## Cryptology ePrint Archive: Report 2020/1367

Costs of an Attack Against Proof-of-Work

Loïc Etienne

Abstract: Bitcoin is a blockchain whose immutability relies on Proof-of-Work: Before appending a new block, some so-called miner has to solve a cryptographic challenge by brute force. The blockchain is spread over a network of faithful miners, whose cumulated computing power is assumed to be so large that, among other things, it should be too expensive for an attacker to mine a secret fork $n$ blocks longer than the main blockchain, provided that $n$ is big enough. For a given targeted advance of $n$ blocks, we investigate the expected time for the attacker to mine such a secret fork, the underlying cumulative distribution function, and some related optimization problems.

Category / Keywords: cryptographic protocols / Bitcoin, Blockchain, Proof-of-Work, Double-spending