Double-Spending Explained
As Bitcoin is digital, not physical currency, there is a possibility that such transactions can be copied and rebroadcasted. This could lead to the same Bitcoin being spend twice by its holder.
The Bitcoin Core network verifies each recorded transaction within the Bitcoin blockchain by using a Proof-of-Work (PoW) algorithm, thus protecting it against double-spending.
How Bitcoin Handles the Double Spending Problem
The double spending problem is managed by implementing a confirmation mechanism and sustaining a universal ledger (called “blockchain”), which works similarly to a traditional cash monetary system.
Bitcoin’s blockchain has been keeping a chronologically-ordered, time-stamped transaction ledger from its inception back in 2009. Every 10 minutes, a block- which represents a group of transactions, is added to the ledger. And all the nodes on the Bitcoin network record a copy of the blockchain. When you try to spend a BTC twice, you again sign and send the same 1 BTC on another Bitcoin address to try and trick the person receiving the funds.
Both transactions are then sent into the unconfirmed pool of transactions. But only the first transaction was confirmed and verified by miners in the next block. The second transaction could not get enough confirmations because the miners considered it to be invalid, thus it is removed by the network.
But when miners remove the transactions simultaneously from the pool, then whichever transaction receives the maximum number of confirmations from the network will be put in the blockchain, and the other one will be rejected. That’s why merchants are recommended to wait for a minimum of 6 confirmations. This means that after a transaction was added to the blockchain, 6 more blocks having more transactions were added after it.
Confirmations are just blocks comprised of more transactions that are being added to the blockchain. Each transaction and block is mathematically connected to the previous one.
The confirmations and transactions are time-stamped on the blockchain, which makes them irreversible and impossible to be modified.
So if the minimum number of confirmations is received by the merchant, he or she can be sure it was not double spent by the sender.
Majority Attack (51% Attack)
If somehow an attacker manages to gain control of 51% of the hash power of the network, double spending can occur.
But no attack of this kind happened so far because taking over 51% of the network is a cost-intensive process. It depends on the current mining difficulty, the hardware price, and the electricity cost, all of which is not practical to acquire.
Race Attack
If the same coin is sent to two different addresses in rapid succession, the obvious result would be that only one of them will get included.
Traders that accept a payment immediately on seeing “0/unconfirmed” risk having their transaction reversed. Fraud can be attempted by sending a transaction paying the merchant directly, and sending a conflicting transaction which allows the sender to spend the coin on the rest of the network. It is possible that the second conflicting transaction will be mined into a block and recognized as being genuine by the node.
Once the customer executes both transactions, they are sent to an unconfirmed pool of transactions. Whichever transaction receives verification first and the 6 confirmations will be accepted, and the other will be removed.
So far, no such attack has been successful.
Finney attack
Another attack is when a trader accepts payment on 0/unconfirmed. The Finney attack is a fraudulent double-spend that requests the miner to participate after a block has been mined.
The risk of a Finney attack cannot be eliminated regardless of what precautionary measure the merchant takes, but an amount of miner hash power is required and a specific sequence of events must take place. Similar to the race attack, a trader or merchant should take into consideration the cost/benefit when accepting payment on just one confirmation when there is no way of combating the attacker.
A Finney attack works with the attacker generating blocks infrequently. In each generated block, a transfer from address A to address B is included, both of which are controlled by him. To enable the fraud, when he generates a block, he doesn’t broadcast it across the network.
Instead, he makes a payment to your address C with his address A. You will be then made to wait a few seconds for double-spends, not receiving any confirmations, and then the goods are transferred. He then broadcasts his block, and his transaction will take priority over yours.
Real Cases of Double-Spends
In November 2013 the GHash.io mining pool seemed to be engaging in recurrent payment fraud against BetCoin Dice, a gambling site. These types of sites use one transaction per bet and don’t wait for them to be confirmed.
GHash.io claimed that the problem was because of a rogue employee who had been doing the double spending and was subsequently laid off. However, no proof to support this was found and the incident damaged the pool’s reputation.
Conclusion
There are many other ways of executing a double-spend, but the development team is constantly working for ways of countering the exploitation of these vulnerabilities.