What is Double-Spending?
The primary goal of blockchain technology is to create a reliable and secure digital money system. Before Bitcoin was invented, there were several attempts to design a similar system, but all faced the issue of double-spending. This refers to the repeated spending of the same funds, which can undermine the integrity of the entire system. In decentralized systems, double-spending occurs when an account sends the same amount of funds to multiple recipients simultaneously, before the first transaction is confirmed in a block.
Double-spending is a scenario in which a transaction utilizes the same input as another transaction that has already been broadcast on the network. In the digital world, bytes (digital data) are much easier to copy than physical paper money. This issue poses a serious threat, as it can lead to inflation and a lack of confidence in the currency, ultimately rendering it worthless.
To combat double-spending, robust crypto wallets and effective consensus mechanisms are essential. Using the best crypto wallet can help ensure that your transactions are secure and legitimate. When engaging with a crypto exchange, it’s crucial to choose the best crypto exchange that implements stringent measures to prevent double-spending. Additionally, when participating in crypto to crypto exchange, understanding the risks associated with double-spending is vital for maintaining trust and value within the cryptocurrency ecosystem.
Double-spending example
Imagine: A person comes into a cafe and buys a cup of coffee for $5, the money is transferred to the cash desk and it is impossible to spend these funds twice. Digital currencies are not physically transferred, so the funds remain in the wallet before the transaction is verified and executed. It means that a re-payment (double-spending) is possible in the period between sending and confirming the transaction.
In the case of a cup of coffee, the person has paid in cash, so the payment was confirmed immediately by the cashier and the cash register. In the field of digital money, anyone can copy the funds and make a double-spent anywhere else. Such a scheme is present in real life, for example, the same apartments can be sold to a few people by fraud. Due to the red tape, it takes time for the change of ownership to be reflected in the registries.
Blockchain as a decision
The blockchain concept solves the problem of double-spending with the transaction confirmation mechanism. It is a ledger, which keeps a chronologically ordered record of transactions with timestamps. For example, in the Bitcoin network, a block containing a group of transactions is added to the ledger every 10 minutes, and all the nodes save a copy of the blockchain. Bitcoin uses a consensus algorithm known as Proof-of-Work (PoW) to avoid the need for centralized control. Instead of requiring a trusted third party to verify that transactions are not duplicated, a decentralized group of miners performs this task. Blockchain ensures that it can be proven that any user spending BTC really is in possession of those bitcoins.
Suppose you have 1 BTC that you’re trying to spend twice. You sent 1 BTC to the B wallet from your BTC-address, then sign and send the same 1 BTC to the wallet C. Both transactions go to an unconfirmed pool of transactions: the first transaction (to B wallet) has been verified by the miners, confirmed, and added to the new block. The second transaction (to wallet C) does not receive a sufficient number of confirmations, as it is already considered invalid by the miners. What happens if both transactions are accepted simultaneously by the miners? The transaction which receives the maximum number of confirmations will be included in the blockchain. The other is not going to be added. In order to be safe, the recipient needs to wait for a couple of confirmations. Until the transaction is confirmed and received, it is not considered to have been executed. Confirmations are blocks containing all the transactions that have been validated by the blockchain. All the blocks are linked to the previous ones, and therefore all the transactions are also linked. A transaction does not necessary to be confirmed earlier than the other, but must be in the longest chain.
Types of attack
There are different types of hacker attacks on the network in the cryptocurrency world.
Race attack
The attacker sends the same coins to two different addresses very quickly. The seller accepts the fact of payment without confirmation from the network. Thus, only one of the recipients will receive the funds.
Finney attack
In this case, the hacker must also be a miner. The attacker sent coins from his wallet A to their Wallet B and then tryes to find a block with this transaction. After that, he’s going to make the same transaction to the seller wallet C. If the seller considers that the goods have been paid, without confirming the transaction on the network, the attacker will choose the block with the first transaction (from wallet A to wallet B) and validate it. The transaction sent to wallet C will remain unconfirmed.
Vector76 attack
It is a combined attack made up of the two schemes described above. Vector76 is based on intentional block branching and lasts only 10 minutes.
Brute force attack
After the recipient receives the necessary number of confirmations and ships the goods, the attacker branches (forking) the blockchain and receives the funds back. The success of the attack depends directly on the hashing power of the fraudster ‘s equipment.
Attack 51%
If the attacker holds most of the network’s power (more than 51%), double-spending is possible according to the scheme described above, but with a 100% guarantee of success. An attacker is able to generate blocks faster than the rest of the network and creates their own blockchains for dishonest transactions.
Summary
You need to wait for a few confirmations to ensure security and protection against double-spending. The more blocks added the more secure the transaction is:
- 0 confirmations: the transaction has been broadcast across the network but has not been included in any block. So-called unconfirmed transactions are not be trusted.
- 1 confirmation: The transaction has been validated and included in a block, and the double-spend risk decreases but is still possible.
- 6 confirmations: In the case of Bitcoin, the network has spent one hour protecting the transaction and an attacker would require a significant amount of network hashing power to make double-spend.
As you see one confirmation is not enough, it is recommended to wait for 6 or more network confirmations. After successful completion, users will be able to see the transaction data in the wallet with their identifier. Anyone can find an identifier using a blockchain explorer to check the number of confirmations that have been made for a particular transaction.