Skip to content

Double Spend or Double Spend Attack on Bitcoin: Myth or Reality?

July 5, 2020

51% attack

A 51% attack is an attack in which a malicious actor or group of actors manages to gain 51% of the computing power of a network that uses proof of work. With this power, the actors could significantly impair the functioning of the network.

For example, You could change the operation of the network so that it adheres to different consensus rules and results in a hard fork that affects the rest of the nodes and users because the network cannot be used properly.. It also opens up the possibility of changing the transactions and confirmed blocks of the network, which enables duplicate expenses, and even approving false transactions that allow them to illegally receive money within the network.

This type of attack was described by Satoshi Nakamoto in the Bitcoin white paper and has since become one of the main concerns of the community that Bitcoin supports. To avoid this, the decentralization of computing power must be increased. This means that more and more different actors are participating in the network. So í It prevents one (or some) from having so much computing power on the network. The greater diversification also causes the overall performance of the network to increase, making it more difficult to reach the 51% required to successfully carry out these types of attacks.

Double Spend or Double Spend Attack on Bitcoin: Myth or Reality?Double Spend or Double Spend Attack on Bitcoin: Myth or Reality?

Related topics: Promoting a 51% attack on the Bitcoin network costs 93 BTCs per hour

Finney attack

Hal Finney is one of the most famous characters in the Bitcoin world, and the reason is that after Satoshi Nakamoto, he was the first to operate a Bitcoin node. It is more, Hal Finney received The first Bitcoin transaction with a total of 10 BTC directly from Nakamoto. During his time in the Bitcoin community, Finney was enthusiastic about Bitcoin technology and worked together. to the extent of its possibilities with its development.

But Finney would get the community’s attention, When he spoke on February 13, 2011 in the Bitcointalk forum about the possibility of an attack with double spending on Bitcoin. Finney’s exact words were:

Suppose the attacker is occasionally generating blocks. In each block that it generates, it contains a transfer from address A to address B that it controls.

When creating a block, do not transfer it to deception. Instead, go to your store and pay with your address A to your address C. Wait a few seconds, hear nothing and take the products. You now stream your block and your transaction will take precedence over yours.

That described called powerfully the community’s attention, especially from Gavin Andresen, who commented:

I think the real danger is that a big mining operator will start a secondary company that will sell in its blocks space for this kind of deliberate double spending. When they generate a block, they can send a text message to a group of people who say, “Try to output NOW.”

I wonder if there is a way to stop this kind of anti-social behavior. Could the network see what was done and “avoid” this miner’s blocks?

Clear, Gavin recognized the problem and in fact the problem still exists today. The Finney attack is certainly complex and requires the participation of a miner with great computing power. But it is doable and worst of all, it cannot be mitigated properly without changing the consensus protocol and validation of Bitcoin network transactions.

Career attack

The Race Attack is a type of duplicate spending that affects Bitcoin merchants or users who accept payments without confirmation. Basically this attack is that the attacker makes a payment to a merchant with some coins and at the same time carries out another transaction with these coins to send them to another address that he controls. By manipulating the commissions of both transactions (lowering the commission of the first and increasing the commission of the second), these types of attacks can be more likely to succeed. Especially when the mempool is overloaded and miners only prioritize transactions with higher fees.

This is another example of why é Users of cryptocurrencies like Bitcoin are advised to wait at least three or more confirmations to consider a transaction complete.

Vector76 attack

The Vector76 attack was an attack by bitcointalk user vector76. On August 17, 2011, vector76 commented on Bitcointalk users ó The following in the forum:

You don’t have to extract 2 blocks in a row. Mining a single block is sufficient if the network resolves the branch as desired and things can possibly be configured to be likely.

Suppose you have observed the time at which the nodes transmit transactions and how they spread across the network. By looking at what nodes are the first to transfer transactions from my destination that I have managed to connect directly to my destination.

He used a similar method of viewing mass mailings to connect with most mining groups.

Now I’m creating a transaction by making a large and valid deposit on my goal. I am not transferring this transaction, but I am adding it to a block that I want to extract. Only me, as usual, except that I have an additional unbroadcast TX that I include.

I finally did it Create a valid block. I don’t send it right away, but I’ve waited; Until someone removes a block and in this case I send my block to my destination immediately. If my target sees my block before the other block, it will be accepted and my transaction will be a confirmation. The blockchain has been forked, and my target (and possibly other nodes if my target is retransmitted fast enough) believe my block is correct, while other nodes believe the other fork is correct.

I immediately request a withdrawal and my target generates a transaction that sends the large amount of coins to an address that I control. I also issued some of the tickets twice, sent me the coins. The part of the network that was not received My first block (which hopefully is the majority of miners) will accept This is considered valid and will work to be included in the next block.

When my block finally “wins” because enough miners saw my block first and added it first, I simply made a deposit and withdrawn and I don’t lose anything.

However, if my block finally “loses”, the repository becomes invalid. If the TX deposit was not one of the entries for the withdrawal transaction, the withdrawal is still valid.

What is described here by vector76 is a double-spending attack that manipulates the network to validate a clearly illegal transaction. Basically, this attack causes a trader and even an exchange to believe that a transaction sent to your address is valid.

But the truth, is that this transaction was contained in a pre-made block and sent to the network. A block that was exclusively and exclusively prepared to make the double cost attack valid. As a result, the attacker’s pre-built block and the actual network block attempt to reach as many nodes as possible. The one who achieves this goal (replication on the blockchain copy of most nodes) is the block that wins. However, if the attacker succeeds in establishing the most relevant connections within the network from the start, á this goal (replicate your block) with extreme ease.

This type of attack is possible because it relies on two structural points from Bitcoin. First, Bitcoin nodes mostly have connections to public IP addresses. It is easy for a hacker to observe the flow of information within the network and to know which nodes are relevant (with the largest number of connections). Is this knot, The attacker can connect nodes under his control and send information to the appropriate nodes to use them. By connecting these malicious nodes to their victims, they can “see” a version of the string that is tailored to what they need to successfully execute their attack.

The second error is caused by the Bitcoin network’s operating log. Bitcoin uses its own network protocol based on the best Kademlia protocol and the Gossip protocol. This makes the Bitcoin network very secure and fast. Nbsp; This is used in the attacker’s favor to quickly spread his prefabricated block over the network. This activates the Bitcoin protocol: the valid blockchain is the one that most nodes accept and the longest. So í The success of your attack is guaranteed.

Eclipse attack

The Eclipse Attack is now an attack where A hacker disrupts a target’s connection and forwards it to a group of nodes and miners that it manipulates. If the attacker succeeds in carrying out the attack, he can manipulate the target at will. In this way, you can, for example, make a trader believe that a particular transaction has been confirmed X times. If the truth is that it received false information from a manipulated node all the time.

These types of attacks are possible in Bitcoin due to the opening up of the network. In fact, Attack Vector76 uses a system that is similar to Eclipse Attack. Nbsp; In addition, the Eclipse attack can do something dangerous. You can manipulate the miners by sharing their power and mining them for an alternative and manipulated version of the blockchain.

This type of attack was described by a team of specialists at the USENIX Security Symposium in 2015.

Related: Duplicate spending on Bitcoin is difficult, given the alleged problem