Has there ever been an insecure proof-of-work problem used in practice?

[jvanname]

So one of the most common differences between Bitcoin and many of the altcoins is their proof-of-work problem. I am wondering if there is any cryptographic insecurity in any of these proof-of-work problems such as if an entity is able to solve the POW problem much more efficiently than by using the intended algorithm. For example, if one can find an exceptionally low hash in a way other than trying all of the possible inputs to be hashed, then one would consider such an algorithm to be insecure. I am more interested in an insecurity which has been exploited in practice while mining the cryptocurrency as opposed to a purely theoretical insecurity. I am only interested in an insecurity stemming from bad cryptography rather than from a low hash rate or from a mix between POW and POS.

[Undefined31415]

So one of the most common differences between Bitcoin and many of the altcoins is their proof-of-work problem. I am wondering if there is any cryptographic insecurity in any of these proof-of-work problems such as if an entity is able to solve the POW problem much more efficiently than by using the intended algorithm. For example, if one can find an exceptionally low hash in a way other than trying all of the possible inputs to be hashed, then one would consider such an algorithm to be insecure. I am more interested in an insecurity which has been exploited in practice while mining the cryptocurrency as opposed to a purely theoretical insecurity. I am only interested in an insecurity stemming from bad cryptography rather than from a low hash rate or from a mix between POW and POS.

Have you considered looking at research being done in quantum computation & quantum information sciences? There's still some debate on which algorithms would be made trivial by quantum computing devices.

[LoneRangir]

There was a big SHA-1 collision published earlier this year.

You can google 'SHA-1 collision', or read this posting below.  There was a lot of coverage on this topic in the beginning of the year.

https://en.wikipedia.org/wiki/SHA-1#SHAttered_%E2%80%93_first_public_collision

It took 'only' 25 years or so to break.

It's probably a matter of time, but the POW algo can always be changed in the future.

[jvanname]

So one of the most common differences between Bitcoin and many of the altcoins is their proof-of-work problem. I am wondering if there is any cryptographic insecurity in any of these proof-of-work problems such as if an entity is able to solve the POW problem much more efficiently than by using the intended algorithm. For example, if one can find an exceptionally low hash in a way other than trying all of the possible inputs to be hashed, then one would consider such an algorithm to be insecure. I am more interested in an insecurity which has been exploited in practice while mining the cryptocurrency as opposed to a purely theoretical insecurity. I am only interested in an insecurity stemming from bad cryptography rather than from a low hash rate or from a mix between POW and POS.

Have you considered looking at research being done in quantum computation & quantum information sciences? There's still some debate on which algorithms would be made trivial by quantum computing devices.

Hash functions are generally thought to be secure against quantum attacks. Public key cryptosystems are the ones which quantum computers will have an advantage against.