the private key and therefore has the right to spend the Bitcoin.

The only way to cheat this system is to calculate the private key using the public key, which is extremely hard with conventional computers. But with a quantum computer, it is easy. And that’s how quantum computers pose a significant risk to Bitcoin. “The elliptic curve signature scheme used by Bitcoin is much more at risk, and could be completely broken by a quantum computer as early as 2027,” say Aggarwal and co.

Indeed, quantum computers pose a similar risk to all encryption schemes that use a similar technology, which includes many common forms of encryption. There are public-key schemes that are resistant to attack by quantum computers. So it is conceivable that the Bitcoin protocols could be revised to make the system safer. But there are no plans to do that now.

Bitcoin is no stranger to controversy. It has weathered various storms over its security. But that is no guarantee that it will cope well in the future. One thing is sure: the pressure to change will increase as the first powerful quantum computers come online in the next few years.
By: Emerging Technology from the arXiv