An attacker stole over $1.6 million by spending the same tokens more than once on the Ethereum Classic chain. The hack remains one of the record-breaking double-spending attacks in history. Double spending is a fatal attack that every blockchain should do its best to avoid.
It can also happen to regular users. Knowing the inner workings of double-spending and how it can unfold will help you keep your assets safe.
What Is Double-Spending?
Double-spending is a form of exploit where the manipulator spends the exact crypto more than once. It has some interrelated historical background with the Byzantine Generals’ Problem, which reflects the challenge of achieving consensus with no central authority. The technological design behind Bitcoin eventually fixed this problem. To date, the Bitcoin network itself has never witnessed a double-spend problem. But Ethereum has faced it several times due to its complex operating mechanism.
How does double-spending happen?
Double spending is when someone spends the same cryptocurrency twice.
Recall that blockchains are a series of transaction blocks. A new block must have a hash, an important cryptographic function that contains all the details about public transaction data and the date when the new block was added.
Double-spending happens when services consider a non-final block as a final one. It can also occur when services do not confirm transactions well, thereby spending the due payment for a transaction more than once.
Another notable cause of double-spending problems is flawed smart contract logic. The users can possibly spend the same tokens twice if there is no sound signature validation to checkmate this act.
Can double-spending problems happen in real life?
Double-spending problems exist in all facets of financial transactions, whether online or offline. But the mode of occurrence differs based on each context. This is a real-life scenario of how it can happen:
John told Alice or Bob on a video call that one of them will pay Jane 200$ in cash. Jane approached Alice and demanded $200, which she got. That should suffice for their agreement. But before Alice told Bod that she already gave Jane 200$, Jane already comes to Bob and asks for 200$. Bob gave her the $200 because he wasn’t aware that Jane had earlier paid Alice and didn’t expect her to be so tricky.
In the above scenario, Alice and Bob paid Jane twice. That is also double-spending within this context.
Double-Spending Attacks
They appear in various forms, including:
- Finney Attack
Hal Finney came up with the idea of this attack. The hacker mines a block and includes a transaction where they send funds from wallet A to wallet B. But they wait to broadcast this.
While this happens, they pay a vendor for a product and send funds to their wallet C. After the vendor might have waited for some minutes without getting an alert, they can assume that the transaction is still in the mempool and transfer the product. The attacker can now broadcast his block. At this point, their first transaction to wallet A overtakes the most recent one to wallet C. So the vendor never receives the payment, while the attacker has sent the same funds to his other wallet.
- Race Attack
ByteCoin, a senior member of the Bitcoin network, coined the phrase. The race happens when two transactions run to get into a block first. The transaction that gets in is deemed successful, while the one that doesn’t make it fails.
This is how an attacker carries out a race attack: They send a victim some crypto but never broadcast it. Simultaneously, the attacker makes another transaction with the same crypto and broadcasts it to the network. The validators approve adding the second transaction to the block first since it is the first they see. The victim’s transaction has lost the race to the block. Hence, the payment never succeeds.
- 51% attack
A 51% attack is when one entity takes control over a blockchain network as a majority staker, and causes network disruption. With that, they gain the power to do and undo: prevent transactions from confirming, re-write transaction history, and execute double-spend transactions.
How to Prevent Double-Spending Attacks
Sound Consensus Mechanisms
Double-spending can never occur in a blockchain with a sound consensus mechanism. Consensus mechanisms enable miners or validators to properly perform their duty of maintaining the integrity of the network. Its security-tight logic and design will prevent accidental or voluntary double-spending issues by default.
Inclusion of Nonce to Prevent Replay Attacks
Nonce is a difficult cryptographic value that must be hashed before a block can be mined. The value of nonces can only be used once. They help secure the blockchain against replay attacks because their values cannot be duplicated. Nonces maintain the integrity of each block.
Timestamps
Each successful transaction has a timestamp. A timestamp proves that a particular block was added to a chain at a specified time. A block becomes irreversible the moment it is timestamped. Any conflicting transactions that attempt to double-spend the crypto in a timestamped block regular users fail.
High Node Operation Cost
Double-spending manipulation often requires that the attacker manages one or more nodes. In the case of a 51% attack, the hacker needs to dominate more than half of the nodes within the network.
A major way blockchains can mitigate the double-spending is to raise the bar of node operation. For instance, Ethereum requires staking 32 ETH ($54,135) to become a node manager. This requires any double-spender to forgo a significant amount of money.
Centralized Supervision
Double spending can rarely happen in the traditional banking system because there are authorities that monitor and approve each transaction. It is impossible to spend the same note twice. Blockchains can also adopt this security check. After all, double-spending happens because there is no single centralized entity to verify transactions. However, this solution is a dilemma because it breaches the idea of decentralization. Hence, the reason some blockchains might never adopt this method.
Confirm if UXTO Has Been Spent
Unspent Transaction Output is a loop of information about the history and the current state of a transaction. Each transaction on the blockchain has an output that can become the new input in a fresh transaction. This new input becomes the new UXTO only after a user has spent it. Preventing double-spend means including a system to check whether or not a UXTO has been spent.
Blockchain Protocol and Smart Contract Audit
Double-spend problems often exist due to vulnerabilities in the inner working of a blockchain protocol and even smart contract. The best way to discover and fix this high-severity vulnerability is a thorough and professional audit.
How can regular users avoid falling victim to double-spending?
Apart from blockchains, regular users can also be victims of double-spending. The main check is to wait for 6 block confirmations. The receiving parties can fall for Finney Attack and Race Attack by assuming that a transaction will go through when there are only one or two confirmations.
A transaction can neither be reversed nor overridden once there are 6 block confirmations. Usually, there should be 6 block confirmations within 3 to 30 minutes at most.
But some users can be quite impatient or presumptuous. The best approach is to wait for 6 block confirmations, no matter how long it takes, to be double-sure the transaction was successful. Most blockchains have recently developed a rule to speed up the pace of the confirmations so there won’t be a space for foul play.